Two stage malware detection model in internet of vehicles (IoV) using deep learning-based explainable artificial intelligence with optimization algorithms.

Journal: Scientific reports
Published Date: Jul 1, 2025

Abstract

Internet of Vehicles (IoV) is a multi-node network which switches data in an open and wireless environment. Numerous interaction activities occur among IoV entities to share significant information, which is essential for network operation. As part of intellectual transportation, IoV is a hot topic for researchers because it faces numerous unresolved challenges, particularly regarding privacy and security. The development of recent malicious software with the expanding use of digital services has increased the likelihood of stealing data, corrupting data, or other cybercrimes by malware threats. Hence, malicious software should be perceived previously. It impacts a vast amount of computers. Researchers have proposed numerous malware detection solutions for the past few years. Machine learning (ML) and deep learning (DL)-based detection models can decrease analysis time and increase malware detection accuracy. This study proposes a novel Malware Detection Model in the Internet of Vehicles Using Deep Learning-Based Explainable Artificial Intelligence (MDMIoV-DLXAI). The main intention of the MDMIoV-DLXAI model is to enhance the malware detection and classification model in IoV by utilizing advanced two-tier optimization models. Initially, the data normalization stage is performed by the min-max normalization to convert input data into a beneficial format. Besides, the proposed MDMIoV-DLXAI model utilizes the reptile search algorithm (RSA) model for feature selection. Furthermore, the hybrid of bidirectional long short-term memory with a multi-head self-attention (BiLSTM-MHSA) model is employed for the malware classification process. The parameter tuning process is performed through the pelican optimization algorithm (POA) to improve the classification performance of the BiLSTM-MHSA classifier. Finally, SHAP is utilized as an XAI technique to enhance malware detection and decision-making processes of AI-driven security systems. The experimental evaluation of the MDMIoV-DLXAI method is examined under the malware dataset. The comparison study of the MDMIoV-DLXAI method demonstrated a superior accuracy value of 97,393% over existing techniques.

Authors

  • Manal Abdullah Alohali
    Department of Information Systems, College of Computer and Information Sciences, Princess Nourah bint Abdulrahman University, P.O. Box 84428, Riyadh 11671, Saudi Arabia.
  • Sultan Alahmari
    King Abdul Aziz City for Science and Technology (KACST), Cybersecurity Institute, Riyadh, Kingdom of Saudi Arabia.
  • Mohammed Aljebreen
    Department of Computer Science, Community College, King Saud University, P.O. Box 28095, Riyadh 11437, Saudi Arabia.
  • Mashael M Asiri
    Department of Computer Science, College of Science & Art at Mahayil, King Khalid University, Saudi Arabia.
  • Achraf Ben Miled
    Department of Computer Science, College of Science, Northern Border University, 73213, Arar, Saudi Arabia. ashraf.benmilad@nbu.edu.sa.
  • Sami Saad Albouq
    Department of Computer and Information Systems, Islamic University of Madinah, Medina, 42351, Saudi Arabia.
  • Othman Alrusaini
    Department of Engineering and Applied Sciences, Applied College, Umm Al-Qura University, Makkah, Saudi Arabia.
  • Ali Alqazzaz
    Faculty of Computing and Information Technology, University of Bisha, Bisha, Saudi Arabia.

Keywords

No keywords available for this article.

External Resources

Popular Topics
Recent Journals