車聯網（IoV）透過無線通訊技術將車輛、路側基礎設施與行人連接起來以實現智慧交通管理、自動駕駛以及即時的車聯萬物（V2X）互動。然而，隨著 IoV 系統的快速發展，其面臨的安全威脅也日益嚴重，尤其是Sybil攻擊：攻擊者偽造多個虛假身份，藉此干擾車聯網運作、操控交通資訊以至於造成嚴重的交通隱患。針對此類攻擊已有許多基於機器學習的Sybil偵測方法已被提出，雖然這些方法在準確率上表現很好，但往往伴隨高昂的運算與通訊成本，造成系統的運行效率下降。為了解決此問題，我們提出一種高效的兩階段Sybil攻擊偵測框架，結合輕量化的規則導向篩選與深度學習的時序資料分析。第一階段中，每輛車輛執行初步的檢測，同時由路側單元（RSUs）持續收集車輛廣播的資料並監測是否有異常行為，一旦發現異常，資料將被傳送至中央IoV伺服器。在第二階段，深度學習模型會分析彙整後的時序資料，進一步精確判斷是否為Sybil節點。這種階層式的偵測方式提升了辨識的準確性，並減少不必要的資料傳輸與計算，可有效降低整體系統負擔。

The Internet of Vehicles (IoV) connects vehicles, roadside infrastructure, and pedestrians through wireless communication technologies to enable intelligent traffic management, autonomous driving, and real-time vehicle-to-everything (V2X) interactions. However, as the IoV system rapidly evolves, it faces increasingly serious security threats—particularly Sybil attacks, where malicious entities forge multiple fake identities to disrupt network operations and manipulate traffic information, potentially leading to severe traffic hazards. To address such threats, many machine learning-based Sybil detection methods have been proposed. Although these methods generally achieve high detection accuracy, they often incur significant computational and communication costs, thereby reducing the overall efficiency of the system. To tackle this issue, we propose an efficient two-stage Sybil detection framework that combines lightweight rule-based filtering with deep learning-based time-series analysis. In the first stage, each vehicle performs preliminary checks, while Roadside Units (RSUs) continuously collect vehicle broadcast data and monitor for abnormal behavior. Once anomalies are detected, the data is transmitted to a centralized IoV server. In the second stage, a deep learning model analyzes the aggregated time-series data to further confirm the presence of Sybil nodes. This hierarchical detection approach not only enhances identification accuracy but also significantly reduces system overhead by minimizing unnecessary data transmission and computation

[1] R. K. P. and A. R. K. P., “A collaborative strategy for detection and eviction of Sybil attacker and Sybil nodes in VANET,” Int. J. Commun. Syst., vol. 34, no. 3, p. e4621, 2021.
[2] A. Paranjothi and M. Atiquzzaman, “Enhancing Security in VANETs with Efficient Sybil Attack Detection using Fog Computing,” Aug. 23, 2021, arXiv: arXiv:2108.10319.
[3] T. Alladi, A. Agrawal, B. Gera, V. Chamola, B. Sikdar, and M. Guizani, “Deep Neural Networks for Securing IoT Enabled Vehicular Ad-Hoc Networks,” in ICC 2021 - IEEE International Conference on Communications, Jun. 2021, pp. 1–6.
[4] D. S, R. R. Shrivastava, P. Narang, T. Alladi, and F. R. Yu, “VADGAN: An Unsupervised GAN Framework for Enhanced Anomaly Detection in Connected and Autonomous Vehicles,” IEEE Trans. Veh. Technol., vol. 73, no. 9, pp. 12458–12467, Sep. 2024.
[5] J. Liang, J. Chen, Y. Zhu, and R. Yu, “A novel Intrusion Detection System for Vehicular Ad Hoc Networks (VANETs) based on differences of traffic flow and position,” Appl. Soft Comput., vol. 75, pp. 712–727, Feb. 2019.
[6] J. Kamel, F. Haidar, I. B. Jemaa, A. Kaiser, B. Lonc, and P. Urien, “A Misbehavior Authority System for Sybil Attack Detection in C-ITS,” in 2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), Oct. 2019, pp. 1117–1123.
[7] R. Missara, H. Yakan, H. Kchok, I. Fajjari, and N. Aitsaadi, “Misbehavior Detection System in V2X 5G Edge Networks based on Transformer,” in 2025 Global Information Infrastructure and Networking Symposium (GIIS), Feb. 2025, pp. 1–6.
[8] T. Alladi, V. Kohli, V. Chamola, F. R. Yu, and M. Guizani, “Artificial Intelligence (AI)-Empowered Intrusion Detection Architecture for the Internet of Vehicles,” IEEE Wirel. Commun., vol. 28, no. 3, pp. 144–149, Jun. 2021.
[9] “Intelligent Transport Systems (ITS); Security; Misbehavior Reporting Service; Release 2,” ETSI TS Standard 103.759, Jan. 2023.
[10] B. D. Greenshields, J. R. Bibbins, W. S. Channing, and H. H. Miller, “A study of traffic capacity,” in Highway research board proceedings, Washington, DC, 1935, pp. 448–477.
[11] H. Grover, T. Alladi, V. Chamola, D. Singh, and K.-K. R. Choo, “Edge Computing and Deep Learning Enabled Secure Multitier Network for Internet of Vehicles,” IEEE Internet Things J., vol. 8, no. 19, pp. 14787–14796, Oct. 2021.
[12] S. Park, D. Kim, and S. Lee, “Enhancing V2X Security Through Combined Rule-Based and DL-Based Local Misbehavior Detection in Roadside Units,” IEEE Open J. Intell. Transp. Syst., vol. 5, pp. 656–668, 2024.
[13] B. Luo, X. Liu, and Q. Zhu, “Credibility Enhanced Temporal Graph Convolutional Network Based Sybil Attack Detection On Edge Computing Servers,” in 2021 IEEE Intelligent Vehicles Symposium (IV), Jul. 2021, pp. 524–531.
[14] R. Sedar, C. Kalalas, F. Vázquez-Gallego, L. Alonso, and J. Alonso-Zarate, “A Comprehensive Survey of V2X Cybersecurity Mechanisms and Future Research Paths,” IEEE Open J. Commun. Soc., vol. 4, pp. 325–391, 2023.
[15] Y. Yu, X. Zeng, X. Xue, and J. Ma, “LSTM-Based Intrusion Detection System for VANETs: A Time Series Classification Approach to False Message Detection,” IEEE Trans. Intell. Transp. Syst., vol. 23, no. 12, pp. 23906–23918, Feb. 2022.
[16] J. Shu, L. Zhou, W. Zhang, X. Du, and M. Guizani, “Collaborative Intrusion Detection for VANETs: A Deep Learning-Based Distributed SDN Approach,” IEEE Trans. Intell. Transp. Syst., vol. 22, no. 7, pp. 4519–4530, Jul. 2021.
[17] R. Sultana, J. Grover, and M. Tripathi, “Cooperative approach for data-centric and node-centric misbehavior detection in VANET,” Veh. Commun., vol. 50, p. 100855, Dec. 2024.
[18] A. Balaram, S. A. Nabi, K. S. Rao, and N. Koppula, “Highly accurate sybil attack detection in vanet using extreme learning machine with preserved location,” Wirel. Netw., vol. 29, no. 8, pp. 3435–3443, Nov. 2023.
[19] S. Rakhi and K. R. Shobha, “LCSS Based Sybil Attack Detection and Avoidance in Clustered Vehicular Networks,” IEEE Access, vol. 11, pp. 75179–75190, 2023.
[20] S. Gyawali, Y. Qian, and R. Q. Hu, “Machine Learning and Reputation Based Misbehavior Detection in Vehicular Communication Networks,” IEEE Trans. Veh. Technol., vol. 69, no. 8, pp. 8871–8885, Aug. 2020.
[21] S. Ercan, M. Ayaida, and N. Messai, “Misbehavior Detection for Position Falsification Attacks in VANETs Using Machine Learning,” IEEE Access, vol. 10, pp. 1893–1904, 2022.
[22] A. Le and C. Maple, “Shadows Don’t Lie: n-Sequence Trajectory Inspection for Misbehaviour Detection and Classification in VANETs,” in 2019 IEEE 90th Vehicular Technology Conference (VTC2019-Fall), Sep. 2019, pp. 1–6.
[23] Z. Liu, H. Xu, Y. Kuang, and F. Li, “SVMDformer: A Semi-Supervised Vehicular Misbehavior Detection Framework Based on Transformer in IoV,” in 2023 IEEE 43rd International Conference on Distributed Computing Systems (ICDCS), Jul. 2023, pp. 887–897.
[24] S. Kumar, A. Vasudeva, and M. Sood, “Sybil Attack Countermeasures in Vehicular Ad Hoc Networks,” in 2022 International Conference on Communications, Information, Electronic and Energy Systems (CIEES), Jan. 2022, pp. 1–6.
[25] A. Afdhal, A. Ahmadiar, and R. Adriman, “Sybil Attack Detection on ITS-V2X System using a Realistic Traffic Model-based Approach,” in 2022 IEEE International Conference on Communication, Networks and Satellite (COMNETSAT), Jan. 2022, pp. 333–338.
[26] SAE, “V2X Communications Message Set Dictionary: SAE J2735,” SAE J2735_202409, SAE International, Sept. 2024.
[27] J. Kamel, M. Wolf, R. W. van der Hei, A. Kaiser, P. Urien, and F. Kargl, “VeReMi Extension: A Dataset for Comparable Evaluation of Misbehavior Detection in VANETs,” in ICC 2020 - 2020 IEEE International Conference on Communications (ICC), Jun. 2020.
[28] A. Vaswani et al., “Attention Is All You Need,” Aug. 02, 2023, arXiv: arXiv:1706.03762.