Research And Implementation Of Web Attack Detection System For Internet Of Vehicles Platform Based On Machine Learning

The development of Internet of vehicles has brought many conveniences to people’s lives,but at the same time,security threats are also increasing.The networked intelligent vehicles enable the attacker to break into the vehicle-mounted network through various ways to obtain vehicle information and even control the vehicle remotely.The cloud platform is an important part of the "cloud-pipe-terminal" architecture of the Internet of Vehicles.Once hacked,all intelligent vehicles connected to the platform may be threatened.As one of the core systems of Io V,the Internet of Vehicles platform inevitably inherits the original vulnerable aspects of communication system and Web application.However,automobile enterprises usually pay more attention to user experience and pay less attention to the potential security risks of the platform.Traditional security facilities such as firewalls can only protect the lower layers of the Io V model,but cannot effectively defend against application-layer Web attacks and Polymorphic attacks.Meanwhile,they also lack the ability of iterative learning.In view of the above problems,this paper deeply analyzes the major Web attack technology and traditional defense methods,and discusses the vulnerability and attack surface of the Internet of Vehicles platform with attack examples.Aiming at the defects of the existing defense measures,this paper proposes a Web attack detection model of Internet of vehicles platform based on machine learning and a feature extraction method combining comprehensive feature selection and TF-IDF algorithm.Using penetration tool SQLMAP combined with self-developed inline comments and whitespace-polluted tamper script to generate deformed Web attack data,then through the analysis and corresponding processing of real-time HTTP data of the platform and high-quality sample data obtained from multiple channels,the attack text is vectorized to get the eigenvector matrix,and then establish the logistic model and the SVM model.Finally,with the machine model as the core,a Web attack detection system for the Internet of Vehicles platform is designed and implemented,which can detect the traffic of the platform through side deployment.The simulated Internet of Vehicles platform,service host and attack host are used to build an experimental environment,and the verification is carried out from two aspects of medium-scale black and white sample testing and real-time detection of directional Web attacks.The experimental results show that the Web attack detection system can not only realize Web attack identification and real-time detection,but also has the ability to learn and optimize.At the same time,the two machine learning models showed great classification capabilities on the test sample set,and showed good performance in accuracy,recall,and F1-Score indicators,which proved the rationality of the system design.