PAMPOS: Causal Transformer-based Trajectory Prediction for Attack-Agnostic Misbehavior Detection in V2X Networks

Researchers present PAMPOS, a causal transformer-based system that detects misbehavior in Vehicle-to-Everything (V2X) networks by identifying deviations from learned normal driving patterns, achieving up to 98% AUC without requiring labeled attack data during training. This unsupervised approach addresses a critical security gap where cryptographic mechanisms alone cannot prevent insider falsification attacks in connected vehicle systems.

PAMPOS represents a significant advancement in vehicular network security by shifting from supervised to unsupervised anomaly detection. Traditional misbehavior detection schemes require labeled attack samples during training, creating a fundamental vulnerability: they cannot identify novel or previously unseen attack types. This research tackles that limitation by training exclusively on benign trajectory data, leveraging transformer architecture to capture complex temporal patterns in vehicle kinematics.

The security landscape for V2X networks has intensified as autonomous vehicle adoption accelerates. While cryptographic mechanisms protect message authenticity, insider attacks where legitimate network participants transmit falsified position or velocity data remain a critical blind spot. PAMPOS's causal transformer-decoder learns the conditional relationships between sequential vehicle states, enabling it to flag anomalous kinematic predictions regardless of attack methodology. The top-K normalized scoring mechanism further enhances practical deployment by pinpointing which specific features (position, velocity, acceleration) triggered detection.

The evaluation results across 19 attack types with AUC values reaching 0.98 demonstrate robust performance across diverse attack scenarios and traffic conditions. For connected vehicle ecosystem developers and manufacturers, this offers a deployable second-line defense that improves security posture without requiring continuous attack pattern updates. The approach's generalization capability—detecting unseen attacks—directly reduces operational costs associated with threat intelligence cycles.

Looking forward, integration of PAMPOS-style detection into V2X infrastructure requires standardization and real-world validation across diverse vehicle manufacturers and network conditions. The research establishes a credible foundation for production-grade anomaly detection, though latency requirements for real-time vehicle safety decisions warrant further investigation.

• →PAMPOS detects V2X misbehavior by learning normal driving patterns rather than memorizing attack signatures, enabling detection of previously unseen attacks.
• →The system achieves 98% AUC across 19 attack types without requiring labeled attack training data, reducing development and maintenance overhead.
• →Causal transformer architecture captures temporal kinematic relationships, enabling both detection and localization of anomalies to specific vehicle state variables.
• →Unsupervised approach addresses fundamental security gap where cryptographic mechanisms alone cannot prevent insider falsification attacks in connected vehicles.
• →Results validate across multiple traffic scenarios, suggesting potential for real-world deployment in V2X network infrastructure.