Deep-IFS:Intrusion Detection Approach for Industrial Internet of Things Traffic in Fog Environment

Abstract

The extensive propagation of industrial Internet of Things (IIoT) technologies has encouraged intruders to initiate a variety of attacks that need to be identified to maintain the security of end-user data and the safety of services offered by service providers. Deep learning (DL), especially recurrent approaches, has been applied successfully to the analysis of IIoT forensics but their key challenge of recurrent DL models is that they struggle with long traffic sequences and cannot be parallelized. Multihead attention (MHA) tried to address this shortfall but failed to capture the local representation of IIoT traffic sequences. In this article, we propose a forensics-based DL model (called Deep-IFS) to identify intrusions in IIoT traffic. The model learns local representations using local gated recurrent unit (LocalGRU), and introduces an MHA layer to capture and learn global representation (i.e., long-range dependencies). A residual connection between layers is designed to prevent information loss. Another challenge facing the current IIoT forensics frameworks is their limited scalability, limiting performance in handling Big IIoT traffic data produced by IIoT devices. This challenge is addressed by deploying and training the proposed Deep-IFS in a fog computing environment. The intrusion identification becomes scalable by distributing the computation and the IIoT traffic data across worker fog nodes for training the model. The master fog node is responsible for sharing training parameters and aggregating worker node output. The aggregated classification output is subsequently passed to the cloud platform for mitigating attacks. Empirical results on the Bot-IIoT dataset demonstrate that the developed distributed Deep-IFS can effectively handle Big IIoT traffic data compared with the present centralized DL-based forensics techniques. Further, the results validate the robustness of the proposed Deep-IFS across various evaluation measures.

Publication DOI: https://doi.org/10.1109/TII.2020.3025755
Divisions: College of Business and Social Sciences > Aston Business School
College of Business and Social Sciences > Aston Business School > Operations & Information Management
Additional Information: © 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Uncontrolled Keywords: Deep learning (DL),Forensics,Industrial Internet of Things (IIoT),Intrusion detection,Control and Systems Engineering,Information Systems,Computer Science Applications,Electrical and Electronic Engineering
Publication ISSN: 1941-0050
Full Text Link:
Related URLs: http://www.scop ... tnerID=8YFLogxK (Scopus URL)
https://ieeexpl ... ocument/9204463 (Publisher URL)
PURE Output Type: Article
Published Date: 2021-11-01
Published Online Date: 2020-09-22
Accepted Date: 2020-09-01
Authors: Abdel-Basset, Mohamed
Chang, Victor (ORCID Profile 0000-0002-8012-5852)
Hawash, Hossam
Chakrabortty, Ripon K.
Ryan, Michael

Download

[img]

Version: Accepted Version

| Preview

Export / Share Citation


Statistics

Additional statistics for this record