An Efficient Intrusion Detection Model for Edge System in Brownfield Industrial Internet of Things

The Industrial Internet of Things (IIoT) is bringing control systems online leading to significant innovation in industry and business. However, this development also comes with new cybersecurity threats. As much of the value of IIoT systems resides at the edge tier, this makes them potentially desired targets for attackers. Protecting edge physical systems by monitoring them and identifying malicious activities based on an efficient detection model is therefore of utmost importance. This paper proposes a detection model based on deep learning techniques that can learn and test using data collected from Remote Telemetry Unit (RTU) streams of gas pipeline system. It utilizes the sparse and denoising auto-encoder methods for unsupervised learning and deep neural networks for supervised learning to produce a high-level data representation from unlabeled and noisy data. Our results show that the proposed model achieves superior performance in identifying malicious activities.

[1]  Xue Wang,et al.  Comparison deep learning method to traditional methods using for network intrusion detection , 2016, 2016 8th IEEE International Conference on Communication Software and Networks (ICCSN).

[2]  Robert C. Atkinson,et al.  Threat analysis of IoT networks using artificial neural network intrusion detection system , 2016, 2016 International Symposium on Networks, Computers and Communications (ISNCC).

[3]  Mark A. Buckner,et al.  An Evaluation of Machine Learning Methods to Detect Malicious SCADA Communications , 2013, 2013 12th International Conference on Machine Learning and Applications.

[4]  Yuefei Zhu,et al.  A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks , 2017, IEEE Access.

[5]  Yan Zhang,et al.  Command Disaggregation Attack and Mitigation in Industrial Internet of Things , 2017, Sensors.

[6]  Ali Gökhan Yavuz,et al.  Network Anomaly Detection with Stochastically Improved Autoencoder Based Models , 2017, 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud).

[7]  F. Richard Yu,et al.  A Multi-Level DDoS Mitigation Framework for the Industrial Internet of Things , 2018, IEEE Communications Magazine.

[8]  Nour Moustafa,et al.  Identification of malicious activities in industrial internet of things based on deep learning models , 2018, J. Inf. Secur. Appl..

[9]  Wenjing Hu,et al.  Anomaly detection and fault analysis of wind turbine components based on deep learning network , 2018, Renewable Energy.

[10]  Ian P. Turnipseed,et al.  Industrial Control System Simulation and Data Logging for Intrusion Detection System Research , 2015 .

[11]  Paul Honeine,et al.  Intrusion detection in scada systems using one-class classification , 2013, 21st European Signal Processing Conference (EUSIPCO 2013).

[12]  Nishchal K. Verma,et al.  Fuzzy Rule Reduction using Sparse Auto-Encoders , 2015, 2015 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE).

[13]  Furkan Yusuf Yavuz,et al.  Deep learning in cyber security for internet of things , 2018 .

[14]  Mohamed Amine Ferrag,et al.  A Novel Intrusion Detection Mechanism for SCADA systems which Automatically Adapts to Network Topology Changes , 2017, EAI Endorsed Trans. Ind. Networks Intell. Syst..

[15]  Jin Wei,et al.  Real-Time Detection of False Data Injection Attacks in Smart Grid: A Deep Learning-Based Intelligent Mechanism , 2017, IEEE Transactions on Smart Grid.

[16]  Anamika Yadav,et al.  Performance analysis of NSL-KDD dataset using ANN , 2015, 2015 International Conference on Signal Processing and Communication Engineering Systems.

[17]  Kyriakos Stefanidis,et al.  An HMM-Based Anomaly Detection Approach for SCADA Systems , 2016, WISTP.

[18]  Kazukuni Kobara,et al.  Cyber Physical Security for Industrial Control Systems and IoT , 2016, IEICE Trans. Inf. Syst..

[19]  Geoffrey E. Hinton,et al.  Deep Learning , 2015, Nature.

[20]  Riccardo Taormina,et al.  Real-Time Detection of Cyber-Physical Attacks on Water Distribution Systems Using Deep Learning , 2017 .

[21]  Yuval Elovici,et al.  N-BaIoT—Network-Based Detection of IoT Botnet Attacks Using Deep Autoencoders , 2018, IEEE Pervasive Computing.

[22]  Christian Diedrich,et al.  Deep Feature Extraction for multi-Class Intrusion Detection in Industrial Control Systems , 2017 .

[23]  Yu Chen,et al.  KATE: K-Competitive Autoencoder for Text , 2017, KDD.

[24]  Farzad R. Salmasi,et al.  Detection of false data injection attacks against state estimation in smart grids based on a mixture Gaussian distribution learning method , 2017, IET Cyper-Phys. Syst.: Theory & Appl..

[25]  Manimaran Govindarasu,et al.  Security Evaluation of Two Intrusion Detection Systems in Smart Grid SCADA Environment , 2018, 2018 North American Power Symposium (NAPS).