An Adaptive Trust Boundary Protection for IIoT Networks Using Deep-Learning Feature-Extraction-Based Semisupervised Model

The rapid development of Internet of Things (IoT) platforms provides the industrial domain with many critical solutions, such as joint venture virtual production systems. However, the extensive interconnection of industrial systems with corporate systems in industrial Internet of Things (IIoT) networks exposes the industrial domain to severe cyber risks. Because of many proprietary multilevel protocols, limited upgrade opportunities, heterogeneous communication infrastructures, and a very large trust boundary, conventional IT security fails to prevent cyberattacks against IIoT networks. Recent secure protocols, such as secure distributed network protocol (DNP 3.0), are limited to weak hash functions for critical response time requirements. As a complementary, we propose an adaptive trust boundary protection for IIoT networks using a deep-learning, feature-extraction-based semisupervised model. Our proposed approach is novel in that it is compatible with multilevel protocols of IIoT. The proposed approach does not require any manual effort to update the attack databases and can learn the rapidly changing natures of unknown attack models using unsupervised learnings and unlabeled data from the wild. Therefore, the proposed approach is resilient to emerging cyberattacks and their dynamic nature. The proposed approach has been verified using a real IIoT testbed. Extensive experimental analysis of the attack models and results shows that the proposed approach significantly improves the identification of attacks over conventional security control techniques.

[1]  Hee-Kap Ahn,et al.  Statistical Similarity of Critical Infrastructure Network Traffic Based on Nearest Neighbor Distances , 2018, RAID.

[2]  Dan Ye,et al.  Stochastic coding detection scheme in cyber-physical systems against replay attack , 2019, Inf. Sci..

[3]  Yuwen Chen,et al.  An Anonymous Authentication and Key Establish Scheme for Smart Grid: FAuth , 2017 .

[4]  John H. L. Hansen,et al.  Language/Dialect Recognition Based on Unsupervised Deep Learning , 2018, IEEE/ACM Transactions on Audio, Speech, and Language Processing.

[5]  Cas J. F. Cremers,et al.  Secure Authentication in the Grid: A Formal Analysis of DNP3: SAv5 , 2017, ESORICS.

[6]  Bingsheng He,et al.  ThunderSVM: A Fast SVM Library on GPUs and CPUs , 2018, J. Mach. Learn. Res..

[7]  Meir Kalech,et al.  Cyber-attack detection in SCADA systems using temporal pattern recognition techniques , 2019, Comput. Secur..

[8]  Sung Wook Baik,et al.  Intelligent Embedded Vision for Summarization of Multiview Videos in IIoT , 2020, IEEE Transactions on Industrial Informatics.

[9]  Stephen Hailes,et al.  Security of smart manufacturing systems , 2018 .

[10]  Taha Selim Ustun,et al.  S-GoSV: Framework for Generating Secure IEC 61850 GOOSE and Sample Value Messages , 2019 .

[11]  Ernest Foo,et al.  Extending the cyber-attack landscape for SCADA-based critical infrastructure , 2019, Int. J. Crit. Infrastructure Prot..

[12]  Adriano Valenzano,et al.  Performance Evaluation and Modeling of an Industrial Application-Layer Firewall , 2018, IEEE Transactions on Industrial Informatics.

[13]  Giancarlo Fortino,et al.  A Trust-Based Team Formation Framework for Mobile Intelligence in Smart Factories , 2020, IEEE Transactions on Industrial Informatics.

[14]  Ying Liu,et al.  A Framework for Smart Production-Logistics Systems Based on CPS and Industrial IoT , 2018, IEEE Transactions on Industrial Informatics.

[15]  Simin Nadjm-Tehrani,et al.  Timing-Based Anomaly Detection in SCADA Networks , 2017, CRITIS.

[16]  Pierre Geurts,et al.  Extremely randomized trees , 2006, Machine Learning.

[17]  Asaf Shabtai,et al.  Detecting Cyber Attacks in Industrial Control Systems Using Convolutional Neural Networks , 2018, CPS-SPC@CCS.

[18]  Ing-Ray Chen,et al.  Behavior Rule Specification-Based Intrusion Detection for Safety Critical Medical Cyber Physical Systems , 2015, IEEE Transactions on Dependable and Secure Computing.

[19]  Adrian D. C. Chan,et al.  False Alarm Reduction in Atrial Fibrillation Detection Using Deep Belief Networks , 2018, IEEE Transactions on Instrumentation and Measurement.

[20]  Gilles Louppe,et al.  Understanding Random Forests: From Theory to Practice , 2014, 1407.7502.

[21]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[22]  Taeshik Shon,et al.  Challenges and research directions for heterogeneous cyber-physical system based on IEC 61850: Vulnerabilities, security requirements, and security architecture , 2016, Future Gener. Comput. Syst..

[23]  Ridha Soua,et al.  Integrated protection of industrial control systems from cyber-attacks: the ATENA approach , 2018, Int. J. Crit. Infrastructure Prot..

[24]  Seung Ho Hong,et al.  Hour-Ahead Price Based Energy Management Scheme for Industrial Facilities , 2017, IEEE Transactions on Industrial Informatics.