Skip to main content
SpringerLink
Log in

A new cloud-based cyber-attack detection architecture for hyper-automation process in industrial internet of things

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

With rapid development and deployment of artificial intelligence methods, the Industrial Internet of Things (IIoT) has highly developed to fast tracing industrial communications and optimizing manufacturing processes. In Industry 5.0, hyper-automation process as one of technological trends navigates industrial entities to intelligent devices of the IIoT, cloud computing, smart robotics, smart agile software and embedded components by high complexity and reliability. By increasing data communication in the IIoT environments and cloud computing, the security and safety of hyper-automation process is also increasingly unstable and challengeable with respect to cyber-attacks, unstructured malwares and abnormal activities. With the diversification and unexpected behaviors of cyber-security threats, traditional cyber-attack detection systems have some critical problems with increasing massive data including unappropriated feature selection and extraction, high computation time in prediction and inaccurate classification models. Due to the above-mentioned challenges, this paper presents a new cloud-based cyber-attack detection architecture based on Ensemble Bagged Trees Detection (EBTD) algorithm for predicting malicious behaviors and types of cyber-attacks for hyper-automation process in the IIoT. The proposed architecture uses Analysis of Variance (ANOVA) and a priority-based feature selection and extraction model to find the optimal features with highly dependent on the network traffic, computation time, malicious behaviors, and types of attacks. Then, experimental results are conducted using the technical data sets UNSW-NB15 and NSL-KDD. The simulation results show that the proposed architecture performance performs better than other case studies and prediction models and effective on optimization of large-scale cyber-attack detection systems for critical hyper-automation process in the IIoT environment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14

Similar content being viewed by others

Data availability

The datasets are available as open source materials in Kaggle.

References

  1. Song, L., Rho, S.: Hidden target recognition method for high-speed network security threats based on attack graph theory. J. High Speed Netw. 10, 1–14 (2023)

    Google Scholar 

  2. Pour, M.S., et al.: A comprehensive survey of recent internet measurement techniques for cyber security. Comput. Sec. 27, 103123 (2023)

    Article  Google Scholar 

  3. Bhuvaneshwari, B., et al.: Artificial intelligence enabled luong attention and Hosmer Lemeshow regression window-based attack detection in 6G. Int. J. Commun. Syst. 36, e5571 (2023)

    Article  Google Scholar 

  4. Alhanaya, M., Al-Shqeerat, K.: Developing an integrated framework for securing internet of things traffic in smart cities using machine learning techniques. Appl. Sci. (2023). https://doi.org/10.3390/app13169476

    Article  Google Scholar 

  5. Rajarao, B., Sreenivasulu, M.: FD-DBN: flow directed deep belief network for accurate anomaly detection in cloud computing. Int. J. Commun. Syst. 10, e5592 (2023)

    Article  Google Scholar 

  6. Attou, H., et al.: Towards an intelligent intrusion detection system to detect malicious activities in cloud computing. Appl. Sci. 13, 9588 (2023). https://doi.org/10.3390/app13179588

    Article  Google Scholar 

  7. Hazman, C., et al.: lIDS-SIoEL: intrusion detection framework for IoT-based smart environments security using ensemble learning. Cluster Comput. 23, 1–5 (2022)

    Google Scholar 

  8. Safara, F., Souri, A., Serrizadeh, M.: Improved intrusion detection method for communication networks using association rule mining and artificial neural networks. IET Commun. 14(7), 1192–1197 (2020)

    Article  Google Scholar 

  9. Yu, S., Shang, M., Li, F.: A lattice-based efficient heterogeneous signcryption scheme for secure network communications. J. High Speed Netw. 3, 1–9 (2023)

    Google Scholar 

  10. Ko, K.-M., et al.: Comparative study of AI-enabled DDoS detection technologies in SDN. Appl. Sci. (2023). https://doi.org/10.3390/app13179488

    Article  Google Scholar 

  11. Hilal, A.M., et al.: Deep learning enabled class imbalance with sand piper optimization based intrusion detection for secure cyber physical systems. Clust. Comput. 26(3), 2085–2098 (2023)

    Article  Google Scholar 

  12. Ahmetoglu, H., Das, R.: A comprehensive review on detection of cyber-attacks: data sets, methods, challenges, and future research directions. Int. Things 20, 100615 (2022)

    Article  Google Scholar 

  13. Oliveira, N., et al.: Intelligent cyber attack detection and classification for network-based intrusion detection systems. Appl. Sci. 11(4), 1674 (2021)

    Article  Google Scholar 

  14. Dey, A.K., Gupta, G.P., Sahu, S.P.: A metaheuristic-based ensemble feature selection framework for cyber threat detection in IoT-enabled networks. Decis. Anal. J. 7, 100206 (2023)

    Article  Google Scholar 

  15. Awotunde, J.B., et al.: An ensemble tree-based model for intrusion detection in industrial internet of things networks. Appl. Sci. 13(4), 2479 (2023)

    Article  Google Scholar 

  16. Wang, T., et al.: Microcontroller unit chip temperature fingerprint informed machine learning for IIoT intrusion detection. IEEE Trans. Industr. Inf. 19(2), 2219–2227 (2022)

    Article  Google Scholar 

  17. Le, T.-T.-H., Oktian, Y.E., Kim, H.: XGBoost for imbalanced multiclass classification-based industrial internet of things intrusion detection systems. Sustainability (2022). https://doi.org/10.3390/su14148707

    Article  Google Scholar 

  18. Guezzaz, A., et al.: A lightweight hybrid intrusion detection framework using machine learning for edge-based IIoT security. Int. Arab. J. Inf. Technol. 19(5), 102 (2022)

    Google Scholar 

  19. Manimurugan, S., et al.: Effective attack detection in internet of medical things smart environment using a deep belief neural network. IEEE Access 8, 77396–77404 (2020)

    Article  Google Scholar 

  20. Khan, I.A., et al.: XSRU-IoMT: explainable simple recurrent units for threat detection in internet of medical things networks. Futur. Gener. Comput. Syst. 127, 181–193 (2022)

    Article  Google Scholar 

  21. Nandy, S., et al.: An intrusion detection mechanism for secured IoMT framework based on swarm-neural network. IEEE J. Biomed. Health Information 26(5), 1969–1976 (2021)

    Article  Google Scholar 

  22. Wang, S., Xu, W., Liu, Y.: Res-TranBiLSTM: an intelligent approach for intrusion detection in the Internet of Things. Comput. Netw. 235, 109982 (2023)

    Article  Google Scholar 

  23. Taser, P.Y.: Application of bagging and boosting approaches using decision tree-based algorithms in diabetes risk prediction. Proceedings 74(1), 6 (2021)

    MathSciNet  Google Scholar 

  24. Saeed, M.S., et al.: Ensemble bagged tree based classification for reducing non-technical losses in Multan electric power company of Pakistan. Electronics 8(8), 860 (2019)

    Article  Google Scholar 

  25. Kovačević, M., et al.: Construction cost estimation of reinforced and prestressed concrete bridges using machine learning. Građevinar 73(01), 1–13 (2021)

    Google Scholar 

  26. Breiman, L.: Bagging predictors. Machine Learn. 24, 123–140 (1996)

    Article  MATH  Google Scholar 

  27. Salam, R., Islam, A.R.M.T.: Potential of RT, Bagging and RS ensemble learning algorithms for reference evapotranspiration prediction using climatic data-limited humid region in Bangladesh. J. Hydrol. 590, 125241 (2020)

    Article  Google Scholar 

  28. Yun, K.K., Yoon, S.W., Won, D.: Prediction of stock price direction using a hybrid GA-XGBoost algorithm with a three-stage feature engineering process. Expert Syst. Appl. 186, 115716 (2021)

    Article  Google Scholar 

  29. Mohamed, W.N.H.W., M.N.M. Salleh, and A.H. Omar. A Comparative Study of Reduced Error Pruning Method in Decision Tree Algorithms. In: 2012 IEEE international conference on control system, computing and engineering IEEE (2012)

  30. Zhang, Z., Jung, C.: GBDT-MO: gradient-boosted decision trees for multiple outputs. IEEE Trans. Neural Netw. Learn. Syst. 32(7), 3156–3167 (2020)

    Article  MathSciNet  Google Scholar 

  31. Moustafa, N. and J. Slay. UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection Systems (UNSW-NB15 Network Data Set). In: 2015 military communications and information systems conference (MilCIS). 2015. IEEE.

  32. Moustafa, N., Slay, J.: The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Information Sec. J. Global Perspect. 25(1–3), 18–31 (2016)

    Article  Google Scholar 

  33. Tavallaee, M., et al. A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE symposium on computational intelligence for security and defense applications. (2009) IEEE

  34. Moustafa, N., Slay, J., Creech, G.: Novel geometric area analysis technique for anomaly detection using trapezoidal area estimation on large-scale networks. IEEE Trans. Big Data 5(4), 481–494 (2017)

    Article  Google Scholar 

  35. Moustafa, N., Creech, G., Slay, J.: Big data analytics for intrusion detection system: Statistical decision-making using finite dirichlet mixture models. Data Anal. Decis. Support Cybersec. Trends. Methodol. Appl. 2017, 127–156 (2017)

    Google Scholar 

  36. Sarhan, M., et al. Netflow Datasets for Machine Learning-Based Network Intrusion Detection Systems. In: big data technologies and applications: 10th EAI international conference, BDTA 2020, and 13th EAI international conference on wireless internet, WiCON 2020, Virtual Event, December 11, 2020, Proceedings 10. Springer (2021)

  37. Moustafa, N., Turnbull, B., Choo, K.-K.R.: An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Internet Things J. 6(3), 4815–4830 (2018)

    Article  Google Scholar 

  38. Su, T., et al.: BAT: deep learning methods on network intrusion detection using NSL-KDD dataset. IEEE Access 8, 29575–29585 (2020)

    Article  Google Scholar 

  39. Khan, S.S. and Mailewa A.B.: detecting network transmission anomalies using autoencoders-svm neural network on multi-class NSL-KDD Dataset. In: 2023 IEEE 13th Annual Computing and Communication Workshop and Conference (CCWC). (2023) IEEE.

  40. Xu, W., et al.: Improving performance of autoencoder-based network anomaly detection on NSL-KDD dataset. IEEE Access 9, 140136–140146 (2021)

    Article  Google Scholar 

  41. Verma, A., Ranga, V.: Machine learning based intrusion detection systems for IoT applications. Wirel. Pers. Commun. 111, 2287–2310 (2020)

    Article  Google Scholar 

  42. Mukherjee, S., Sharma, N.: Intrusion detection using naive Bayes classifier with feature reduction. Procedia Technol. 4, 119–128 (2012)

    Article  Google Scholar 

  43. Cholakoska, A., et al.: Analysis of machine learning classification techniques for anomaly detection with NSL-KDD data set. In: Data Science and Intelligent Systems. Cham: Springer International Publishing (2021)

  44. Abrar, I., et al.: A Machine Learning Approach for Intrusion Detection System on NSL-KDD Dataset. In: 2020 international conference on smart electronics and communication (ICOSEC). 2020.

  45. Ravipati, R.D. and Abualkibash M.: Intrusion detection system classification using different machine learning algorithms on KDD-99 and NSL-KDD datasets-a review paper. International Journal of Computer Science & Information Technology (IJCSIT) 2019. 11.

Download references

Funding

The authors declare that no funds, grants, or other support were received during the preparation of this manuscript.

Author information

Authors and Affiliations

  1. Department of Software Engineering, Halic University, 34060, Istanbul, Turkey

    Alireza Souri

  2. Computer Technology Program, Vocational School, Halic University, 34060, Istanbul, Turkey

    Monire Norouzi

  3. Faculty of Computing and Information Technology, King Abdualziz University, 21589, Jeddah, Saudi Arabia

    Yousef Alsenani

Authors
  1. Alireza Souri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Monire Norouzi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yousef Alsenani
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All authors contributed to the study conception and design. Material preparation, data collection and analysis were performed by Dr. AS. Dr. MN analyzed the dataset. Dr. YA checked the grammar, validation and improved the content. All authors read and approved the final manuscript.

Corresponding author

Correspondence to Alireza Souri.

Ethics declarations

Conflict of interest

The authors have no relevant financial or non-financial interests to disclose.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Souri, A., Norouzi, M. & Alsenani, Y. A new cloud-based cyber-attack detection architecture for hyper-automation process in industrial internet of things. Cluster Comput (2023). https://doi.org/10.1007/s10586-023-04163-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10586-023-04163-y

Keywords

Search

Navigation