Abstract
With rapid development and deployment of artificial intelligence methods, the Industrial Internet of Things (IIoT) has highly developed to fast tracing industrial communications and optimizing manufacturing processes. In Industry 5.0, hyper-automation process as one of technological trends navigates industrial entities to intelligent devices of the IIoT, cloud computing, smart robotics, smart agile software and embedded components by high complexity and reliability. By increasing data communication in the IIoT environments and cloud computing, the security and safety of hyper-automation process is also increasingly unstable and challengeable with respect to cyber-attacks, unstructured malwares and abnormal activities. With the diversification and unexpected behaviors of cyber-security threats, traditional cyber-attack detection systems have some critical problems with increasing massive data including unappropriated feature selection and extraction, high computation time in prediction and inaccurate classification models. Due to the above-mentioned challenges, this paper presents a new cloud-based cyber-attack detection architecture based on Ensemble Bagged Trees Detection (EBTD) algorithm for predicting malicious behaviors and types of cyber-attacks for hyper-automation process in the IIoT. The proposed architecture uses Analysis of Variance (ANOVA) and a priority-based feature selection and extraction model to find the optimal features with highly dependent on the network traffic, computation time, malicious behaviors, and types of attacks. Then, experimental results are conducted using the technical data sets UNSW-NB15 and NSL-KDD. The simulation results show that the proposed architecture performance performs better than other case studies and prediction models and effective on optimization of large-scale cyber-attack detection systems for critical hyper-automation process in the IIoT environment.
Similar content being viewed by others
Data availability
The datasets are available as open source materials in Kaggle.
References
Song, L., Rho, S.: Hidden target recognition method for high-speed network security threats based on attack graph theory. J. High Speed Netw. 10, 1–14 (2023)
Pour, M.S., et al.: A comprehensive survey of recent internet measurement techniques for cyber security. Comput. Sec. 27, 103123 (2023)
Bhuvaneshwari, B., et al.: Artificial intelligence enabled luong attention and Hosmer Lemeshow regression window-based attack detection in 6G. Int. J. Commun. Syst. 36, e5571 (2023)
Alhanaya, M., Al-Shqeerat, K.: Developing an integrated framework for securing internet of things traffic in smart cities using machine learning techniques. Appl. Sci. (2023). https://doi.org/10.3390/app13169476
Rajarao, B., Sreenivasulu, M.: FD-DBN: flow directed deep belief network for accurate anomaly detection in cloud computing. Int. J. Commun. Syst. 10, e5592 (2023)
Attou, H., et al.: Towards an intelligent intrusion detection system to detect malicious activities in cloud computing. Appl. Sci. 13, 9588 (2023). https://doi.org/10.3390/app13179588
Hazman, C., et al.: lIDS-SIoEL: intrusion detection framework for IoT-based smart environments security using ensemble learning. Cluster Comput. 23, 1–5 (2022)
Safara, F., Souri, A., Serrizadeh, M.: Improved intrusion detection method for communication networks using association rule mining and artificial neural networks. IET Commun. 14(7), 1192–1197 (2020)
Yu, S., Shang, M., Li, F.: A lattice-based efficient heterogeneous signcryption scheme for secure network communications. J. High Speed Netw. 3, 1–9 (2023)
Ko, K.-M., et al.: Comparative study of AI-enabled DDoS detection technologies in SDN. Appl. Sci. (2023). https://doi.org/10.3390/app13179488
Hilal, A.M., et al.: Deep learning enabled class imbalance with sand piper optimization based intrusion detection for secure cyber physical systems. Clust. Comput. 26(3), 2085–2098 (2023)
Ahmetoglu, H., Das, R.: A comprehensive review on detection of cyber-attacks: data sets, methods, challenges, and future research directions. Int. Things 20, 100615 (2022)
Oliveira, N., et al.: Intelligent cyber attack detection and classification for network-based intrusion detection systems. Appl. Sci. 11(4), 1674 (2021)
Dey, A.K., Gupta, G.P., Sahu, S.P.: A metaheuristic-based ensemble feature selection framework for cyber threat detection in IoT-enabled networks. Decis. Anal. J. 7, 100206 (2023)
Awotunde, J.B., et al.: An ensemble tree-based model for intrusion detection in industrial internet of things networks. Appl. Sci. 13(4), 2479 (2023)
Wang, T., et al.: Microcontroller unit chip temperature fingerprint informed machine learning for IIoT intrusion detection. IEEE Trans. Industr. Inf. 19(2), 2219–2227 (2022)
Le, T.-T.-H., Oktian, Y.E., Kim, H.: XGBoost for imbalanced multiclass classification-based industrial internet of things intrusion detection systems. Sustainability (2022). https://doi.org/10.3390/su14148707
Guezzaz, A., et al.: A lightweight hybrid intrusion detection framework using machine learning for edge-based IIoT security. Int. Arab. J. Inf. Technol. 19(5), 102 (2022)
Manimurugan, S., et al.: Effective attack detection in internet of medical things smart environment using a deep belief neural network. IEEE Access 8, 77396–77404 (2020)
Khan, I.A., et al.: XSRU-IoMT: explainable simple recurrent units for threat detection in internet of medical things networks. Futur. Gener. Comput. Syst. 127, 181–193 (2022)
Nandy, S., et al.: An intrusion detection mechanism for secured IoMT framework based on swarm-neural network. IEEE J. Biomed. Health Information 26(5), 1969–1976 (2021)
Wang, S., Xu, W., Liu, Y.: Res-TranBiLSTM: an intelligent approach for intrusion detection in the Internet of Things. Comput. Netw. 235, 109982 (2023)
Taser, P.Y.: Application of bagging and boosting approaches using decision tree-based algorithms in diabetes risk prediction. Proceedings 74(1), 6 (2021)
Saeed, M.S., et al.: Ensemble bagged tree based classification for reducing non-technical losses in Multan electric power company of Pakistan. Electronics 8(8), 860 (2019)
Kovačević, M., et al.: Construction cost estimation of reinforced and prestressed concrete bridges using machine learning. Građevinar 73(01), 1–13 (2021)
Breiman, L.: Bagging predictors. Machine Learn. 24, 123–140 (1996)
Salam, R., Islam, A.R.M.T.: Potential of RT, Bagging and RS ensemble learning algorithms for reference evapotranspiration prediction using climatic data-limited humid region in Bangladesh. J. Hydrol. 590, 125241 (2020)
Yun, K.K., Yoon, S.W., Won, D.: Prediction of stock price direction using a hybrid GA-XGBoost algorithm with a three-stage feature engineering process. Expert Syst. Appl. 186, 115716 (2021)
Mohamed, W.N.H.W., M.N.M. Salleh, and A.H. Omar. A Comparative Study of Reduced Error Pruning Method in Decision Tree Algorithms. In: 2012 IEEE international conference on control system, computing and engineering IEEE (2012)
Zhang, Z., Jung, C.: GBDT-MO: gradient-boosted decision trees for multiple outputs. IEEE Trans. Neural Netw. Learn. Syst. 32(7), 3156–3167 (2020)
Moustafa, N. and J. Slay. UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection Systems (UNSW-NB15 Network Data Set). In: 2015 military communications and information systems conference (MilCIS). 2015. IEEE.
Moustafa, N., Slay, J.: The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Information Sec. J. Global Perspect. 25(1–3), 18–31 (2016)
Tavallaee, M., et al. A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE symposium on computational intelligence for security and defense applications. (2009) IEEE
Moustafa, N., Slay, J., Creech, G.: Novel geometric area analysis technique for anomaly detection using trapezoidal area estimation on large-scale networks. IEEE Trans. Big Data 5(4), 481–494 (2017)
Moustafa, N., Creech, G., Slay, J.: Big data analytics for intrusion detection system: Statistical decision-making using finite dirichlet mixture models. Data Anal. Decis. Support Cybersec. Trends. Methodol. Appl. 2017, 127–156 (2017)
Sarhan, M., et al. Netflow Datasets for Machine Learning-Based Network Intrusion Detection Systems. In: big data technologies and applications: 10th EAI international conference, BDTA 2020, and 13th EAI international conference on wireless internet, WiCON 2020, Virtual Event, December 11, 2020, Proceedings 10. Springer (2021)
Moustafa, N., Turnbull, B., Choo, K.-K.R.: An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Internet Things J. 6(3), 4815–4830 (2018)
Su, T., et al.: BAT: deep learning methods on network intrusion detection using NSL-KDD dataset. IEEE Access 8, 29575–29585 (2020)
Khan, S.S. and Mailewa A.B.: detecting network transmission anomalies using autoencoders-svm neural network on multi-class NSL-KDD Dataset. In: 2023 IEEE 13th Annual Computing and Communication Workshop and Conference (CCWC). (2023) IEEE.
Xu, W., et al.: Improving performance of autoencoder-based network anomaly detection on NSL-KDD dataset. IEEE Access 9, 140136–140146 (2021)
Verma, A., Ranga, V.: Machine learning based intrusion detection systems for IoT applications. Wirel. Pers. Commun. 111, 2287–2310 (2020)
Mukherjee, S., Sharma, N.: Intrusion detection using naive Bayes classifier with feature reduction. Procedia Technol. 4, 119–128 (2012)
Cholakoska, A., et al.: Analysis of machine learning classification techniques for anomaly detection with NSL-KDD data set. In: Data Science and Intelligent Systems. Cham: Springer International Publishing (2021)
Abrar, I., et al.: A Machine Learning Approach for Intrusion Detection System on NSL-KDD Dataset. In: 2020 international conference on smart electronics and communication (ICOSEC). 2020.
Ravipati, R.D. and Abualkibash M.: Intrusion detection system classification using different machine learning algorithms on KDD-99 and NSL-KDD datasets-a review paper. International Journal of Computer Science & Information Technology (IJCSIT) 2019. 11.
Funding
The authors declare that no funds, grants, or other support were received during the preparation of this manuscript.
Author information
Authors and Affiliations
Contributions
All authors contributed to the study conception and design. Material preparation, data collection and analysis were performed by Dr. AS. Dr. MN analyzed the dataset. Dr. YA checked the grammar, validation and improved the content. All authors read and approved the final manuscript.
Corresponding author
Ethics declarations
Conflict of interest
The authors have no relevant financial or non-financial interests to disclose.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Souri, A., Norouzi, M. & Alsenani, Y. A new cloud-based cyber-attack detection architecture for hyper-automation process in industrial internet of things. Cluster Comput (2023). https://doi.org/10.1007/s10586-023-04163-y
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10586-023-04163-y