Skip to main content

Advertisement

SpringerLink
Log in

A novel fully convolutional neural network approach for detection and classification of attacks on industrial IoT devices in smart manufacturing systems

  • ORIGINAL ARTICLE
  • Published:
The International Journal of Advanced Manufacturing Technology Aims and scope Submit manuscript

Abstract

Recently, Internet of things (IoT) devices have been widely implemented and technologically advanced in manufacturing settings to monitor, collect, exchange, analyze, and deliver data. However, this transition has increased the risk of cyber-attacks, exponentially. Subsequently, developing effective intrusion detection systems based on deep learning algorithms has proven to become a reliable intelligence tool to protect Industrial IoT devices against cyber threats. This paper presents the implementation of two different classifications and detection utilizing the long short-term memory (LSTM) architecture to address cybersecurity concerns on three benchmark industrial IoT datasets (BoT-IoT, UNSW-NB15, and TON-IoT) which take advantage of various deep learning algorithms. An overall analysis of the performance of the proposed models is provided. Augmenting the LSTM with convolutional neural network (CNN) and fully convolutional neural network (FCN) achieves state-of-the-art performance in detecting cybersecurity threats.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Zheng Y, Pal A, Abuadbba S, Pokhrel SR, Nepal S, Janicke H (2020) Towards IoT security automation and orchestration, 2020 Second IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA), Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA), TPS-ISA 55–63. https://doi.org/10.1109/TPS-ISA50397.2020.00018

  2. Shahin M, Chen FF, Bouzary H, Krishnaiyer K (2020) Integration of Lean practices and Industry 4.0 technologies: smart manufacturing for next-generation enterprises. Int J Adv Manuf Technol 107(5):2927–2936. https://doi.org/10.1007/s00170-020-05124-0

  3. Baumann D, Mager F, Wetzker U, Thiele L, Zimmerling M, Trimpe S (2021) Wireless control for smart manufacturing: recent approaches and open challenges. Proc IEEE 109(4):441–467. https://doi.org/10.1109/JPROC.2020.3032633

  4. Donnal J, McDowell R, Kutzer M (2020) Decentralized IoT with Wattsworth. 2020 IEEE 6th World Forum on Internet of Things (WF-IoT), Internet of Things (WF-IoT), 2020 IEEE 6th World Forum on 1–6. https://doi.org/10.1109/WF-IoT48130.2020.9221350

  5. Sungwon LEE, Hyeonkyu JEON, Gihyun PARK, Jonghee YOUN (2021) Design of automation environment for analyzing various IoT malware. Tehnicki vjesnik / Technical Gazette 28(4):827–835. https://doi.org/10.17559/TV-20210202131602

    Article  Google Scholar 

  6. Elhabashy AE, Wells LJ, Camelio JA (2019) Cyber-physical security research efforts in manufacturing - a literature review. in Procedia Manuf 01 34:921–931 https://doi.org/10.1016/j.promfg.2019.06.115

  7. Elhabashy AE, Wells LJ, Camelio JA, Woodall WH (2019) A cyber-physical attack taxonomy for production systems: a quality control perspective. J Intell Manuf 30(6):2489–2504. https://doi.org/10.1007/s10845-018-1408-9

    Article  Google Scholar 

  8. ICS Monitor Newsletters | CISA. https://www.us-cert.gov/ics/monitors Accessed 20 Oct 2019

  9. O’Reilly P, Rigopoulos K, Feldman L, Witte G (2021) 2020 Cybersecurity and Privacy Annual Report. Natl Inst Stand Technol. https://doi.org/10.6028/NIST.SP.800-214

  10. Shahin M, Chen FF, Bouzary H, Zarreh A (2020) Frameworks proposed to address the threat of cyber-physical attacks to Lean 4.0 systems. Procedia Manuf 51:1184–1191. https://doi.org/10.1016/j.promfg.2020.10.166

  11. Koroniotis N, Moustafa N, Sitnikova E, Turnbull B (2019) Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset. Futur Gener Comput Syst 100:779–796. https://doi.org/10.1016/j.future.2019.05.041

    Article  Google Scholar 

  12. Mahmood T, Afzal U (2013) Security analytics: big data analytics for cybersecurity: a review of trends, techniques and tools. in 2013 2nd National Conference on Information Assurance (NCIA) 129–134. https://doi.org/10.1109/NCIA.2013.6725337

  13. Terzi DS, Terzi R, Sagiroglu S (2017) Big data analytics for network anomaly detection from netflow data. in 2017 International Conference on Computer Science and Engineering (UBMK) 592–597. https://doi.org/10.1109/UBMK.2017.8093473

  14. Gaggero GB, Rossi M, Girdinio P, Marchese M (2019) Neural network architecture to detect system faults / cyberattacks anomalies within a photovoltaic system connected to the grid. in 2019 International Symposium on Advanced Electrical and Communication Technologies (ISAECT)1–4. https://doi.org/10.1109/ISAECT47714.2019.9069683

  15. Bruce PC, Shmueli G, Patel NR (2016) Data mining for business analytics: concepts, techniques, and applications in Microsoft Office Excel with XLMiner. Wiley-Blackwell 

  16. Ciaburro G (2017) Neural networks with R. Packt Publishing. [Online]. Available: https://libproxy.txstate.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=cat00022a&AN=txi.b5582708&site=eds-live&scope=site Accessed 18 Oct 2021

  17. Pascanu R, Stokes JW, Sanossian H, Marinescu M, Thomas A (2015) Malware classification with recurrent networks. in 2015 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) 1916–1920. https://doi.org/10.1109/ICASSP.2015.7178304

  18. Shibahara T, Yagi T, Akiyama M, Chiba D, Yada T (2016) Efficient dynamic malware analysis based on network behavior using deep learning. in 2016 IEEE Global Communications Conference (GLOBECOM) 1–7.  https://doi.org/10.1109/GLOCOM.2016.7841778

  19. Loukas G, Vuong T, Heartfield R, Sakellari G, Yoon Y, Gan D (2018) Cloud-based cyber-physical intrusion detection for vehicles using deep learning. IEEE Access 6:3491–3508. https://doi.org/10.1109/ACCESS.2017.2782159

    Article  Google Scholar 

  20. Hochreiter S, Schmidhuber J (1997) Long short-term memory. Neural Comput 9(8):1735–1780. https://doi.org/10.1162/neco.1997.9.8.1735

    Article  Google Scholar 

  21. Kim J, Kim J, Thu HLT, Kim H (2016) Long short term memory recurrent neural network classifier for intrusion detection. in 2016 Int Conf on Platform Technol and Service (PlatCon) 1–5. https://doi.org/10.1109/PlatCon.2016.7456805

  22. McDermott CD, Majdani F, Petrovski AV (2018) Botnet detection in the Internet of Things using deep learning approaches. in 2018 Int Jt Conf Neural Netw (IJCNN) 1–8. https://doi.org/10.1109/IJCNN.2018.8489489

  23. Chatterjee CC (2019) Implementation of RNN, LSTM, and GRU. Medium. https://towardsdatascience.com/implementation-of-rnn-lstm-and-gru-a4250bf6c090 Accessed 10 Dec 2021

  24. Zhao Q, Zhu Y, Wan D, Yu Y, Cheng X (2018) Research on the data-driven quality control method of hydrological time series data. Water (Switzerland) 10(12):23 https://doi.org/10.3390/w10121712

  25. Yasrab R, Pound M (2020) PhenomNet: bridging phenotype-genotype gap: a CNN-LSTM based automatic plant root anatomizationsystem. https://doi.org/10.1101/2020.05.03.075184

  26. Kim J, Kim J, Kim H, Shim M, Choi E (2020) CNN-based network intrusion detection against denial-of-service attacks. Electronics 9(916):916. https://doi.org/10.3390/electronics9060916

    Article  Google Scholar 

  27. Wang Wei, Zhu Ming, Zeng Xuewen, Ye Xiaozhou, Sheng Yiqiang (2017) Malware traffic classification using convolutional neural network for representation learning 712–717. https://doi.org/10.1109/ICOIN.2017.7899588

  28. McLaughlin N (2017) Deep android malware detection. in Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, Scottsdale, Arizona, USA. 301–308. https://doi.org/10.1145/3029806.3029823

  29. Gibert D, Mateu C, Planes J, Vicens R (2019) Using convolutional neural networks for classification of malware represented as images. J Comput Virol Hacking Tech 15(1):15–28. https://doi.org/10.1007/s11416-018-0323-0

    Article  Google Scholar 

  30. Yu Y, Long J, Cai Z (2017) Network intrusion detection through stacking dilated convolutional autoencoders. Secur Commun Netw. https://www.hindawi.com/journals/scn/2017/4184196/ Accessed 20 Jun 2020

  31. Kolosnjaji B, Zarras A, Webster G, Eckert C (2016) Deep learning for classification of malware system call sequences, in AI 2016: Advances in Artificial Intelligence. Cham 2016:137–149. https://doi.org/10.1007/978-3-319-50127-7_11

    Article  Google Scholar 

  32. Mac H, Tran D, Tong V, Nguyen G, Tran HA (2017) DGA Botnet detection using supervised learning methods. 211–218. https://doi.org/10.1145/3155133.3155166

  33. Yu B, Gray DL, Pan J, Cock MD, Nascimento ACA (2017) Inline DGA detection with deep networks. in 2017 IEEE International Conference on Data Mining Workshops (ICDMW) 683–692. https://doi.org/10.1109/ICDMW.2017.96

  34. Karim F, Majumdar S, Darabi H (2019) Insights into LSTM fully convolutional networks for time series classification. IEEE Access 7:67718–67725. https://doi.org/10.1109/ACCESS.2019.2916828

    Article  Google Scholar 

  35. Wang Zhiguang, Yan Weizhong, Oates T (2017) Time series classification from scratch with deep neural networks: a strong baseline. 2017 International Joint Conference on Neural Networks (IJCNN). Neural Networks (IJCNN) 1578–1585. https://doi.org/10.1109/IJCNN.2017.7966039

  36. Park E, Cui X, Nguyen THB, Kim H (2019) Presentation attack detection using a tiny fully convolutional network, IEEE transactions on information forensics and security, information forensics and security, IEEE transactions on. IEEE Trans Inform Forensic Secur 14(11):3016–3025. https://doi.org/10.1109/TIFS.2019.2907184

    Article  Google Scholar 

  37. Sarhan M, Layeghy S, Moustafa N, Portmann M (2021) NetFlow datasets for machine learning-based network intrusion detection systems. arXiv:2011.09144 [cs]. 371:117–135. https://doi.org/10.1007/978-3-030-72802-1_9

  38. Peterson JM, Leevy JL, Khoshgoftaar TM (2021) A review and analysis of the Bot-IoT dataset. 2021 IEEE International Conference on Service-Oriented System Engineering (SOSE). Service-Oriented System Engineering (SOSE) SOSE 20–27. https://doi.org/10.1109/SOSE52839.2021.00007

  39. Koroniotis N, Moustafa N, Sitnikova E, Slay J (2018) Towards developing network forensic mechanism for botnet activities in the IoT based on machine learning techniques. in Mobile Networks and Management, Cham 30–44. https://doi.org/10.1007/978-3-319-90775-8_3

  40. Koroniotis N, Moustafa N, Sitnikova E (2020) A new network forensic framework based on deep learning for Internet of Things networks: a particle deep framework. Futur Gener Comput Syst 110:91–106. https://doi.org/10.1016/j.future.2020.03.042

    Article  Google Scholar 

  41. Koroniotis N, Moustafa N (2020) Enhancing network forensics with particle swarm and deep learning: the particle deep framework 60. https://doi.org/10.5121/csit.2020.100304

  42. Koroniotis N, Moustafa N, Schiliro F, Gauravaram P, Janicke H (2020) A holistic review of cybersecurity and reliability perspectives in smart airports. IEEE Access 8:209802–209834. https://doi.org/10.1109/ACCESS.2020.3036728

    Article  Google Scholar 

  43. Cox J, Singh A (2018) Practical network scanning : capture network vulnerabilities using standard tools such as Nmap and Nessus. Packt Publishing. [Online]. Available: https://libproxy.txstate.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=cat00022a&AN=txi.b5447291&site=eds-live&scope=site Accessed 21 Oct 2021

  44. Tankard C (2011) Advanced persistent threats and how to monitor and deter them. Network Security8:16–19. https://doi.org/10.1016/S1353-4858(11)70086-1

  45. A survey on authentication attacks and countermeasures in a distributed environment | Semantic Scholar. [Online]. Available: https://www.semanticscholar.org/paper/A-SURVEY-ON-AUTHENTICATION-ATTACKS-AND-IN-A-Jesudoss/4a6383ce27766f892cebb0269d7be20260023cec Accessed 21 Oct 2021

  46. Fernández A, García S, Galar M, Prati RC, Krawczyk B, Herrera F (2018) Learning from imbalanced data sets. Springer. [Online]. Available: https://libproxy.txstate.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=cat00022a&AN=txi.b4768180&site=eds-live&scope=site Accessed 10 Dec 2021

  47. Handling imbalanced data- machine learning, computer vision, NLP, Analytics Vidhya. https://www.analyticsvidhya.com/blog/2020/11/handling-imbalanced-data-machine-learning-computer-vision-and-nlp/ Accessed 10 Dec 2021

  48. Bishop CM (1995) Neural networks for pattern recognition. Oxford University Press. [Online]. Available: https://libproxy.txstate.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=cat00022a&AN=txi.b1535649&site=eds-live&scope=site Accessed 11 Dec 2021

  49. Zheng A, Casari A (2018) Feature engineering for machine learning : principles and techniques for data scientists, First edition. O’Reilly Media. [Online]. Available: https://libproxy.txstate.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=cat00022a&AN=txi.b5167004&site=eds-live&scope=site Accessed 11 Dec 2021.

  50. Moustafa N, Slay J (2015) UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set), presented at the 2015 Military Communications and Information Systems Conference, MilCIS 2015 - Proceedings 07. https://doi.org/10.1109/MilCIS.2015.7348942

  51. Moustafa N, Slay J (2016) The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf Syst Secur 25(1–3):18–31

    Google Scholar 

  52. Moustafa N, Slay J, Creech G (2019) Novel geometric area analysis technique for anomaly detection using trapezoidal area estimation on large-scale networks, IEEE transactions on big data, big data, IEEE transactions on. IEEE Trans Big Data 5(4):481–494. https://doi.org/10.1109/TBDATA.2017.2715166

    Article  Google Scholar 

  53. Moustafa N, Creech G, Slay J (2017) Big data analytics for intrusion detection system: statistical decision-making using finite dirichlet mixture models, in Data analytics and decision support for cybersecurity: trends, methodologies and applications. Palomares I, Carrascosa, Kalutarage HK, Huang Y, Eds. Cham: Springer International Publishing. 127–156. https://doi.org/10.1007/978-3-319-59439-2_5

  54. Witten IH, Frank E, Hall MA, Pal CJ (2017) Data mining : practical machine learning tools and techniques, Fourth edition. Morgan Kaufmann. [Online]. Available: https://libproxy.txstate.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=cat00022a&AN=txi.b5158398&site=eds-live&scope=site Accessed 11 Dec 2021.

  55. Moustafa N (2021) A new distributed architecture for evaluating AI-based security systems at the edge: network TON_IoT datasets. Sustain Cities Soc 72:102994. https://doi.org/10.1016/j.scs.2021.102994

    Article  Google Scholar 

  56. Booij TM. Chiscop I, Meeuwissen E, Moustafa N, den Hartog FTH (2021) ToN_IoT: the role of heterogeneity and the need for standardization of features and attack types in IoT network intrusion datasets. IEEE Internet of Things Journal 1–1. https://doi.org/10.1109/JIOT.2021.3085194

  57. Alsaedi A, Moustafa N, Tari Z, Mahmood A, Anwar A (2020) TON_IoT telemetry dataset: a new generation dataset of IoT and IIoT for data-driven intrusion detection systems. IEEE Access 8:165130–165150. https://doi.org/10.1109/ACCESS.2020.3022862

    Article  Google Scholar 

  58. Moustafa N, Keshky M, Debiez E, Janicke H (2020) Federated TON_IoT windows datasets for evaluating AI-based security applications. in 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) 848–855. https://doi.org/10.1109/TrustCom50675.2020.00114

  59. Moustafa N, Ahmed M, Ahmed S (2020) Data analytics-enabled intrusion detection: evaluations of ToN_IoT linux datasets. in 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) 727–735. https://doi.org/10.1109/TrustCom50675.2020.00100

  60. Moustafa N (2020) New generations of internet of things datasets for cybersecurity applications based machine learning: TON_IoT datasets. Research Data Australia. https://researchdata.edu.au/new-generations-internet-toniot-datasets/1425941 Accessed 11 Dec 2021

  61. Moustafa N (2019) A systemic IoT-fog-cloud architecture for big-data analytics and cyber security systems: a review of fog computing. [cs]. [Online]. Available:https://arxiv.org/abs/1906.01055 Accessed 11 Dec 2021

  62. Ashraf J et al (2021) IoTBoT-IDS: a novel statistical learning-enabled botnet detection framework for protecting networks of smart cities. Sustain Cities Soc 72:103041. https://doi.org/10.1016/j.scs.2021.103041

    Article  Google Scholar 

  63. Livieris IE, Pintelas E, Pintelas P (2020) A CNN–LSTM model for gold price time-series forecasting. Neural Comput & Applic 32(23):17351–17360. https://doi.org/10.1007/s00521-020-04867-x

    Article  Google Scholar 

  64. Srivastava N, Hinton G, Krizhevsky A, Sutskever I, Salakhutdinov R (2014) Dropout: a simple way to prevent neural networks from overfitting. J Mach Learn Res 15:1929–1958

  65. Chollet F (2018) Deep learning with Python. Manning Publications. [Online].   Available: https://libproxy.txstate.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=cat00022a&AN=txi.b5162307&site=eds-live&scope=site Accessed 12 Dec 2021

  66. Mahmoudi MA, Chetouani A, Boufera F, Tabia H (2020) Kernelized dense layers for facial expression recognition. 2020 IEEE International Conference on Image Processing (ICIP), Image Processing (ICIP), 2020 IEEE International Conference on 2226–2230. https://doi.org/10.1109/ICIP40778.2020.9190694

  67. Chiluveru SR, Gyanendra, Chunarkar S, Tripathy M, Kaushik BK (2021) Efficient hardware implementation of DNN-based speech enhancement algorithm with precise sigmoid activation function. IEEE transactions on circuits and systems II: express briefs, circuits and systems II: express briefs, IEEE transactions on, IEEE Trans Circuits Syst II 68(11):3461–3465. https://doi.org/10.1109/TCSII.2021.3082941

  68. Ioffe S, Szegedy C (2015) Batch normalization: accelerating deep network training by reducing internal covariate shift. in 32nd International Conference on Machine Learning, ICML1:448–456. [Online]. Available: https://libproxy.txstate.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=edselc&AN=edselc.2-52.0-84969584486&site=eds-live&scope=site Accessed 13 Dec 2021

  69. Karim F, Majumdar S, Darabi H, Chen S (2018) LSTM fully convolutional networks for time series classification. IEEE Access 6:1662–1669. https://doi.org/10.1109/ACCESS.2017.2779939

    Article  Google Scholar 

  70. Kingma DP, Ba J (2017) Adam: a method for stochastic optimization, arXiv:1412.6980[cs]. [Online]. Available: https://arxiv.org/abs/1412.6980 Accessed 13 Dec 2021

  71. Kuhn M, Johnson K (2013) Applied predictive modeling. Springer. [Online]. Available: https://libproxy.txstate.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=cat00022a&AN=txi.b2605857&site=eds-live&scope=site Accessed 13 Dec 2021

  72. Ethem Alpaydin (2014) Introduction to machine learning. vol. Third edition. Cambridge, MA: The MIT Press. [Online]. Available: https://libproxy.txstate.edu/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=nlebk&AN=836612&site=eds-live&scope=site Accessed 13 Dec 2021

  73. Adagbasa EG, Adelabu SA, Okello TW (2019) Application of deep learning with stratified K-fold for vegetation species discrimation in a protected mountainous region using Sentinel-2 image. Geocarto International 01. https://doi.org/10.1080/10106049.2019.1704070

  74. Scikit-learn: machine learning in Python — scikit-learn 1.0.2 documentation. https://scikit-learn.org/stable/index.html Accessed 08 Jan 2022

Download references

Author information

Authors and Affiliations

  1. Mechanical Engineering Department, The University of Texas at San Antonio, San Antonio, USA

    Mohammad Shahin, F. Frank Chen, Hamed Bouzary, Ali Hosseinzadeh & Rasoul Rashidifar

Authors
  1. Mohammad Shahin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. F. Frank Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hamed Bouzary
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ali Hosseinzadeh
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Rasoul Rashidifar
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All authors contributed to this paper’s conception and design. Material preparation, data collection, and analysis were performed by Mohammad Shahin, Hamed Bouzarya, and Ali Hosseinzadeha. The first draft of the manuscript was written by Mohammad Shahin and all authors commented on previous versions of the manuscript. All authors read and approved the final manuscript.

Corresponding author

Correspondence to F. Frank Chen.

Ethics declarations

Competing interests

The authors declare no competing interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Shahin, M., Chen, F.F., Bouzary, H. et al. A novel fully convolutional neural network approach for detection and classification of attacks on industrial IoT devices in smart manufacturing systems. Int J Adv Manuf Technol 123, 2017–2029 (2022). https://doi.org/10.1007/s00170-022-10259-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00170-022-10259-3

Keywords

Search

Navigation