nach oben

Cluster Computing

Erschienen in:

04.06.2023

A novel method to detect cyber-attacks in IoT/IIoT devices on the modbus protocol using deep learning

verfasst von: Thierno Gueye, Yanen Wang, Mudassar Rehman, Ray Tahir Mushtaq, Sadaf Zahoor

Erschienen in: Cluster Computing | Ausgabe 5/2023

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The dominant intrusion detection models in internet of things industrial internet of things cybersecurity use network-based datasets. The Modbus protocol is one of the most often targeted protocols and cyberattacks against IoT/IIoT devices have grown to be a major threat in recent years. Due to the intricacy of the protocol and the quick evolution of cyber threats, detecting these attacks using conventional techniques might be difficult. This paper proposes an architecture that consistently outperforms the state-of-the-art methods of performing intrusion Detection that includes binary classification of whether an intrusion occurred or not and multi-class classification that classifies the different types of attacks using an embedding layer in a neural network to model the register values. The best accuracy results were obtained with a convolutional neural network, with an accuracy of 98.91% in the Modbus Binary dataset, a fully connected neural network with an accuracy of 98.06% in the multi-class classification of the Modbus dataset, and long short-term memory neural networks with an accuracy of 99.97%, 99.7%, and 80.20% in Binary, multi-class, and multi-class sub-categories, respectively which conclude that the proposed architecture performs consistently better than the control NN. Three NN are designed with and without the proposed architecture. All experiments performed in this paper conclude that the proposed architecture performs consistently better than the control NN. This paper shows that a NN with an embedding function can effectively be used to model whether an attack occurred on a device and the class of attack that occurred. This network can be utilized in the future to lessen DoS attacks and other types of network attacks. The network will be able to protect itself against a lot of damage if attacks can be predicted either before they occur or at the same moment they are launched.

Vorheriger Artikel Adaptive denoising for magnetic resonance image based on nonlocal structural similarity and low-rank sparse representation

Nächster Artikel Correction to: a novel method to detect cyber-attacks in IoT/IIoT devices on the modbus protocol using deep learning

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Jabbar, W.A., Alsibai, M.H., Amran, N.S.S., Mahayadin, S.K.: Design and implementation of IoT-based automation system for smart home. Int. Symp. Netw. Comput. Commun. (2018). https://doi.org/10.1109/ISNCC.2018.8531006CrossRef

A. S. Gillis, "What is the internet of things (IoT)?," 10 2022. [Online]. Available: https://www.techtarget.com/iotagenda/definition/Internet-of-Things-IoT.

ITU, "Internet of Things Global Standards Initiative," 14 2015. [Online]. Available: https://www.itu.int/en/ITU-T/gsi/iot/Pages/default.aspx.

Kumar, S., Tiwari, P., Zymbler, M.: Internet of things is a revolutionary approach for future technology enhancement: a review. J. Big Data (2019). https://doi.org/10.1186/s40537-019-0268-2CrossRef

Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (IIoT): An analysis framework. Comput. Ind. 101, 1–12 (2018)CrossRef

Abu Al-Haija, Q., Al-Dala’ien, M. A.: ELBA-IoT: an ensemble learning model for botnet attack detection in IoT networks. J. Sens. Actuator Netw. 11(1), 18 (2022)CrossRef

Abu Al-Haija, Q., Zein-Sabatto, S.: An efficient deep-learning-based detection and classification system for cyber-attacks in IoT communication networks. Electronics 9(12), 2152 (2020)CrossRef

Kefalakis, N., Roukounaki, A. and Soldatos, J., 2019, May. A configurable distributed data analytics infrastructure for the industrial Internet of Things. In 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS) (pp. 179–181). IEEE.

Gupta, R., Gupta, I., Singh, A.K., Saxena, D., Lee, C.N.: An iot-centric data protection method for preserving security and privacy in cloud. IEEE Sys. J. (2022). https://doi.org/10.1109/JSYST.2022.3218894CrossRef

10.

Li, X., Wang, Q., Lan, X., Chen, X., Zhang, N., Chen, D.: Enhancing cloud-based IoT security through trustworthy cloud service: an integration of security and reputation approach. IEEE Access 7, 9368–9383 (2019)CrossRef

11.

S. Raza, L. Wallgren and T. Voigt, SVELTE: Real-time intrusion detection in the Internet of Things, Ad Hoc Networks, pp. 2661–2674, 2013.

12.

A. Bannister, AirTag clone bypassed Apple’s tracking-protection features, claims researcher, 22 2022. [Online]. Available: https://portswigger.net/daily-swig/airtag-clone-bypassed-apples-tracking-protection-features-claims-researcher

13.

C. Cyrus, "IoT Cyberattacks Escalate in 2021, According to Kaspersky," 17 2021. [Online]. Available: https://www.iotworldtoday.com/2021/09/17/iot-cyberattacks-escalate-in-2021-according-to-kaspersky/

14.

Kaspersky, 43% of businesses don’t protect their full IoT suite, 1 2022. [Online]. Available: https://www.kaspersky.com/about/press-releases/2022_43-of-businesses-dont-protect-their-full-iot-suite

15.

Checkpoint, Intrusion Detection System (IDS) 10 2022. [Online]. Available: https://www.checkpoint.com/cyber-hub/network-security/what-is-an-intrusion-detection-system-ids/.

16.

Moustafa, N., Hu, J., Slay, J.: A holistic review of network anomaly detection systems: a comprehensive survey. J. Net. Comput. Appl. 128, 33–55 (2019)CrossRef

17.

Sisinni, E., Saifullah, A., Han, S., Jennehag, U., Gidlund, M.: Industrial internet of things: challenges opportunities and directions. IEEE Trans. Ind. Inform. 14(11), 4724–4734 (2018)CrossRef

18.

Xu, L.D., He, W., Li, S.: Internet of things in industries: a survey. IEEE Trans. Ind. Inform. 10(4), 2233–2243 (2014)CrossRef

19.

Zarpelão, B.B., Miani, R.S., Kawakani, C.T., Alvarenga, S.C.: A survey of intrusion detection in internet of things. J. Net. Comput. Appl. 84, 25–37 (2017)CrossRef

20.

Alam, T.: A reliable communication framework and its use in internet of things (IoT). Int. J. Sci. Res. Comput. Sci. Eng. Inform. Technol. 5(3), 450–456 (2018)

21.

Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set, In IEEE Symposium on Computational Intelligence for Security and Defense Applications. ON, Canada, Ottawa (2009)

22.

N. Moustafa and J. Slay, 2015 UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set), In The annual Military Communications and Information Systems (MilCIS) Conference, Canberra, ACT, Australia

23.

I. Sharafaldin, A. H. Lashkari and A. A. Ghorbani, 2018 Toward generating a new intrusion detection dataset and intrusion traffic characterization. The International Conference on Information Systems Security and Privacy

24.

Alsaedi, A., Moustafa, N., Tari, Z., Mahmood, A., Anwar, A.: TON_IoT telemetry dataset: a new generation dataset of IoT and IIoT for data-driven intrusion detection systems. IEEE Access 8, 165130–165150 (2020)CrossRef

25.

Goldberg, Y.: Neural Network Methods in Natural Language Processing (Synthesis Lectures on Human Language Technologies). Morgan & Claypool Publishers, San Rafael (2017)CrossRef

26.

TensorFlow, Word embedding, 10 2022. [Online]. Available: https://www.tensorflow.org/text/guide/word_embeddings.

27.

PyTorch, Embedding, 2019. [Online]. Available: https://pytorch.org/docs/stable/generated/torch.nn.Embedding.html.

28.

Jurafsky, D, Martin, JH: Speech and Language Processing, Upper Saddle River. Prentice Hall NJ (2000)

29.

I. Ullah and Q. H. Mahmoud, 2020 A Scheme for Generating a Dataset for Anomalous Activity Detection in IoT Networks. Advances in Artificial Intelligence. Canadian AI 508–520

30.

H. Kang, D. H. Ahn, G. M. Lee, J. D. Yoo, K. H. Park and H. K. Kim, IoT Network Intrusion Dataset 27 2019. [Online]. Available: https://ieee-dataport.org/open-access/iot-network-intrusion-dataset#files.

31.

I. Ullah and Q. H. Mahmoud, IoT Intrusion Dataset, 15 2021. [Online]. Available: https://sites.google.com/view/iot-network-intrusion-dataset/home.

32.

B. Phillips, E. Gamess and S. Krishnaprasad, An Evaluation of Machine Learning-based Anomaly Detection in a SCADA System Using the Modbus Protocol, In ACM Southeast Conference, Tampa, FL, USA, 2020.

33.

T. Morris, R. Vaughn and Y. Dandass 2011 A Testbed for SCADA Control System Cybersecurity Research and Pedagogy, In Proceedings of the 7th Annual Workshop on Cyber Security and Information Intelligence Research, Oak Ridge, TN, USA,.

34.

S. D. Anton, S. Kanoor, D. Fraunholz and H. D. Schotten, 2018 Evaluation of Machine Learning-based Anomaly Detection Algorithms on an Industrial Modbus/TCP Data Set, in Proceedings of the 13th International Conference on Availability, Reliability and Security

35.

A. Lemay and J. M. Fernandez, 2016 Providing SCADA Network Data Sets for Intrusion Detection Research, 9th Workshop on Cyber Security Experimentation and Test (CSET 16) Austin TX USA

36.

A. Hijazi, E. A. E. Safadi and J.-M. Flaus, 2018 A Deep Learning Approach for Intrusion Detection System in Industry Network, in The first international conference on Big Data and Cybersecurity intelligence, Beirut, Lebanon

37.

D. P. Kingma and J. Ba, 2014 Adam: A Method for Stochastic Optimization. arXiv,.

38.

Malwarebytes, 2022 Backdoor computing attacks, 7. [Online]. Available: https://www.malwarebytes.com/backdoor.

39.

IBM, 2021 Injection attacks, 8. [Online]. Available: https://www.ibm.com/docs/en/snips/4.6.0?topic=categories-injection-attacks.

40.

T. Nelso and M. Chaffin, 2011 Common Cybersecurity Vulnerabilities in Industrial Control Systems, Control Syst. Secur. Program. Washington DC: Dept. Homeland Secur. (DHS) Nat. Cyber Secur. Division, Washington DC,.

41.

Chen, Q.: Chapter Three - Toward realizing self-protecting healthcare information systems: design and security challenges. In: Advances in Computers, pp. 113–149. Elsevier, Amsterdam (2019)

42.

J. Manico, J. Williams, D. Wichers, A. Weidman, Roman, A. Jex, A. Smith, J. Knutson, Imifos, E. Yalon, Kingthorin and V. Khanna, 2022 Cross Site Scripting (XSS) 7 [Online]. Available: https://owasp.org/www-community/attacks/xss/.

43.

Churcher, A., Ullah, R., Ahmad, J., ur Rehman, S., Masood, F., Gogate, M., Alqahtani, F., Nour, B., Buchanan, W.J.: An experimental analysis of attack classification using machine learning in IoT networks. Sensors 21(2), 1–32 (2021)CrossRef

44.

UNSW Canberra at ADFA, 2021 The Bot-IoT Dataset, UNSW Sydney, 2 [Online]. Available: https://research.unsw.edu.au/projects/bot-iot-dataset. [Accessed 28 September 2022].

45.

Khan, M.A., Khan, M.A., Jan, S.U., Ahmad, J., Jamal, S.S., Shah, A.A., Pitropakis, N., Buchanan, W.J.: A deep learning-based intrusion detection system for MQTT enabled IoT. Sensors 21(21), 1–25 (2021)CrossRef

46.

Hindy, H., Tachtatzis, C., Atkinson, R., Bayne, E., Bellekens, X.: A taxonomy of network threats and the effect of current datasets on intrusion detection systems. IEEE Access 8, 104650–104675 (2020)CrossRef

47.

2020. [Online]. Available: https://ieee-dataport.org/open-access/mqtt-iot-ids2020-mqtt-internet-things-intrusion-detection-dataset. [Accessed 28 September 2022].

48.

Sobin, C.C.: A survey on architecture, protocols and challenges in IoT. Wireless Pers. Commun. 112(3), 1383–1429 (2020)CrossRef

49.

Uviase, O., Kotonya, G.: IoT architectural framework: connection and integration framework for IoT systems. Electron. Proc. Theor. Comput. Sci. 264, 1–17 (2018)CrossRef

50.

Ferrari, P., Rinaldi, S., Sisinni, E., Colombo, F., Ghelfi, F., Maffei, D. and Malara, M., 2019 Performance evaluation of full-cloud and edge-cloud architectures for Industrial IoT anomaly detection based on deep learning. In 2019 II Workshop on Metrology for Industry 4.0 and IoT (MetroInd4. 0&IoT) (pp. 420–425). IEEE.

51.

Shakya, S., Pulchowk, L.N., Smys, S.: Anomalies detection in fog computing architectures using deep learning. J. Trends Comput. Sci. Smart Technol 2(1), 46–55 (2020)CrossRef

52.

Vaiyapuri, T., Sbai, Z., Alaskar, H., Alaseem, N.A.: Deep learning approaches for intrusion detection in IIoT networks–opportunities and future directions. Int. J. Adv. Comput. Sci. Appl. (2021). https://doi.org/10.14569/IJACSA.2021.0120411CrossRef

53.

Albulayhi, K., Abu Al-Haija, Q., Alsuhibany, S.A., Jillepalli, A.A., Ashrafuzzaman, M., Sheldon, F.T.: IoT intrusion detection using machine learning with a novel high-performing feature selection method. Appl. Sci. 12(10), 5015 (2022)CrossRef

54.

Abu Al-Haija, Q., Al Badawi, A., Bojja, G.R.: Boost-defence for resilient IoT networks: a head-to-toe approach. Expert. Syst. 39(10), e12934 (2022)CrossRef

55.

Abu Al-Haija, Q., Al-Badawi, A.: Attack-Aware IoT network traffic routing leveraging ensemble learning. Sensors 22(1), 241 (2021)CrossRef

56.

Hassan, M.M., Gumaei, A., Huda, S., Almogren, A.: Increasing thetrustworthiness in the industrial IoT networks through a reliable cyber-attack detection model. IEEE Trans. Ind. Informat. 16(9), 6154–6162 (2020)CrossRef

57.

Saharkhizan, A., Azmoodeh, A., Dehghantanha, K.-K.-R., andR. M. Parizi,: An ensemble of deep recurrent neural networks for detectingIoT cyber attacks using network traffic. IEEE Int. Things J. 7(9), 8852–8859 (2020)CrossRef

58.

Ambika, P.: Machine learning and deep learning algorithms on the Industrial Internet of Things (IIoT). Adv. Comput. 117(1), 321–338 (2020)CrossRef

59.

Williams, R.; McMahon, E.; Samtani, S.; Patton, M.; Chen, H. Identifying vulnerabilities of consumer Internet of Things (IoT)devices: A scalable approach. In Proceedings of the 2017 IEEE International Conference on Intelligence and Security Informatics(ISI), Beijing, China, 22–24 July 2017; IEEE: New York, NY, USA, 2017; pp. 179–181.

60.

Nayak, J., Meher, S.K., Souri, A., Naik, B., Vimal, S.: Extreme learning machine and bayesian optimization-driven intelligentframework for IoMT cyber-attack detection. J. Supercomput. 78, 14866–14891 (2022)CrossRef

61.

Husnain, M., Hayat, K., Cambiaso, E., Fayyaz, U.U., Mongelli, M., Akram, H., Ghazanfar Abbas, S., Shah, G.A.: Preventing MQTTVulnerabilities using IoT-enabled intrusion detection system. Sensors 22(2), 567 (2022)CrossRef

Titel: A novel method to detect cyber-attacks in IoT/IIoT devices on the modbus protocol using deep learning
verfasst von: Thierno Gueye
Yanen Wang
Mudassar Rehman
Ray Tahir Mushtaq
Sadaf Zahoor
Publikationsdatum: 04.06.2023
Verlag: Springer US
Erschienen in: Cluster Computing / Ausgabe 5/2023
Print ISSN: 1386-7857
Elektronische ISSN: 1573-7543
DOI: https://doi.org/10.1007/s10586-023-04028-4

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 5/2023

Privacy protection framework for face recognition in edge-based Internet of Things

A container-based workflow for distributed training of deep learning algorithms in HPC clusters

Towards the design of real-time autonomous IoT NIDS

A comprehensive review of the deep learning-based tumor analysis approaches in histopathological images: segmentation, classification and multi-learning tasks

Adaptive denoising for magnetic resonance image based on nonlocal structural similarity and low-rank sparse representation

Machine learning-based computation offloading in edge and fog: a systematic review

Premium Partner