PIGNUS: A Deep Learning model for IDS in industrial internet-of-things

P. L.S. Jayalaxmi, Rahul Saha, Gulshan Kumar, Mamoun Alazab, Mauro Conti, Xiaochun Cheng

Research output: Contribution to journalArticlepeer-review

Abstract

The heterogeneous nature of the Industrial Internet of Thing (IIoT) has a considerable impact on the development of an effective Intrusion Detection System (IDS). The proliferation of linked devices results in multiple inputs from industrial sensors. IDS faces challenges in analyzing the features of the traffic and identifying anonymous behavior. Due to the unavailability of a comprehensive feature mapping method, the present IDS solutions are non-usable to identify zero-day vulnerabilities. In this paper, we introduce the first comprehensive IDS framework that combines an efficient feature-mapping technique and cascading model to solve the above-mentioned problems. We call our proposed solution deeP learnIG model intrusioN detection in indUStrial internet-of things (PIGNUS). PIGNUS integrates Auto Encoders (AE) to select optimal features and Cascade Forward Back Propagation Neural Network (CFBPNN) for classification and attack detection. The cascading model uses interconnected links from the initial layer to the output layer and determines the normal and abnormal behavior patterns and produces a perfect classification. We execute a set of experiments on five popular IIoT datasets: gas pipeline, water storage tank, NSLKDD+, UNSW-NB15, and X-IIoTID. We compare PIGNUS to the state-of-the-art models in terms of accuracy, False Positive Ratio (FPR), precision, and recall. The results show that PIGNUS provides more than 95% accuracy, which is 25% better on average than the existing models. In the other parameters, PIGNUS shows 20% improved FPR, 10% better recall, and 10% better in precision. Overall, PIGNUS proves its efficiency as an IDS solution for IIoTs. Thus, PIGNUS is an efficient solution for IIoTs.

Original languageEnglish
Article number103315
Pages (from-to)1-14
Number of pages14
JournalComputers and Security
Volume132
DOIs
Publication statusPublished - Sept 2023

Cite this