As industrialization and informatization becomemore deeply intertwined,industrial control networks have entered an era of intelligence.The connection between industrial control networks and the external internet is be...As industrialization and informatization becomemore deeply intertwined,industrial control networks have entered an era of intelligence.The connection between industrial control networks and the external internet is becoming increasingly close,which leads to frequent security accidents.This paper proposes a model for the industrial control network.It includes a malware containment strategy that integrates intrusion detection,quarantine,and monitoring.Basedonthismodel,the role of keynodes in the spreadofmalware is studied,a comparisonexperiment is conducted to validate the impact of the containment strategy.In addition,the dynamic behavior of the model is analyzed,the basic reproduction number is computed,and the disease-free and endemic equilibrium of the model is also obtained by the basic reproduction number.Moreover,through simulation experiments,the effectiveness of the containment strategy is validated,the influence of the relevant parameters is analyzed,and the containment strategy is optimized.In otherwords,selective immunity to key nodes can effectively suppress the spread ofmalware andmaintain the stability of industrial control systems.The earlier the immunization of key nodes,the better.Once the time exceeds the threshold,immunizing key nodes is almost ineffective.The analysis provides a better way to contain the malware in the industrial control network.展开更多
Network intrusion detection systems(NIDS)based on deep learning have continued to make significant advances.However,the following challenges remain:on the one hand,simply applying only Temporal Convolutional Networks(...Network intrusion detection systems(NIDS)based on deep learning have continued to make significant advances.However,the following challenges remain:on the one hand,simply applying only Temporal Convolutional Networks(TCNs)can lead to models that ignore the impact of network traffic features at different scales on the detection performance.On the other hand,some intrusion detection methods considermulti-scale information of traffic data,but considering only forward network traffic information can lead to deficiencies in capturing multi-scale temporal features.To address both of these issues,we propose a hybrid Convolutional Neural Network that supports a multi-output strategy(BONUS)for industrial internet intrusion detection.First,we create a multiscale Temporal Convolutional Network by stacking TCN of different scales to capture the multiscale information of network traffic.Meanwhile,we propose a bi-directional structure and dynamically set the weights to fuse the forward and backward contextual information of network traffic at each scale to enhance the model’s performance in capturing the multi-scale temporal features of network traffic.In addition,we introduce a gated network for each of the two branches in the proposed method to assist the model in learning the feature representation of each branch.Extensive experiments reveal the effectiveness of the proposed approach on two publicly available traffic intrusion detection datasets named UNSW-NB15 and NSL-KDD with F1 score of 85.03% and 99.31%,respectively,which also validates the effectiveness of enhancing the model’s ability to capture multi-scale temporal features of traffic data on detection performance.展开更多
Smart Industrial environments use the Industrial Internet of Things(IIoT)for their routine operations and transform their industrial operations with intelligent and driven approaches.However,IIoT devices are vulnerabl...Smart Industrial environments use the Industrial Internet of Things(IIoT)for their routine operations and transform their industrial operations with intelligent and driven approaches.However,IIoT devices are vulnerable to cyber threats and exploits due to their connectivity with the internet.Traditional signature-based IDS are effective in detecting known attacks,but they are unable to detect unknown emerging attacks.Therefore,there is the need for an IDS which can learn from data and detect new threats.Ensemble Machine Learning(ML)and individual Deep Learning(DL)based IDS have been developed,and these individual models achieved low accuracy;however,their performance can be improved with the ensemble stacking technique.In this paper,we have proposed a Deep Stacked Neural Network(DSNN)based IDS,which consists of two stacked Convolutional Neural Network(CNN)models as base learners and Extreme Gradient Boosting(XGB)as the meta learner.The proposed DSNN model was trained and evaluated with the next-generation dataset,TON_IoT.Several pre-processing techniques were applied to prepare a dataset for the model,including ensemble feature selection and the SMOTE technique.Accuracy,precision,recall,F1-score,and false positive rates were used to evaluate the performance of the proposed ensemble model.Our experimental results showed that the accuracy for binary classification is 99.61%,which is better than in the baseline individual DL and ML models.In addition,the model proposed for IDS has been compared with similar models.The proposed DSNN achieved better performance metrics than the other models.The proposed DSNN model will be used to develop enhanced IDS for threat mitigation in smart industrial environments.展开更多
With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smar...With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.展开更多
With the proportion of intelligent services in the industrial internet of things(IIoT)rising rapidly,its data dependency and decomposability increase the difficulty of scheduling computing resources.In this paper,we p...With the proportion of intelligent services in the industrial internet of things(IIoT)rising rapidly,its data dependency and decomposability increase the difficulty of scheduling computing resources.In this paper,we propose an intelligent service computing framework.In the framework,we take the long-term rewards of its important participants,edge service providers,as the optimization goal,which is related to service delay and computing cost.Considering the different update frequencies of data deployment and service offloading,double-timescale reinforcement learning is utilized in the framework.In the small-scale strategy,the frequent concurrency of services and the difference in service time lead to the fuzzy relationship between reward and action.To solve the fuzzy reward problem,a reward mapping-based reinforcement learning(RMRL)algorithm is proposed,which enables the agent to learn the relationship between reward and action more clearly.The large time scale strategy adopts the improved Monte Carlo tree search(MCTS)algorithm to improve the learning speed.The simulation results show that the strategy is superior to popular reinforcement learning algorithms such as double Q-learning(DDQN)and dueling Q-learning(dueling-DQN)in learning speed,and the reward is also increased by 14%.展开更多
Puncturing has been recognized as a promising technology to cope with the coexistence problem of enhanced mobile broadband(eMBB) and ultra-reliable low latency communications(URLLC)traffic. However, the steady perform...Puncturing has been recognized as a promising technology to cope with the coexistence problem of enhanced mobile broadband(eMBB) and ultra-reliable low latency communications(URLLC)traffic. However, the steady performance of eMBB traffic while meeting the requirements of URLLC traffic with puncturing is a major challenge in some realistic scenarios. In this paper, we pay attention to the timely and energy-efficient processing for eMBB traffic in the industrial Internet of Things(IIoT), where mobile edge computing(MEC) is employed for data processing. Specifically, the performance of eMBB traffic and URLLC traffic in a MEC-based IIoT system is ensured by setting the threshold of tolerable delay and outage probability, respectively. Furthermore,considering the limited energy supply, an energy minimization problem of eMBB device is formulated under the above constraints, by jointly optimizing the resource blocks(RBs) punctured by URLLC traffic, data offloading and transmit power of eMBB device. With Markov's inequality, the problem is reformulated by transforming the probabilistic outage constraint into a deterministic constraint. Meanwhile, an iterative energy minimization algorithm(IEMA) is proposed.Simulation results demonstrate that our algorithm has a significant reduction in the energy consumption for eMBB device and achieves a better overall effect compared to several benchmarks.展开更多
Due to mobile Internet technology's rapid popularization,the Industrial Internet of Things(IIoT)can be seen everywhere in our daily lives.While IIoT brings us much convenience,a series of security and scalability ...Due to mobile Internet technology's rapid popularization,the Industrial Internet of Things(IIoT)can be seen everywhere in our daily lives.While IIoT brings us much convenience,a series of security and scalability issues related to permission operations rise to the surface during device communications.Hence,at present,a reliable and dynamic access control management system for IIoT is in urgent need.Up till now,numerous access control architectures have been proposed for IIoT.However,owing to centralized models and heterogeneous devices,security and scalability requirements still cannot be met.In this paper,we offer a smart contract token-based solution for decentralized access control in IIoT systems.Specifically,there are three smart contracts in our system,including the Token Issue Contract(TIC),User Register Contract(URC),and Manage Contract(MC).These three contracts collaboratively supervise and manage various events in IIoT environments.We also utilize the lightweight and post-quantum encryption algorithm-Nth-degree Truncated Polynomial Ring Units(NTRU)to preserve user privacy during the registration process.Subsequently,to evaluate our proposed architecture's performance,we build a prototype platform that connects to the local blockchain.Finally,experiment results show that our scheme has achieved secure and dynamic access control for the IIoT system compared with related research.展开更多
Rapid increase in the large quantity of industrial data,Industry 4.0/5.0 poses several challenging issues such as heterogeneous data generation,data sensing and collection,real-time data processing,and high request ar...Rapid increase in the large quantity of industrial data,Industry 4.0/5.0 poses several challenging issues such as heterogeneous data generation,data sensing and collection,real-time data processing,and high request arrival rates.The classical intrusion detection system(IDS)is not a practical solution to the Industry 4.0 environment owing to the resource limitations and complexity.To resolve these issues,this paper designs a new Chaotic Cuckoo Search Optimiza-tion Algorithm(CCSOA)with optimal wavelet kernel extreme learning machine(OWKELM)named CCSOA-OWKELM technique for IDS on the Industry 4.0 platform.The CCSOA-OWKELM technique focuses on the design of feature selection with classification approach to achieve minimum computation complex-ity and maximum detection accuracy.The CCSOA-OWKELM technique involves the design of CCSOA based feature selection technique,which incorpo-rates the concepts of chaotic maps with CSOA.Besides,the OWKELM technique is applied for the intrusion detection and classification process.In addition,the OWKELM technique is derived by the hyperparameter tuning of the WKELM technique by the use of sunflower optimization(SFO)algorithm.The utilization of CCSOA for feature subset selection and SFO algorithm based hyperparameter tuning leads to better performance.In order to guarantee the supreme performance of the CCSOA-OWKELM technique,a wide range of experiments take place on two benchmark datasets and the experimental outcomes demonstrate the promis-ing performance of the CCSOA-OWKELM technique over the recent state of art techniques.展开更多
The ongoing expansion of the Industrial Internet of Things(IIoT)is enabling the possibility of effective Industry 4.0,where massive sensing devices in heterogeneous environments are connected through dedicated communi...The ongoing expansion of the Industrial Internet of Things(IIoT)is enabling the possibility of effective Industry 4.0,where massive sensing devices in heterogeneous environments are connected through dedicated communication protocols.This brings forth new methods and models to fuse the information yielded by the various industrial plant elements and generates emerging security challenges that we have to face,providing ad-hoc functions for scheduling and guaranteeing the network operations.Recently,the large development of SoftwareDefined Networking(SDN)and Artificial Intelligence(AI)technologies have made feasible the design and control of scalable and secure IIoT networks.This paper studies how AI and SDN technologies combined can be leveraged towards improving the security and functionality of these IIoT networks.After surveying the state-of-the-art research efforts in the subject,the paper introduces a candidate architecture for AI-enabled Software-Defined IIoT Network(AI-SDIN)that divides the traditional industrial networks into three functional layers.And with this aim in mind,key technologies(Blockchain-based Data Sharing,Intelligent Wireless Data Sensing,Edge Intelligence,Time-Sensitive Networks,Integrating SDN&TSN,Distributed AI)and improve applications based on AISDIN are also discussed.Further,the paper also highlights new opportunities and potential research challenges in control and automation of IIoT networks.展开更多
Fieldbus and industrial Ethernet standards can guide the specification andcoordinate bus optimization. The standards are the basis for the development of field-bus and industrial Ethernet. In this paper, we review com...Fieldbus and industrial Ethernet standards can guide the specification andcoordinate bus optimization. The standards are the basis for the development of field-bus and industrial Ethernet. In this paper, we review complex standard systems allover the world. We discuss 18 fieldbus standards, including the International Electro-technical Commission(IEC) 61158, the IEC 61784 standard matched with IEC 61158,the controller and device interface standard IEC 62026 for low voltage distributionand control devices, and the International Organization for Standardization(ISO)11898 and ISO 11519 standards related to the controller area network(CAN) bus. Wealso introduce the standards of China, Europe, Japan and America. This paper pro-vides a reference to develop fieldbus and industrial Ethernet products for Chinese en-terprises.展开更多
The evolution of the Internet of Things(IoT)has empowered modern industries with the capability to implement large-scale IoT ecosystems,such as the Industrial Internet of Things(IIoT).The IIoT is vulnerable to a diver...The evolution of the Internet of Things(IoT)has empowered modern industries with the capability to implement large-scale IoT ecosystems,such as the Industrial Internet of Things(IIoT).The IIoT is vulnerable to a diverse range of cyberattacks that can be exploited by intruders and cause substantial reputational andfinancial harm to organizations.To preserve the confidentiality,integrity,and availability of IIoT networks,an anomaly-based intrusion detection system(IDS)can be used to provide secure,reliable,and efficient IIoT ecosystems.In this paper,we propose an anomaly-based IDS for IIoT networks as an effective security solution to efficiently and effectively overcome several IIoT cyberattacks.The proposed anomaly-based IDS is divided into three phases:pre-processing,feature selection,and classification.In the pre-processing phase,data cleaning and nor-malization are performed.In the feature selection phase,the candidates’feature vectors are computed using two feature reduction techniques,minimum redun-dancy maximum relevance and neighborhood components analysis.For thefinal step,the modeling phase,the following classifiers are used to perform the classi-fication:support vector machine,decision tree,k-nearest neighbors,and linear discriminant analysis.The proposed work uses a new data-driven IIoT data set called X-IIoTID.The experimental evaluation demonstrates our proposed model achieved a high accuracy rate of 99.58%,a sensitivity rate of 99.59%,a specificity rate of 99.58%,and a low false positive rate of 0.4%.展开更多
The present study explores an IEEE1588 Synchronizing System for smart distribution grid based on Industrial Ethernet. The paper first analyzes the communication system in distribution network and then proposed the pro...The present study explores an IEEE1588 Synchronizing System for smart distribution grid based on Industrial Ethernet. The paper first analyzes the communication system in distribution network and then proposed the project of time synchronizing system using IEEE1588 in distribution network. The study focuses on rational clock correcting time region segmentation, selecting the best clock source injection point and multiple redundant methods when correcting time method lose efficacy, etc. The precision of time synchronizing is better than that of 1 millisecond.展开更多
Deploying task caching at edge servers has become an effectiveway to handle compute-intensive and latency-sensitive tasks on the industrialinternet. However, how to select the task scheduling location to reduce taskde...Deploying task caching at edge servers has become an effectiveway to handle compute-intensive and latency-sensitive tasks on the industrialinternet. However, how to select the task scheduling location to reduce taskdelay and cost while ensuring the data security and reliable communicationof edge computing remains a challenge. To solve this problem, this paperestablishes a task scheduling model with joint blockchain and task cachingin the industrial internet and designs a novel blockchain-assisted cachingmechanism to enhance system security. In this paper, the task schedulingproblem, which couples the task scheduling decision, task caching decision,and blockchain reward, is formulated as the minimum weighted cost problemunder delay constraints. This is a mixed integer nonlinear problem, which isproved to be nonconvex and NP-hard. To solve the optimal solution, thispaper proposes a task scheduling strategy algorithm based on an improvedgenetic algorithm (IGA-TSPA) by improving the genetic algorithm initializationand mutation operations to reduce the size of the initial solutionspace and enhance the optimal solution convergence speed. In addition,an Improved Least Frequently Used algorithm is proposed to improve thecontent hit rate. Simulation results show that IGA-TSPA has a faster optimalsolution-solving ability and shorter running time compared with the existingedge computing scheduling algorithms. The established task scheduling modelnot only saves 62.19% of system overhead consumption in comparison withlocal computing but also has great significance in protecting data security,reducing task processing delay, and reducing system cost.展开更多
By identifying and responding to any malicious behavior that could endanger the system,the Intrusion Detection System(IDS)is crucial for preserving the security of the Industrial Internet of Things(IIoT)network.The be...By identifying and responding to any malicious behavior that could endanger the system,the Intrusion Detection System(IDS)is crucial for preserving the security of the Industrial Internet of Things(IIoT)network.The benefit of anomaly-based IDS is that they are able to recognize zeroday attacks due to the fact that they do not rely on a signature database to identify abnormal activity.In order to improve control over datasets and the process,this study proposes using an automated machine learning(AutoML)technique to automate the machine learning processes for IDS.Our groundbreaking architecture,known as AID4I,makes use of automatic machine learning methods for intrusion detection.Through automation of preprocessing,feature selection,model selection,and hyperparameter tuning,the objective is to identify an appropriate machine learning model for intrusion detection.Experimental studies demonstrate that the AID4I framework successfully proposes a suitablemodel.The integrity,security,and confidentiality of data transmitted across the IIoT network can be ensured by automating machine learning processes in the IDS to enhance its capacity to identify and stop threatening activities.With a comprehensive solution that takes advantage of the latest advances in automated machine learning methods to improve network security,AID4I is a powerful and effective instrument for intrusion detection.In preprocessing module,three distinct imputation methods are utilized to handle missing data,ensuring the robustness of the intrusion detection system in the presence of incomplete information.Feature selection module adopts a hybrid approach that combines Shapley values and genetic algorithm.The Parameter Optimization module encompasses a diverse set of 14 classification methods,allowing for thorough exploration and optimization of the parameters associated with each algorithm.By carefully tuning these parameters,the framework enhances its adaptability and accuracy in identifying potential intrusions.Experimental results demonstrate that the AID4I framework can achieve high levels of accuracy in detecting network intrusions up to 14.39%on public datasets,outperforming traditional intrusion detection methods while concurrently reducing the elapsed time for training and testing.展开更多
Recently,the Internet of Things(IoT)has been used in various applications such as manufacturing,transportation,agriculture,and healthcare that can enhance efficiency and productivity via an intelligent management cons...Recently,the Internet of Things(IoT)has been used in various applications such as manufacturing,transportation,agriculture,and healthcare that can enhance efficiency and productivity via an intelligent management console remotely.With the increased use of Industrial IoT(IIoT)applications,the risk of brutal cyber-attacks also increased.This leads researchers worldwide to work on developing effective Intrusion Detection Systems(IDS)for IoT infrastructure against any malicious activities.Therefore,this paper provides effective IDS to detect and classify unpredicted and unpredictable severe attacks in contradiction to the IoT infrastructure.A comprehensive evaluation examined on a new available benchmark TON_IoT dataset is introduced.The data-driven IoT/IIoT dataset incorporates a label feature indicating classes of normal and attack-targeting IoT/IIoT applications.Correspondingly,this data involves IoT/IIoT services-based telemetry data that involves operating systems logs and IoT-based traffic networks collected from a realistic medium-scale IoT network.This is to classify and recognize the intrusion activity and provide the intrusion detection objectives in IoT environments in an efficient fashion.Therefore,several machine learning algorithms such as Logistic Regression(LR),Linear Discriminant Analysis(LDA),K-Nearest Neighbors(KNN),Gaussian Naive Bayes(NB),Classification and Regression Tree(CART),Random Forest(RF),and AdaBoost(AB)are used for the detection intent on thirteen different intrusion datasets.Several performance metrics like accuracy,precision,recall,and F1-score are used to estimate the proposed framework.The experimental results show that the CART surpasses the other algorithms with the highest accuracy values like 0.97,1.00,0.99,0.99,1.00,1.00,and 1.00 for effectively detecting the intrusion activities on the IoT/IIoT infrastructure on most of the employed datasets.In addition,the proposed work accomplishes high performance compared to other recent related works in terms of different security and detection evaluation parameters.展开更多
With the increased advancements of smart industries,cybersecurity has become a vital growth factor in the success of industrial transformation.The Industrial Internet of Things(IIoT)or Industry 4.0 has revolutionized ...With the increased advancements of smart industries,cybersecurity has become a vital growth factor in the success of industrial transformation.The Industrial Internet of Things(IIoT)or Industry 4.0 has revolutionized the concepts of manufacturing and production altogether.In industry 4.0,powerful IntrusionDetection Systems(IDS)play a significant role in ensuring network security.Though various intrusion detection techniques have been developed so far,it is challenging to protect the intricate data of networks.This is because conventional Machine Learning(ML)approaches are inadequate and insufficient to address the demands of dynamic IIoT networks.Further,the existing Deep Learning(DL)can be employed to identify anonymous intrusions.Therefore,the current study proposes a Hunger Games Search Optimization with Deep Learning-Driven Intrusion Detection(HGSODLID)model for the IIoT environment.The presented HGSODL-ID model exploits the linear normalization approach to transform the input data into a useful format.The HGSO algorithm is employed for Feature Selection(HGSO-FS)to reduce the curse of dimensionality.Moreover,Sparrow Search Optimization(SSO)is utilized with a Graph Convolutional Network(GCN)to classify and identify intrusions in the network.Finally,the SSO technique is exploited to fine-tune the hyper-parameters involved in the GCN model.The proposed HGSODL-ID model was experimentally validated using a benchmark dataset,and the results confirmed the superiority of the proposed HGSODL-ID method over recent approaches.展开更多
基金Scientific Research Project of Liaoning Province Education Department,Code:LJKQZ20222457&LJKMZ20220781Liaoning Province Nature Fund Project,Code:No.2022-MS-291.
文摘As industrialization and informatization becomemore deeply intertwined,industrial control networks have entered an era of intelligence.The connection between industrial control networks and the external internet is becoming increasingly close,which leads to frequent security accidents.This paper proposes a model for the industrial control network.It includes a malware containment strategy that integrates intrusion detection,quarantine,and monitoring.Basedonthismodel,the role of keynodes in the spreadofmalware is studied,a comparisonexperiment is conducted to validate the impact of the containment strategy.In addition,the dynamic behavior of the model is analyzed,the basic reproduction number is computed,and the disease-free and endemic equilibrium of the model is also obtained by the basic reproduction number.Moreover,through simulation experiments,the effectiveness of the containment strategy is validated,the influence of the relevant parameters is analyzed,and the containment strategy is optimized.In otherwords,selective immunity to key nodes can effectively suppress the spread ofmalware andmaintain the stability of industrial control systems.The earlier the immunization of key nodes,the better.Once the time exceeds the threshold,immunizing key nodes is almost ineffective.The analysis provides a better way to contain the malware in the industrial control network.
基金sponsored by the Autonomous Region Key R&D Task Special(2022B01008)the National Key R&D Program of China(SQ2022AAA010308-5).
文摘Network intrusion detection systems(NIDS)based on deep learning have continued to make significant advances.However,the following challenges remain:on the one hand,simply applying only Temporal Convolutional Networks(TCNs)can lead to models that ignore the impact of network traffic features at different scales on the detection performance.On the other hand,some intrusion detection methods considermulti-scale information of traffic data,but considering only forward network traffic information can lead to deficiencies in capturing multi-scale temporal features.To address both of these issues,we propose a hybrid Convolutional Neural Network that supports a multi-output strategy(BONUS)for industrial internet intrusion detection.First,we create a multiscale Temporal Convolutional Network by stacking TCN of different scales to capture the multiscale information of network traffic.Meanwhile,we propose a bi-directional structure and dynamically set the weights to fuse the forward and backward contextual information of network traffic at each scale to enhance the model’s performance in capturing the multi-scale temporal features of network traffic.In addition,we introduce a gated network for each of the two branches in the proposed method to assist the model in learning the feature representation of each branch.Extensive experiments reveal the effectiveness of the proposed approach on two publicly available traffic intrusion detection datasets named UNSW-NB15 and NSL-KDD with F1 score of 85.03% and 99.31%,respectively,which also validates the effectiveness of enhancing the model’s ability to capture multi-scale temporal features of traffic data on detection performance.
文摘Smart Industrial environments use the Industrial Internet of Things(IIoT)for their routine operations and transform their industrial operations with intelligent and driven approaches.However,IIoT devices are vulnerable to cyber threats and exploits due to their connectivity with the internet.Traditional signature-based IDS are effective in detecting known attacks,but they are unable to detect unknown emerging attacks.Therefore,there is the need for an IDS which can learn from data and detect new threats.Ensemble Machine Learning(ML)and individual Deep Learning(DL)based IDS have been developed,and these individual models achieved low accuracy;however,their performance can be improved with the ensemble stacking technique.In this paper,we have proposed a Deep Stacked Neural Network(DSNN)based IDS,which consists of two stacked Convolutional Neural Network(CNN)models as base learners and Extreme Gradient Boosting(XGB)as the meta learner.The proposed DSNN model was trained and evaluated with the next-generation dataset,TON_IoT.Several pre-processing techniques were applied to prepare a dataset for the model,including ensemble feature selection and the SMOTE technique.Accuracy,precision,recall,F1-score,and false positive rates were used to evaluate the performance of the proposed ensemble model.Our experimental results showed that the accuracy for binary classification is 99.61%,which is better than in the baseline individual DL and ML models.In addition,the model proposed for IDS has been compared with similar models.The proposed DSNN achieved better performance metrics than the other models.The proposed DSNN model will be used to develop enhanced IDS for threat mitigation in smart industrial environments.
基金This work was supported in part by the National Natural Science Foundation of China(Nos.62072074,62076054,62027827,62002047)the Sichuan Science and Technology Innovation Platform and Talent Plan(Nos.2020JDJQ0020,2022JDJQ0039)+2 种基金the Sichuan Science and Technology Support Plan(Nos.2020YFSY0010,2022YFQ0045,2022YFS0220,2023YFG0148,2021YFG0131)the YIBIN Science and Technology Support Plan(No.2021CG003)the Medico-Engineering Cooperation Funds from University of Electronic Science and Technology of China(Nos.ZYGX2021YGLH212,ZYGX2022YGRH012).
文摘With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.
基金supported by the National Natural Science Foundation of China(No.62171051)。
文摘With the proportion of intelligent services in the industrial internet of things(IIoT)rising rapidly,its data dependency and decomposability increase the difficulty of scheduling computing resources.In this paper,we propose an intelligent service computing framework.In the framework,we take the long-term rewards of its important participants,edge service providers,as the optimization goal,which is related to service delay and computing cost.Considering the different update frequencies of data deployment and service offloading,double-timescale reinforcement learning is utilized in the framework.In the small-scale strategy,the frequent concurrency of services and the difference in service time lead to the fuzzy relationship between reward and action.To solve the fuzzy reward problem,a reward mapping-based reinforcement learning(RMRL)algorithm is proposed,which enables the agent to learn the relationship between reward and action more clearly.The large time scale strategy adopts the improved Monte Carlo tree search(MCTS)algorithm to improve the learning speed.The simulation results show that the strategy is superior to popular reinforcement learning algorithms such as double Q-learning(DDQN)and dueling Q-learning(dueling-DQN)in learning speed,and the reward is also increased by 14%.
基金supported by the Natural Science Foundation of China (No.62171051)。
文摘Puncturing has been recognized as a promising technology to cope with the coexistence problem of enhanced mobile broadband(eMBB) and ultra-reliable low latency communications(URLLC)traffic. However, the steady performance of eMBB traffic while meeting the requirements of URLLC traffic with puncturing is a major challenge in some realistic scenarios. In this paper, we pay attention to the timely and energy-efficient processing for eMBB traffic in the industrial Internet of Things(IIoT), where mobile edge computing(MEC) is employed for data processing. Specifically, the performance of eMBB traffic and URLLC traffic in a MEC-based IIoT system is ensured by setting the threshold of tolerable delay and outage probability, respectively. Furthermore,considering the limited energy supply, an energy minimization problem of eMBB device is formulated under the above constraints, by jointly optimizing the resource blocks(RBs) punctured by URLLC traffic, data offloading and transmit power of eMBB device. With Markov's inequality, the problem is reformulated by transforming the probabilistic outage constraint into a deterministic constraint. Meanwhile, an iterative energy minimization algorithm(IEMA) is proposed.Simulation results demonstrate that our algorithm has a significant reduction in the energy consumption for eMBB device and achieves a better overall effect compared to several benchmarks.
文摘Due to mobile Internet technology's rapid popularization,the Industrial Internet of Things(IIoT)can be seen everywhere in our daily lives.While IIoT brings us much convenience,a series of security and scalability issues related to permission operations rise to the surface during device communications.Hence,at present,a reliable and dynamic access control management system for IIoT is in urgent need.Up till now,numerous access control architectures have been proposed for IIoT.However,owing to centralized models and heterogeneous devices,security and scalability requirements still cannot be met.In this paper,we offer a smart contract token-based solution for decentralized access control in IIoT systems.Specifically,there are three smart contracts in our system,including the Token Issue Contract(TIC),User Register Contract(URC),and Manage Contract(MC).These three contracts collaboratively supervise and manage various events in IIoT environments.We also utilize the lightweight and post-quantum encryption algorithm-Nth-degree Truncated Polynomial Ring Units(NTRU)to preserve user privacy during the registration process.Subsequently,to evaluate our proposed architecture's performance,we build a prototype platform that connects to the local blockchain.Finally,experiment results show that our scheme has achieved secure and dynamic access control for the IIoT system compared with related research.
基金The authors extend their appreciation to the Deanship of Scientific Research at King Khalid University for funding this work under grant number(RGP1/338/40)Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2022R237)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘Rapid increase in the large quantity of industrial data,Industry 4.0/5.0 poses several challenging issues such as heterogeneous data generation,data sensing and collection,real-time data processing,and high request arrival rates.The classical intrusion detection system(IDS)is not a practical solution to the Industry 4.0 environment owing to the resource limitations and complexity.To resolve these issues,this paper designs a new Chaotic Cuckoo Search Optimiza-tion Algorithm(CCSOA)with optimal wavelet kernel extreme learning machine(OWKELM)named CCSOA-OWKELM technique for IDS on the Industry 4.0 platform.The CCSOA-OWKELM technique focuses on the design of feature selection with classification approach to achieve minimum computation complex-ity and maximum detection accuracy.The CCSOA-OWKELM technique involves the design of CCSOA based feature selection technique,which incorpo-rates the concepts of chaotic maps with CSOA.Besides,the OWKELM technique is applied for the intrusion detection and classification process.In addition,the OWKELM technique is derived by the hyperparameter tuning of the WKELM technique by the use of sunflower optimization(SFO)algorithm.The utilization of CCSOA for feature subset selection and SFO algorithm based hyperparameter tuning leads to better performance.In order to guarantee the supreme performance of the CCSOA-OWKELM technique,a wide range of experiments take place on two benchmark datasets and the experimental outcomes demonstrate the promis-ing performance of the CCSOA-OWKELM technique over the recent state of art techniques.
基金This work was supported by the six talent peaks project in Jiangsu Province(No.XYDXX-012)Natural Science Foundation of China(No.62002045),China Postdoctoral Science Foundation(No.2021M690565)Fundamental Research Funds for the Cornell University(No.N2117002).
文摘The ongoing expansion of the Industrial Internet of Things(IIoT)is enabling the possibility of effective Industry 4.0,where massive sensing devices in heterogeneous environments are connected through dedicated communication protocols.This brings forth new methods and models to fuse the information yielded by the various industrial plant elements and generates emerging security challenges that we have to face,providing ad-hoc functions for scheduling and guaranteeing the network operations.Recently,the large development of SoftwareDefined Networking(SDN)and Artificial Intelligence(AI)technologies have made feasible the design and control of scalable and secure IIoT networks.This paper studies how AI and SDN technologies combined can be leveraged towards improving the security and functionality of these IIoT networks.After surveying the state-of-the-art research efforts in the subject,the paper introduces a candidate architecture for AI-enabled Software-Defined IIoT Network(AI-SDIN)that divides the traditional industrial networks into three functional layers.And with this aim in mind,key technologies(Blockchain-based Data Sharing,Intelligent Wireless Data Sensing,Edge Intelligence,Time-Sensitive Networks,Integrating SDN&TSN,Distributed AI)and improve applications based on AISDIN are also discussed.Further,the paper also highlights new opportunities and potential research challenges in control and automation of IIoT networks.
基金supported by ZTE Industry-Academia-Research Cooperation Funds under Grant No.2016ZTE04-08
文摘Fieldbus and industrial Ethernet standards can guide the specification andcoordinate bus optimization. The standards are the basis for the development of field-bus and industrial Ethernet. In this paper, we review complex standard systems allover the world. We discuss 18 fieldbus standards, including the International Electro-technical Commission(IEC) 61158, the IEC 61784 standard matched with IEC 61158,the controller and device interface standard IEC 62026 for low voltage distributionand control devices, and the International Organization for Standardization(ISO)11898 and ISO 11519 standards related to the controller area network(CAN) bus. Wealso introduce the standards of China, Europe, Japan and America. This paper pro-vides a reference to develop fieldbus and industrial Ethernet products for Chinese en-terprises.
文摘The evolution of the Internet of Things(IoT)has empowered modern industries with the capability to implement large-scale IoT ecosystems,such as the Industrial Internet of Things(IIoT).The IIoT is vulnerable to a diverse range of cyberattacks that can be exploited by intruders and cause substantial reputational andfinancial harm to organizations.To preserve the confidentiality,integrity,and availability of IIoT networks,an anomaly-based intrusion detection system(IDS)can be used to provide secure,reliable,and efficient IIoT ecosystems.In this paper,we propose an anomaly-based IDS for IIoT networks as an effective security solution to efficiently and effectively overcome several IIoT cyberattacks.The proposed anomaly-based IDS is divided into three phases:pre-processing,feature selection,and classification.In the pre-processing phase,data cleaning and nor-malization are performed.In the feature selection phase,the candidates’feature vectors are computed using two feature reduction techniques,minimum redun-dancy maximum relevance and neighborhood components analysis.For thefinal step,the modeling phase,the following classifiers are used to perform the classi-fication:support vector machine,decision tree,k-nearest neighbors,and linear discriminant analysis.The proposed work uses a new data-driven IIoT data set called X-IIoTID.The experimental evaluation demonstrates our proposed model achieved a high accuracy rate of 99.58%,a sensitivity rate of 99.59%,a specificity rate of 99.58%,and a low false positive rate of 0.4%.
文摘The present study explores an IEEE1588 Synchronizing System for smart distribution grid based on Industrial Ethernet. The paper first analyzes the communication system in distribution network and then proposed the project of time synchronizing system using IEEE1588 in distribution network. The study focuses on rational clock correcting time region segmentation, selecting the best clock source injection point and multiple redundant methods when correcting time method lose efficacy, etc. The precision of time synchronizing is better than that of 1 millisecond.
基金supported by theCommunication Soft Science Program of Ministry of Industry and Information Technology of China (No.2022-R-43)the Natural Science Basic Research Program of Shaanxi (No.2021JQ-719)Graduate Innovation Fund of Xi’an University of Posts and Telecommunications (No.CXJJZL2021014).
文摘Deploying task caching at edge servers has become an effectiveway to handle compute-intensive and latency-sensitive tasks on the industrialinternet. However, how to select the task scheduling location to reduce taskdelay and cost while ensuring the data security and reliable communicationof edge computing remains a challenge. To solve this problem, this paperestablishes a task scheduling model with joint blockchain and task cachingin the industrial internet and designs a novel blockchain-assisted cachingmechanism to enhance system security. In this paper, the task schedulingproblem, which couples the task scheduling decision, task caching decision,and blockchain reward, is formulated as the minimum weighted cost problemunder delay constraints. This is a mixed integer nonlinear problem, which isproved to be nonconvex and NP-hard. To solve the optimal solution, thispaper proposes a task scheduling strategy algorithm based on an improvedgenetic algorithm (IGA-TSPA) by improving the genetic algorithm initializationand mutation operations to reduce the size of the initial solutionspace and enhance the optimal solution convergence speed. In addition,an Improved Least Frequently Used algorithm is proposed to improve thecontent hit rate. Simulation results show that IGA-TSPA has a faster optimalsolution-solving ability and shorter running time compared with the existingedge computing scheduling algorithms. The established task scheduling modelnot only saves 62.19% of system overhead consumption in comparison withlocal computing but also has great significance in protecting data security,reducing task processing delay, and reducing system cost.
文摘By identifying and responding to any malicious behavior that could endanger the system,the Intrusion Detection System(IDS)is crucial for preserving the security of the Industrial Internet of Things(IIoT)network.The benefit of anomaly-based IDS is that they are able to recognize zeroday attacks due to the fact that they do not rely on a signature database to identify abnormal activity.In order to improve control over datasets and the process,this study proposes using an automated machine learning(AutoML)technique to automate the machine learning processes for IDS.Our groundbreaking architecture,known as AID4I,makes use of automatic machine learning methods for intrusion detection.Through automation of preprocessing,feature selection,model selection,and hyperparameter tuning,the objective is to identify an appropriate machine learning model for intrusion detection.Experimental studies demonstrate that the AID4I framework successfully proposes a suitablemodel.The integrity,security,and confidentiality of data transmitted across the IIoT network can be ensured by automating machine learning processes in the IDS to enhance its capacity to identify and stop threatening activities.With a comprehensive solution that takes advantage of the latest advances in automated machine learning methods to improve network security,AID4I is a powerful and effective instrument for intrusion detection.In preprocessing module,three distinct imputation methods are utilized to handle missing data,ensuring the robustness of the intrusion detection system in the presence of incomplete information.Feature selection module adopts a hybrid approach that combines Shapley values and genetic algorithm.The Parameter Optimization module encompasses a diverse set of 14 classification methods,allowing for thorough exploration and optimization of the parameters associated with each algorithm.By carefully tuning these parameters,the framework enhances its adaptability and accuracy in identifying potential intrusions.Experimental results demonstrate that the AID4I framework can achieve high levels of accuracy in detecting network intrusions up to 14.39%on public datasets,outperforming traditional intrusion detection methods while concurrently reducing the elapsed time for training and testing.
文摘Recently,the Internet of Things(IoT)has been used in various applications such as manufacturing,transportation,agriculture,and healthcare that can enhance efficiency and productivity via an intelligent management console remotely.With the increased use of Industrial IoT(IIoT)applications,the risk of brutal cyber-attacks also increased.This leads researchers worldwide to work on developing effective Intrusion Detection Systems(IDS)for IoT infrastructure against any malicious activities.Therefore,this paper provides effective IDS to detect and classify unpredicted and unpredictable severe attacks in contradiction to the IoT infrastructure.A comprehensive evaluation examined on a new available benchmark TON_IoT dataset is introduced.The data-driven IoT/IIoT dataset incorporates a label feature indicating classes of normal and attack-targeting IoT/IIoT applications.Correspondingly,this data involves IoT/IIoT services-based telemetry data that involves operating systems logs and IoT-based traffic networks collected from a realistic medium-scale IoT network.This is to classify and recognize the intrusion activity and provide the intrusion detection objectives in IoT environments in an efficient fashion.Therefore,several machine learning algorithms such as Logistic Regression(LR),Linear Discriminant Analysis(LDA),K-Nearest Neighbors(KNN),Gaussian Naive Bayes(NB),Classification and Regression Tree(CART),Random Forest(RF),and AdaBoost(AB)are used for the detection intent on thirteen different intrusion datasets.Several performance metrics like accuracy,precision,recall,and F1-score are used to estimate the proposed framework.The experimental results show that the CART surpasses the other algorithms with the highest accuracy values like 0.97,1.00,0.99,0.99,1.00,1.00,and 1.00 for effectively detecting the intrusion activities on the IoT/IIoT infrastructure on most of the employed datasets.In addition,the proposed work accomplishes high performance compared to other recent related works in terms of different security and detection evaluation parameters.
基金Princess Nourah bint Abdulrahman University Researchers Supporting Project Number(PNURSP2022R319)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.The authors would like to thank the Deanship of Scientific Research at Umm Al-Qura University for supporting this work by Grant Code:22UQU4340237DSR44The authors are thankful to the Deanship of Scientific Research at Najran University for funding thiswork under theResearch Groups Funding program Grant Code(NU/RG/SERC/11/4).
文摘With the increased advancements of smart industries,cybersecurity has become a vital growth factor in the success of industrial transformation.The Industrial Internet of Things(IIoT)or Industry 4.0 has revolutionized the concepts of manufacturing and production altogether.In industry 4.0,powerful IntrusionDetection Systems(IDS)play a significant role in ensuring network security.Though various intrusion detection techniques have been developed so far,it is challenging to protect the intricate data of networks.This is because conventional Machine Learning(ML)approaches are inadequate and insufficient to address the demands of dynamic IIoT networks.Further,the existing Deep Learning(DL)can be employed to identify anonymous intrusions.Therefore,the current study proposes a Hunger Games Search Optimization with Deep Learning-Driven Intrusion Detection(HGSODLID)model for the IIoT environment.The presented HGSODL-ID model exploits the linear normalization approach to transform the input data into a useful format.The HGSO algorithm is employed for Feature Selection(HGSO-FS)to reduce the curse of dimensionality.Moreover,Sparrow Search Optimization(SSO)is utilized with a Graph Convolutional Network(GCN)to classify and identify intrusions in the network.Finally,the SSO technique is exploited to fine-tune the hyper-parameters involved in the GCN model.The proposed HGSODL-ID model was experimentally validated using a benchmark dataset,and the results confirmed the superiority of the proposed HGSODL-ID method over recent approaches.
