Abstract
Nowadays, in the industrial Internet of things, address resolution protocol attacks are still rampant. Recently, the idea of applying the software-defined networking paradigm to industrial Internet of things is proposed by many scholars since this paradigm has the advantages of flexible deployment of intelligent algorithms and global coordination capabilities. These advantages prompt us to propose a multi-factor integration-based semi-supervised learning address resolution protocol detection method deployed in software-defined networking, called MIS, to specially solve the problems of limited labeled training data and incomplete features extraction in the traditional address resolution protocol detection methods. In MIS method, we design a multi-factor integration-based feature extraction method and propose a semi-supervised learning framework with differential priority sampling. MIS considers the address resolution protocol attack features from different aspects to help the model make correct judgment. Meanwhile, the differential priority sampling enables the base learner in self-training to learn efficiently from the unlabeled samples with differences. We conduct experiments based on a real data set collected from a deepwater port and a simulated data set. The experiments show that MIS can achieve good performance in detecting address resolution protocol attacks with F1-measure, accuracy, and area under the curve of 97.28%, 99.41%, and 98.36% on average. Meanwhile, compared with fully supervised learning and other popular address resolution protocol detection methods, MIS also shows the best performance.
Highlights
The industrial Internet of things (IIoT) is widely used in manufacturing, transportation, aerospace, and other industrial fields.[1]
The experiments show that multi-factor integration-based semi-supervised learning (MIS) can achieve good performance in detecting address resolution protocol (ARP) attacks with F1-measure, accuracy, and AUC of 97.28%, 99.41%, and 98.36% on average
We introduce the design of a multi-factor integration-based semi-supervised learning (MIS) for ARP attack detection in software-defined industrial Internet of Things (SDIIoT)
Summary
The industrial Internet of things (IIoT) is widely used in manufacturing, transportation, aerospace, and other industrial fields.[1]. The above machine learning–based methods have the following problems: (1) The features are extracted from only one aspect limitedly, without observing the ARP attacks from various perspectives in the network This brings about the low detection accuracy. We design a multi-factor integration-based semi-supervised learning method, called MIS, to solve the ARP attack problem specially for SDIIoT. This method can solve the above two issues in the traditional machine learning–based ARP attack detection studies. For the problem of limited labeled samples, in MIS, we propose a differential priority sampling–based semi-supervised learning framework for ARP attack detection In this framework, the differential priority sampling in self-training can improve the training efficiency by getting more information from different samples. Compared with fully supervised learning and other popular ARP detection methods, MIS shows the best performance
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Distributed Sensor Networks
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
