An evolutionary multi-hidden Markov model for intelligent threat sensing in industrial internet of things

Abstract

Threat problem has become more complex in the industrial environment due to the need to secure a large number of devices from attack while maintaining system reliability and real-time response to threats. In such scenario detection of threat in Industrial Internet of things (IIoT) devices becomes an important factor to avoid injection by malicious IIoT devices. The techniques based on the Hidden Markov Models (HMM) are probably the most popular in detecting threat of detection. However, HMM requires extensive training of the models and computational resources. Also, HMM has the drawback of convergence to a local optimum while using Baum–Welch algorithm for parameter estimation. In order to optimize the HMM parameters, global search techniques can be used. This work proposes Genetic algorithms (GA) for optimizing HMM parameters. The other difficulty in threat detection is the dynamic nature of the attack. Several new threats are emerging with many variants which are created from existing attacks, making threat modeling an arduous task. As a result, good features are critical to model traffic and provide an efficient way to detect known and possibly unknown attacks to detect. To achieve a better feature extraction from the network traffic, we propose a dynamic sliding window $$W$$ which has a width of $$w$$ . The proposed multiple-HMM performs well to detect threats. The simulation results are compared to the results obtained by the Baum–Welch algorithm based approach showing higher accuracy and convergences.