Autonomous Threat Response at the Edge Processing Level in the Industrial Internet of Things

Abstract

Industrial Internet of Things (IIoT) technology, as a subset of the Internet of Things (IoT) in the concept of Industry 4.0 and, in the future, 5.0, will face the challenge of streamlining the way huge amounts of data are processed by the modules that collect the data and those that analyse the data. Given the key features of these analytics, such as reducing the cost of building massive data centres and finding the most efficient way to process data flowing from hundreds of nodes simultaneously, intermediary devices are increasingly being used in this process. Fog and edge devices are hardware devices designed to pre-analyse terabytes of data in a stream and decide in realtime which data to send for final analysis, without having to send the data to a central processing unit in huge local data centres or to an expensive cloud. As the number of nodes sending data for analysis via collection and processing devices increases, so does the risk of data streams being intercepted. There is also an increased risk of attacks on this sensitive infrastructure. Maintaining the integrity of this infrastructure is important, and the ability to analyse all data is a resource that must be protected. The aim of this paper is to address the problem of autonomous threat detection and response at the interface of sensors, edge devices, cloud devices with historical data, and finally during the data collection process in data centres. Ultimately, we would like to present a machine learning algorithm with reinforcements adapted to detect threats and immediately isolate infected nests.