Enhancing IIoT networks protection: A robust security model for attack detection in Internet Industrial Control Systems

Abstract

Industrial Internet of Things (IIoT) networks involves heterogeneous technological and manufacturing services and devices. The communication and data exchange characteristics of IIoT systems and their associated networks make them susceptible to cyberattacks. Delivering IIoT systems with vigorous safety and speedy attack discovery is therefore vital. Intrusion detection systems (IDS) have been widely employed to detect cyber-attack events from Internet Industrial Control Systems (IICS) and their networks. Most recently, various attacks, such as flame, duqu and seismic attacks, against IICS setups have prompted excessive damage to nuclear and critical infrastructures in numerous countries. The existing intrusion detection methods generally lack sufficient generalization, misclassification errors and have high false alarm rates. To this end, this paper presents a deep-autoencoder based IDS to distinguish malicious actions from IIoT driven IICS networks in real-time. The proposed model is based on LSTM auto-encoder design to identify invasive events from the IICS networks. The experimental results of proposed IDS on two benchmark datasets, that is, the gas pipeline and UNSWNB-15 datasets demonstrates the superiority of proposed model as compared to other compelling ones by achieving accuracy rate of 97.95% and 97.62% for gas pipeline data and UNSW-NB15 dataset respectively.