A hybrid intrusion detection approach based on message queuing telemetry transport (MQTT) protocol in industrial internet of things
参考中译:工业物联网中基于消息队列遥感传输(MQTT)协议的混合入侵检测方法


          

刊名:Transactions on Emerging Telecommunications Technologies
作者:Georg Thamer Francis(Department of Software Engineering, Faculty of Engineering, Halic University)
Alireza Souri(Department of Software Engineering, Faculty of Engineering, Halic University)
Nihat Inanc(Department of Electrical and Electronics Engineering, Faculty of Engineering, Halic University)
刊号:734C0047/I
出版年:2024
年卷期:2024, vol.35, no.9
页码:e5030-1--e5030-15
总页数:15
分类号:TN
语种:eng
文摘:The number of attacks against Industrial Internet of Things (IIoT) devices has increased over the past years, particularly on widely used communication protocols like Message Queuing Telemetry Transfer (MQTT). The fast increase in IIoT applications brings both critical challenges and technical gaps in cyberse-curity. On the other hand, traditional cyber-attack detection approaches scrap to address and support the run-time responsibilities of IIoT environments. This study presents a hybrid Genetic Algorithm and Random Forest (GA_RF) method for detecting cyber-attacks in Industrial Control Machines (ICS) that use MQTT protocol in the IIoT environment. This architecture integrates ICS with edge devices and cloud servers, using a GA_RF algorithm to detect anomalies in data collected by sensors. Normal data is processed locally and then sent to the cloud for storage and return, ensuring continuous monitoring and security. Also, the MQTT-IOT-IDS2020 dataset as a real test case was applied for prediction of the proposed GA_RF method with compare to some other powerful machine and deep learning models. The experimental results show that the proposed GA_RF method has an optimum accuracy of 99.87%-100% for detecting cyber-attacks. This hybrid algorithm also achieved 0-0.0015 in Mean Absolute Error (MAE) and 100% in Precision, Recall, and F-score factors. This result led to the proposed architecture, which connects the ICS to a server while running GA_RF on the IIoT environment. In conclusion, this study indicates the effectiveness of GA_RF and aims to improve security by using the MQTT protocol in IIoT.
参考中译:针对工业物联网(IIoT)设备的攻击数量在过去几年中有所增加,特别是针对广泛使用的通信协议,如消息队列遥测传输(MQTT)。IIoT应用的快速增长既带来了网络安全方面的关键挑战,也带来了技术差距。另一方面,传统的网络攻击检测方法无法解决和支持IIoT环境的运行时责任。针对IIoT环境下使用MQTT协议的工业控制机,提出了一种混合遗传算法和随机森林算法(GA_RF)检测网络攻击的方法。该架构将ICS与边缘设备和云服务器集成在一起,使用GA_RF算法来检测传感器收集的数据中的异常。正常数据在本地处理,然后发送到云上存储和返回,确保持续监控和安全。并用MQTT-IOT-IDS2020数据集作为真实测试用例对GA_RF方法进行了预测,并与其他一些强大的机器和深度学习模型进行了比较。实验结果表明,GA_RF方法检测网络攻击的最优准确率为99.87%~100%。该混合算法在平均绝对误差(MAE)和准确率、召回率和F-Score因子上也达到了0.0015-100%。这一结果导致了拟议的体系结构,该体系结构将ICS连接到服务器,同时在IIoT环境中运行GA_RF。总之,本研究表明了GA_RF协议的有效性,旨在通过在IIoT中使用MQTT协议来提高安全性。



国家科技图书文献中心  全球文献资源网  京ICP备05055788号-26  京公网安备11010202008970号  机械工业信息研究院 2018-2024