Accurate threat hunting in industrial internet of things edge devices

Accurate threat hunting in industrial internet of things edge devices

Industrial Internet of Things (IIoT) systems depend on a growing number of edge devices such as sensors, controllers, and robots for data collection, transmission, storage, and processing. Any kind of malicious or abnormal function by each of these devices can jeopardize the security of the entire I...

Full description

Bibliographic Details
Main Authors: Abbas Yazdinejad, Behrouz Zolfaghari, Ali Dehghantanha, Hadis Karimipour, Gautam Srivastava, Reza M. Parizi
Format: Article
Language:English
Published: KeAi Communications Co., Ltd. 2023-10-01
Series:Digital Communications and Networks
Subjects:
IIoT
Threat hunting
Edge devices
Multi-class anomalies
Ensemble methods
Online Access:http://www.sciencedirect.com/science/article/pii/S2352864822001857
Description
Summary:Industrial Internet of Things (IIoT) systems depend on a growing number of edge devices such as sensors, controllers, and robots for data collection, transmission, storage, and processing. Any kind of malicious or abnormal function by each of these devices can jeopardize the security of the entire IIoT. Moreover, they can allow malicious software installed on end nodes to penetrate the network. This paper presents a parallel ensemble model for threat hunting based on anomalies in the behavior of IIoT edge devices. The proposed model is flexible enough to use several state-of-the-art classifiers as the basic learner and efficiently classifies multi-class anomalies using the Multi-class AdaBoost and majority voting. Experimental evaluations using a dataset consisting of multi-source normal records and multi-class anomalies demonstrate that our model outperforms existing approaches in terms of accuracy, F1 score, recall, and precision.
ISSN:2352-8648

Similar Items