Design of a federated ensemble model for intrusion detection in distributed IIoT networks for enhancing cybersecurity

Abstract

Automation has become possible by the reliance of Industry 4.0 on the Internet of Things (IoT) ecosystem. IIoT brings the next phase of digital transformation, which is defined by the convergence of the Industrial Internet of Things (IIoT) and Artificial Intelligence (AI). Industrial Internet of Things (IIoT) contributes in expansion of IoT network where large-scale data is generated continuously. Due to several security vulnerabilities in industrial information security management systems, the data can be breached by malicious attackers. Federated Learning is the best solution to address the challenge of heterogeneity and geographical locations in IIoT. This study proposes IIoT-IDFE (IIoT- Intrusion Detection Federated Ensemble) model for intrusion detection in heterogeneous IIoT environment. IIoT_IDFE model detects unwanted intrusions in two stages. In the first stage, local IIoT client devices use the Shared Local Ensemble (SLE) model to detect intrusion. In the second stage, instead of sharing actual data, the ensemble model is shared with a central federated server using the Broadcast Global Ensemble (BDE) model. By combining the advantages of ensemble and federated learning techniques, the proposed model guarantees a thorough approach to produce reliable aggregated predictions at the global scale. This allows IoT devices to maintain their privacy while improving the model's efficiency. Freely accessible industrial datasets i.e. "Edge-IIoTset" and “ToN-IoT” are used to implement the proposed intrusion detection method. Performance evaluation metrics, namely, accuracy, precision, recall, and f1-score are used to validate the performance and efficacy of the proposed IIoT-IDFE model. The performance evaluation with 99.99% to 100% accuracy confirms that the proposed model outperforms the state-of-art techniques.