Industrial IoT intrusion attack detection based on composite attention-driven multi-layer pyramid features

Abstract

The Industrial Internet of Things (IIoT) extends and optimizes IoT technology for industrial environments, playing a crucial role in industrial production, equipment monitoring, and supply chain management. However, the increasing diversity of devices at the IIoT application layer exacerbates network complexity, rendering IIoT systems more susceptible to malicious attacks and severe security risks. To address these challenges, we focus on unresolved security issues in the IIoT application layer, including poor generalization ability across different domains in detection, insufficient granularity in local feature recognition, and suboptimal performance in identifying diverse attack patterns. In response, we propose a Composite Attention-Driven Multi-Layer Pyramid Feature-Based Intrusion Detection Model (BCSP), which leverages a composite attention pyramid structure with a multi-scale attention mechanism to enhance semantic feature representation across different scales. This design enables the model to prioritize contextual semantic information while effectively capturing real-time traffic attributes and session-related features. To validate its effectiveness, we conduct extensive experiments using well-established public cybersecurity datasets and real-world network environments, where BCSP achieves a test accuracy of over 98%. Experimental results indicate that BCSP consistently outperforms conventional machine learning and deep learning models, demonstrating its effectiveness in IIoT intrusion detection.