A novel intrusion detection framework for industrial IoT: GCN-GRU architecture optimized with ant colony optimization

IF 4 3区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computers & Electrical Engineering Pub Date : 2025-06-21 DOI:10.1016/j.compeleceng.2025.110541

Mahdi Mir , Mohammad Trik

{"title":"A novel intrusion detection framework for industrial IoT: GCN-GRU architecture optimized with ant colony optimization","authors":"Mahdi Mir , Mohammad Trik","doi":"10.1016/j.compeleceng.2025.110541","DOIUrl":null,"url":null,"abstract":"<div><div>The swift proliferation of IIoT ecosystems has highlighted the essential requirement for effective Intrusion Detection System (IDS) to protect crucial infrastructures. This research presents a novel hybrid IDS that combines Graph Convolutional Networks (GCN) with Gated Recurrent Units (GRU), optimized by the Ant Colony Optimization (ACO) method, a bio-inspired meta-heuristic based on ant foraging behavior. This method automates hyperparameter adjustment, overcoming the constraints of conventional human optimization techniques. The proposed system utilizes GCN for structural feature extraction and GRU for sequential pattern analysis, facilitating thorough anomaly detection in IIoT traffic. The ACO-optimized IDS surpasses traditional optimization methods, including Genetic Algorithms, by attaining quicker convergence and enhanced performance metrics. Notwithstanding its effectiveness, the computational burden of the optimization approach necessitates additional enhancement. Experimental assessments of the EDGE-IIOTSET, CICAPT-IIoT, and WUSTL-IIoT datasets reveal detection accuracies of 97 % for the majority of attack scenarios, alongside improved scalability and diminished processing requirements. This study emphasizes the capability of integrating sophisticated neural architectures with nature-inspired optimization to enhance Industrial Internet of Things (IIoT) security against advancing cyber threats.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"126 ","pages":"Article 110541"},"PeriodicalIF":4.0000,"publicationDate":"2025-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Electrical Engineering","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0045790625004847","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

The swift proliferation of IIoT ecosystems has highlighted the essential requirement for effective Intrusion Detection System (IDS) to protect crucial infrastructures. This research presents a novel hybrid IDS that combines Graph Convolutional Networks (GCN) with Gated Recurrent Units (GRU), optimized by the Ant Colony Optimization (ACO) method, a bio-inspired meta-heuristic based on ant foraging behavior. This method automates hyperparameter adjustment, overcoming the constraints of conventional human optimization techniques. The proposed system utilizes GCN for structural feature extraction and GRU for sequential pattern analysis, facilitating thorough anomaly detection in IIoT traffic. The ACO-optimized IDS surpasses traditional optimization methods, including Genetic Algorithms, by attaining quicker convergence and enhanced performance metrics. Notwithstanding its effectiveness, the computational burden of the optimization approach necessitates additional enhancement. Experimental assessments of the EDGE-IIOTSET, CICAPT-IIoT, and WUSTL-IIoT datasets reveal detection accuracies of 97 % for the majority of attack scenarios, alongside improved scalability and diminished processing requirements. This study emphasizes the capability of integrating sophisticated neural architectures with nature-inspired optimization to enhance Industrial Internet of Things (IIoT) security against advancing cyber threats.

查看原文本刊更多论文

一种新的工业物联网入侵检测框架：基于蚁群优化的GCN-GRU架构

工业物联网生态系统的迅速扩散凸显了对有效入侵检测系统（IDS）的基本要求，以保护关键基础设施。本文提出了一种结合图卷积网络（GCN）和门控循环单元（GRU）的新型混合入侵检测系统，并采用基于蚂蚁觅食行为的生物启发元启发式蚁群优化（ACO）方法进行优化。该方法克服了传统人工优化技术的局限性，实现了超参数调整的自动化。该系统利用GCN进行结构特征提取，GRU进行序列模式分析，便于在工业物联网流量中进行彻底的异常检测。通过实现更快的收敛和增强的性能指标，aco优化的IDS超越了传统的优化方法，包括遗传算法。尽管它的有效性，计算负担的优化方法需要额外的增强。EDGE-IIOTSET、CICAPT-IIoT和WUSTL-IIoT数据集的实验评估显示，在大多数攻击场景中，检测准确率达到97%，同时可扩展性得到改善，处理要求降低。该研究强调了将复杂的神经架构与自然优化相结合的能力，以增强工业物联网（IIoT）的安全性，以应对不断发展的网络威胁。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Electrical Engineering 工程技术-工程：电子与电气

CiteScore

9.20

自引率

7.00%

发文量

661

审稿时长

47 days

期刊介绍： The impact of computers has nowhere been more revolutionary than in electrical engineering. The design, analysis, and operation of electrical and electronic systems are now dominated by computers, a transformation that has been motivated by the natural ease of interface between computers and electrical systems, and the promise of spectacular improvements in speed and efficiency. Published since 1973, Computers & Electrical Engineering provides rapid publication of topical research into the integration of computer technology and computational techniques with electrical and electronic systems. The journal publishes papers featuring novel implementations of computers and computational techniques in areas like signal and image processing, high-performance computing, parallel processing, and communications. Special attention will be paid to papers describing innovative architectures, algorithms, and software tools.