{"title":"Dissemination control in dynamic data clustering for dense IIoT against false data injection attack","authors":"Carlos Pedroso, Aldri Santos","doi":"10.1002/nem.2201","DOIUrl":null,"url":null,"abstract":"<div>\n \n <p>The Internet of Things (IoT) has made possible the development of increasingly driven services, like industrial Industrial Internet of Things (IIoT) services, that often deal with massive amounts of data. Meantime, as IIoT networks grow, the threats are even greater, and false data injection (FDI) attacks stand out as being one of the most aggressive. The majority of current solutions to handle this attack do not take into account the data validation, especially on the data clustering service. Aiming to advance on the issue, this work introduces <i><b>CON</b></i>sensus Based Data <i><b>FI</b></i><i>lteri</i><i><b>N</b></i>g for I<i><b>I</b></i>o<i><b>T</b></i> (CONFINIT), an intrusion detection system for mitigating FDI attacks on the data dissemination service performing in dense IIoT networks. CONFINIT combines watchdog surveillance and collaborative consensus strategies for assertively excluding various FDI attacks. The simulations showed that CONFINIT compared with Dynamic Data-aware Firefly-based Clustering (DDFC) increased by up to 35%–40% the number of clusters without attackers in a gas pressure IIoT environment. CONFINIT achieved attack detection rates (DRs) of 99%, accuracy of 90, and F1 score of 0.81 in multiple IIoT scenarios, with only up to 3.2% and 3.6% of false negatives and positives rates, respectively. Moreover, under two variants of FDI attacks, called Churn and Sensitive attacks, CONFINIT achieved DRs of 100%, accuracy of 99, and F1 of 0.93 with less than 2% of false positives and negatives rates.</p>\n </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"32 5","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2022-05-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Network Management","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/nem.2201","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 3
Abstract
The Internet of Things (IoT) has made possible the development of increasingly driven services, like industrial Industrial Internet of Things (IIoT) services, that often deal with massive amounts of data. Meantime, as IIoT networks grow, the threats are even greater, and false data injection (FDI) attacks stand out as being one of the most aggressive. The majority of current solutions to handle this attack do not take into account the data validation, especially on the data clustering service. Aiming to advance on the issue, this work introduces CONsensus Based Data FIlteriNg for IIoT (CONFINIT), an intrusion detection system for mitigating FDI attacks on the data dissemination service performing in dense IIoT networks. CONFINIT combines watchdog surveillance and collaborative consensus strategies for assertively excluding various FDI attacks. The simulations showed that CONFINIT compared with Dynamic Data-aware Firefly-based Clustering (DDFC) increased by up to 35%–40% the number of clusters without attackers in a gas pressure IIoT environment. CONFINIT achieved attack detection rates (DRs) of 99%, accuracy of 90, and F1 score of 0.81 in multiple IIoT scenarios, with only up to 3.2% and 3.6% of false negatives and positives rates, respectively. Moreover, under two variants of FDI attacks, called Churn and Sensitive attacks, CONFINIT achieved DRs of 100%, accuracy of 99, and F1 of 0.93 with less than 2% of false positives and negatives rates.
期刊介绍:
Modern computer networks and communication systems are increasing in size, scope, and heterogeneity. The promise of a single end-to-end technology has not been realized and likely never will occur. The decreasing cost of bandwidth is increasing the possible applications of computer networks and communication systems to entirely new domains. Problems in integrating heterogeneous wired and wireless technologies, ensuring security and quality of service, and reliably operating large-scale systems including the inclusion of cloud computing have all emerged as important topics. The one constant is the need for network management. Challenges in network management have never been greater than they are today. The International Journal of Network Management is the forum for researchers, developers, and practitioners in network management to present their work to an international audience. The journal is dedicated to the dissemination of information, which will enable improved management, operation, and maintenance of computer networks and communication systems. The journal is peer reviewed and publishes original papers (both theoretical and experimental) by leading researchers, practitioners, and consultants from universities, research laboratories, and companies around the world. Issues with thematic or guest-edited special topics typically occur several times per year. Topic areas for the journal are largely defined by the taxonomy for network and service management developed by IFIP WG6.6, together with IEEE-CNOM, the IRTF-NMRG and the Emanics Network of Excellence.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
