SACNN-IDS: A self-attention convolutional neural network for intrusion detection in industrial internet of things

Industrial Internet of Things (IIoT) is a pervasive network of interlinked smart devices that provide a variety of intelligent computing services in industrial environments. Several IIoT nodes operate confidential data (such as medical, transportation, military, etc.) which are reachable targets for hostile intruders due to their openness and varied structure. Intrusion Detection Systems (IDS) based on Machine Learning (ML) and Deep Learning (DL) techniques have got significant attention. However, existing ML and DL-based IDS still face a number of obstacles that must be overcome. For instance, the existing DL approaches necessitate a substantial quantity of data for effective performance, which is not feasible to run on low-power and low-memory devices. Imbalanced and fewer data potentially lead to low performance on existing IDS. This paper proposes a self-attention convolutional neural network (SACNN) architecture for the detection of malicious activity in IIoT networks and an appropriate feature extraction method to extract the most significant features. The proposed architecture has a self-attention layer to calculate the input attention and convolutional neural network (CNN) layers to process the assigned attention features for prediction. The performance evaluation of the proposed SACNN architecture has been done with the Edge-IIoTset and X-IIoTID datasets. These datasets encompassed the behaviours of contemporary IIoT communication protocols, the operations of state-of-the-art devices, various attack types, and diverse attack scenarios.