Mimonah Al Qathrady, Safi Ullah, Mohammed S. Alshehri, Jawad Ahmad, Sultan Almakdi, Samar M. Alqhtani, Muazzam A. Khan, Baraq Ghaleb
{"title":"SACNN-IDS:用于工业物联网入侵检测的自关注卷积神经网络","authors":"Mimonah Al Qathrady, Safi Ullah, Mohammed S. Alshehri, Jawad Ahmad, Sultan Almakdi, Samar M. Alqhtani, Muazzam A. Khan, Baraq Ghaleb","doi":"10.1049/cit2.12352","DOIUrl":null,"url":null,"abstract":"<p>Industrial Internet of Things (IIoT) is a pervasive network of interlinked smart devices that provide a variety of intelligent computing services in industrial environments. Several IIoT nodes operate confidential data (such as medical, transportation, military, etc.) which are reachable targets for hostile intruders due to their openness and varied structure. Intrusion Detection Systems (IDS) based on Machine Learning (ML) and Deep Learning (DL) techniques have got significant attention. However, existing ML and DL-based IDS still face a number of obstacles that must be overcome. For instance, the existing DL approaches necessitate a substantial quantity of data for effective performance, which is not feasible to run on low-power and low-memory devices. Imbalanced and fewer data potentially lead to low performance on existing IDS. This paper proposes a self-attention convolutional neural network (SACNN) architecture for the detection of malicious activity in IIoT networks and an appropriate feature extraction method to extract the most significant features. The proposed architecture has a self-attention layer to calculate the input attention and convolutional neural network (CNN) layers to process the assigned attention features for prediction. The performance evaluation of the proposed SACNN architecture has been done with the Edge-IIoTset and X-IIoTID datasets. These datasets encompassed the behaviours of contemporary IIoT communication protocols, the operations of state-of-the-art devices, various attack types, and diverse attack scenarios.</p>","PeriodicalId":46211,"journal":{"name":"CAAI Transactions on Intelligence Technology","volume":"9 6","pages":"1398-1411"},"PeriodicalIF":8.4000,"publicationDate":"2024-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cit2.12352","citationCount":"0","resultStr":"{\"title\":\"SACNN-IDS: A self-attention convolutional neural network for intrusion detection in industrial internet of things\",\"authors\":\"Mimonah Al Qathrady, Safi Ullah, Mohammed S. Alshehri, Jawad Ahmad, Sultan Almakdi, Samar M. Alqhtani, Muazzam A. Khan, Baraq Ghaleb\",\"doi\":\"10.1049/cit2.12352\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Industrial Internet of Things (IIoT) is a pervasive network of interlinked smart devices that provide a variety of intelligent computing services in industrial environments. Several IIoT nodes operate confidential data (such as medical, transportation, military, etc.) which are reachable targets for hostile intruders due to their openness and varied structure. Intrusion Detection Systems (IDS) based on Machine Learning (ML) and Deep Learning (DL) techniques have got significant attention. However, existing ML and DL-based IDS still face a number of obstacles that must be overcome. For instance, the existing DL approaches necessitate a substantial quantity of data for effective performance, which is not feasible to run on low-power and low-memory devices. Imbalanced and fewer data potentially lead to low performance on existing IDS. This paper proposes a self-attention convolutional neural network (SACNN) architecture for the detection of malicious activity in IIoT networks and an appropriate feature extraction method to extract the most significant features. The proposed architecture has a self-attention layer to calculate the input attention and convolutional neural network (CNN) layers to process the assigned attention features for prediction. The performance evaluation of the proposed SACNN architecture has been done with the Edge-IIoTset and X-IIoTID datasets. These datasets encompassed the behaviours of contemporary IIoT communication protocols, the operations of state-of-the-art devices, various attack types, and diverse attack scenarios.</p>\",\"PeriodicalId\":46211,\"journal\":{\"name\":\"CAAI Transactions on Intelligence Technology\",\"volume\":\"9 6\",\"pages\":\"1398-1411\"},\"PeriodicalIF\":8.4000,\"publicationDate\":\"2024-06-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cit2.12352\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"CAAI Transactions on Intelligence Technology\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1049/cit2.12352\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"CAAI Transactions on Intelligence Technology","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/cit2.12352","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
SACNN-IDS: A self-attention convolutional neural network for intrusion detection in industrial internet of things
Industrial Internet of Things (IIoT) is a pervasive network of interlinked smart devices that provide a variety of intelligent computing services in industrial environments. Several IIoT nodes operate confidential data (such as medical, transportation, military, etc.) which are reachable targets for hostile intruders due to their openness and varied structure. Intrusion Detection Systems (IDS) based on Machine Learning (ML) and Deep Learning (DL) techniques have got significant attention. However, existing ML and DL-based IDS still face a number of obstacles that must be overcome. For instance, the existing DL approaches necessitate a substantial quantity of data for effective performance, which is not feasible to run on low-power and low-memory devices. Imbalanced and fewer data potentially lead to low performance on existing IDS. This paper proposes a self-attention convolutional neural network (SACNN) architecture for the detection of malicious activity in IIoT networks and an appropriate feature extraction method to extract the most significant features. The proposed architecture has a self-attention layer to calculate the input attention and convolutional neural network (CNN) layers to process the assigned attention features for prediction. The performance evaluation of the proposed SACNN architecture has been done with the Edge-IIoTset and X-IIoTID datasets. These datasets encompassed the behaviours of contemporary IIoT communication protocols, the operations of state-of-the-art devices, various attack types, and diverse attack scenarios.
期刊介绍:
CAAI Transactions on Intelligence Technology is a leading venue for original research on the theoretical and experimental aspects of artificial intelligence technology. We are a fully open access journal co-published by the Institution of Engineering and Technology (IET) and the Chinese Association for Artificial Intelligence (CAAI) providing research which is openly accessible to read and share worldwide.