工业4.0中的网络威胁检测：利用BiLSTM中的GloVe和自关注机制增强入侵检测

IF 4 3区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computers & Electrical Engineering Pub Date : 2025-04-19 DOI:10.1016/j.compeleceng.2025.110368

Sai Srinivas Vellela , Roja D , NagaMalleswara Rao Purimetla , SyamsundaraRao Thalakola , Lakshma Reddy Vuyyuru , Ramesh Vatambeti

{"title":"工业4.0中的网络威胁检测：利用BiLSTM中的GloVe和自关注机制增强入侵检测","authors":"Sai Srinivas Vellela , Roja D , NagaMalleswara Rao Purimetla , SyamsundaraRao Thalakola , Lakshma Reddy Vuyyuru , Ramesh Vatambeti","doi":"10.1016/j.compeleceng.2025.110368","DOIUrl":null,"url":null,"abstract":"<div><div>In Industry 4.0, interconnected systems and real-time communication are vital for seamless operations but expose industrial networks to sophisticated cyber threats. Traditional intrusion detection systems often fail to address modern, evolving attacks. This paper presents a novel cyber threat detection approach using a Bidirectional Long Short-Term Memory (BiLSTM) model integrated with GloVe word embeddings and a self-attention mechanism. GloVe captures global co-occurrence relationships in network events, enhancing contextual representation and detection accuracy. To handle class imbalance, random oversampling balances attack category distributions, followed by Principal Component Analysis (PCA) for feature reduction. The model's parameters are fine-tuned using the Single Candidate Optimization Algorithm (SCOA) and Greylag Goose Optimization Algorithm (GLGOA), improving computational efficiency and detection performance. Evaluation on the CIC-IDS-2018 dataset demonstrates superior accuracy, precision, recall, and F1-score compared to state-of-the-art methods. The model effectively detects intrusions and prioritizes high-risk threats, strengthening cybersecurity in Industry 4.0 environments. This adaptable framework can be enhanced to address more complex attack patterns, ensuring robust protection for critical infrastructures.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"124 ","pages":"Article 110368"},"PeriodicalIF":4.0000,"publicationDate":"2025-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Cyber threat detection in industry 4.0: Leveraging GloVe and self-attention mechanisms in BiLSTM for enhanced intrusion detection\",\"authors\":\"Sai Srinivas Vellela , Roja D , NagaMalleswara Rao Purimetla , SyamsundaraRao Thalakola , Lakshma Reddy Vuyyuru , Ramesh Vatambeti\",\"doi\":\"10.1016/j.compeleceng.2025.110368\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>In Industry 4.0, interconnected systems and real-time communication are vital for seamless operations but expose industrial networks to sophisticated cyber threats. Traditional intrusion detection systems often fail to address modern, evolving attacks. This paper presents a novel cyber threat detection approach using a Bidirectional Long Short-Term Memory (BiLSTM) model integrated with GloVe word embeddings and a self-attention mechanism. GloVe captures global co-occurrence relationships in network events, enhancing contextual representation and detection accuracy. To handle class imbalance, random oversampling balances attack category distributions, followed by Principal Component Analysis (PCA) for feature reduction. The model's parameters are fine-tuned using the Single Candidate Optimization Algorithm (SCOA) and Greylag Goose Optimization Algorithm (GLGOA), improving computational efficiency and detection performance. Evaluation on the CIC-IDS-2018 dataset demonstrates superior accuracy, precision, recall, and F1-score compared to state-of-the-art methods. The model effectively detects intrusions and prioritizes high-risk threats, strengthening cybersecurity in Industry 4.0 environments. This adaptable framework can be enhanced to address more complex attack patterns, ensuring robust protection for critical infrastructures.</div></div>\",\"PeriodicalId\":50630,\"journal\":{\"name\":\"Computers & Electrical Engineering\",\"volume\":\"124 \",\"pages\":\"Article 110368\"},\"PeriodicalIF\":4.0000,\"publicationDate\":\"2025-04-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Electrical Engineering\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0045790625003118\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Electrical Engineering","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0045790625003118","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

摘要

在工业4.0中，互联系统和实时通信对于无缝运营至关重要，但也使工业网络面临复杂的网络威胁。传统的入侵检测系统往往无法应对现代不断发展的攻击。本文提出了一种基于双向长短期记忆（BiLSTM）模型的网络威胁检测方法，该模型结合了GloVe词嵌入和自注意机制。GloVe捕获网络事件中的全局共现关系，增强上下文表示和检测准确性。为了处理类失衡，随机过采样平衡攻击类别分布，然后使用主成分分析（PCA）进行特征约简。采用单候选优化算法（Single Candidate Optimization Algorithm， SCOA）和灰雁优化算法（Greylag Goose Optimization Algorithm， GLGOA）对模型参数进行微调，提高了计算效率和检测性能。对CIC-IDS-2018数据集的评估表明，与最先进的方法相比，该方法具有更高的准确性、精密度、召回率和f1分。该模型有效地检测入侵并优先处理高风险威胁，加强了工业4.0环境下的网络安全。可以对这个适应性强的框架进行增强，以处理更复杂的攻击模式，从而确保对关键基础设施的强大保护。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Cyber threat detection in industry 4.0: Leveraging GloVe and self-attention mechanisms in BiLSTM for enhanced intrusion detection

In Industry 4.0, interconnected systems and real-time communication are vital for seamless operations but expose industrial networks to sophisticated cyber threats. Traditional intrusion detection systems often fail to address modern, evolving attacks. This paper presents a novel cyber threat detection approach using a Bidirectional Long Short-Term Memory (BiLSTM) model integrated with GloVe word embeddings and a self-attention mechanism. GloVe captures global co-occurrence relationships in network events, enhancing contextual representation and detection accuracy. To handle class imbalance, random oversampling balances attack category distributions, followed by Principal Component Analysis (PCA) for feature reduction. The model's parameters are fine-tuned using the Single Candidate Optimization Algorithm (SCOA) and Greylag Goose Optimization Algorithm (GLGOA), improving computational efficiency and detection performance. Evaluation on the CIC-IDS-2018 dataset demonstrates superior accuracy, precision, recall, and F1-score compared to state-of-the-art methods. The model effectively detects intrusions and prioritizes high-risk threats, strengthening cybersecurity in Industry 4.0 environments. This adaptable framework can be enhanced to address more complex attack patterns, ensuring robust protection for critical infrastructures.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Computers & Electrical Engineering 工程技术-工程：电子与电气

CiteScore

9.20

自引率

7.00%

发文量

661

审稿时长

47 days

期刊介绍： The impact of computers has nowhere been more revolutionary than in electrical engineering. The design, analysis, and operation of electrical and electronic systems are now dominated by computers, a transformation that has been motivated by the natural ease of interface between computers and electrical systems, and the promise of spectacular improvements in speed and efficiency. Published since 1973, Computers & Electrical Engineering provides rapid publication of topical research into the integration of computer technology and computational techniques with electrical and electronic systems. The journal publishes papers featuring novel implementations of computers and computational techniques in areas like signal and image processing, high-performance computing, parallel processing, and communications. Special attention will be paid to papers describing innovative architectures, algorithms, and software tools.