Strengthening edge defense: A differential game-based edge intelligence strategy against APT attacks

In modern industrial settings, the Industrial Internet of Things (IIoT) serves as a backbone, connecting devices, sensors, and systems to enhance production efficiency and facilitate real-time data processing and decision-making. As the adoption of IIoT expands, edge nodes have emerged as critical components, functioning as hubs for data collection, transmission, and real-time response. However, their physical accessibility and limited computational resources render them susceptible to Advanced Persistent Threat (APT) attacks. This study proposes a defense mechanism specifically designed for edge nodes to effectively mitigate APT attacks, leveraging a combination of optimal control theory and intelligent edge game theory. First, we develop a system evolution model based on covert adversarial dynamics to accurately capture the complex interactions between attacks and defenses in real-world edge networks, thereby improving detection and response capabilities against emerging threats. Additionally, we propose an attack-defense model that integrates optimal control techniques and differential games, allowing the detection system to dynamically adapt its defense strategies while optimizing the trade-off between attack detection effectiveness and resource utilization efficiency. Finally, we implement a Nash strategy reinforcement learning mechanism based on multi-agent deep Q-networks to optimize edge game strategies and enhance attack detection performance. Experimental evaluations conducted on an ethanol distillation system testbed demonstrate the effectiveness, robustness, and computational efficiency of our defense approach compared to SG-LMM and DDQN-PV methodologies.