Under the current background of an information society,the digital transformation of enterprises has become a necessary means to enhance the competitiveness of enterprises.This article is based on the industrial Inter...Under the current background of an information society,the digital transformation of enterprises has become a necessary means to enhance the competitiveness of enterprises.This article is based on the industrial Internet platform,the digital planning and architecture of enterprises research.First,we analyze the current challenges of digital transformation and the development opportunities brought by the industrial Internet.Then,we propose a digital planning method based on the industrial Internet platform,which takes the full connectivity of people,machine and things and intelligent decision making as the core,takes data collection,processing,analysis and application as the main line,and finally forms the top-level design of the digital transformation of enterprises.At the same time,we also built an industrial Internet platform architecture model,including the previous end perception layer,network transmission layer,platform service layer,and application innovation layer for four levels,to support enterprises in innovative applications and decision support under the industrial Internet environment.Research shows that this kind of enterprise digital planning and architecture based on an industrial Internet platform can effectively promote enterprises to achieve business model innovation,system innovation,and strengthen the flexibility and agility of enterprises to respond to market changes.The results of this research not only have important theoretical and practical significance for guiding enterprises to carry out digital planning and build an industrial Internet platform,but also provide useful reference for relevant policy formulation.展开更多
With the introduction of 5G,users and devices can access the industrial network from anywhere in the world.Therefore,traditional perimeter-based security technologies for industrial networks can no longer work well.To...With the introduction of 5G,users and devices can access the industrial network from anywhere in the world.Therefore,traditional perimeter-based security technologies for industrial networks can no longer work well.To solve this problem,a new security model called Zero Trust(ZT)is desired,which believes in“never trust and always verify”.Every time the asset in the industrial network is accessed,the subject is authenticated and its trustworthiness is assessed.In this way,the asset in industrial network can be well protected,whether the subject is in the internal network or the external network.However,in order to construct the zero trust model in the 5G Industrial Internet collaboration system,there are still many problems to be solved.In this paper,we first introduce the security issues in the 5G Industrial Internet collaboration system,and illustrate the zero trust architecture.Then,we analyze the gap between existing security techniques and the zero trust architecture.Finally,we discuss several potential security techniques that can be used to implement the zero trust model.The purpose of this paper is to point out the further direction for the realization of the Zero Trust Architecture(ZTA)in the 5G Industrial Internet collaboration system.展开更多
With the rapid development of the industrial Internet,the network security environment has become increasingly complex and variable.Intrusion detection,a core technology for ensuring the security of industrial control...With the rapid development of the industrial Internet,the network security environment has become increasingly complex and variable.Intrusion detection,a core technology for ensuring the security of industrial control systems,faces the challenge of unbalanced data samples,particularly the low detection rates for minority class attack samples.Therefore,this paper proposes a data enhancement method for intrusion detection in the industrial Internet based on a Self-Attention Wasserstein Generative Adversarial Network(SA-WGAN)to address the low detection rates of minority class attack samples in unbalanced intrusion detection scenarios.The proposed method integrates a selfattention mechanism with a Wasserstein Generative Adversarial Network(WGAN).The self-attention mechanism automatically learns important features from the input data and assigns different weights to emphasize the key features related to intrusion behaviors,providing strong guidance for subsequent data generation.The WGAN generates new data samples through adversarial training to expand the original dataset.In the SA-WGAN framework,the WGAN directs the data generation process based on the key features extracted by the self-attention mechanism,ensuring that the generated samples exhibit both diversity and similarity to real data.Experimental results demonstrate that the SA-WGAN-based data enhancement method significantly improves detection performance for attack samples from minority classes,addresses issues of insufficient data and category imbalance,and enhances the generalization ability and overall performance of the intrusion detection model.展开更多
The industrial Internet of Things(IoT)is a trend of factory development and a basic condition of intelligent factory.It is very important to ensure the security of data transmission in industrial IoT.Applying a new ch...The industrial Internet of Things(IoT)is a trend of factory development and a basic condition of intelligent factory.It is very important to ensure the security of data transmission in industrial IoT.Applying a new chaotic secure communication scheme to address the security problem of data transmission is the main contribution of this paper.The scheme is proposed and studied based on the synchronization of different-structure fractional-order chaotic systems with different order.The Lyapunov stability theory is used to prove the synchronization between the fractional-order drive system and the response system.The encryption and decryption process of the main data signals is implemented by using the n-shift encryption principle.We calculate and analyze the key space of the scheme.Numerical simulations are introduced to show the effectiveness of theoretical approach we proposed.展开更多
The Industrial Internet is a promising technology combining industrial systems with Internet connectivity to significantly improve the product efficiency and reduce production cost by cooperating with intelligent devi...The Industrial Internet is a promising technology combining industrial systems with Internet connectivity to significantly improve the product efficiency and reduce production cost by cooperating with intelligent devices,in which the advanced computing,big data analysis and intelligent perception techniques have been involved.This paper comprehensively surveys the recent advances of the Industrial Internet,including reference architectures,key technologies,relative applications and future challenges.Reference architectures which have been proposed for different application scenarios and their corresponding characteristics are summarized.Key technologies,such as cloud computing,mobile edge computing,fog computing,which are classified according to different layers in the architecture,are presented to support a variety of applications in the Industrial Internet.Meanwhile,future challenges and research trends are discussed as well to promote further research of the Industrial Internet.展开更多
COVID-19 pandemic has accelerated the re-shaping of globalized manufacturing industry.Achieving a high level of resilience is thereby a recognized,essential ability of future manufacturing systems with the advances in...COVID-19 pandemic has accelerated the re-shaping of globalized manufacturing industry.Achieving a high level of resilience is thereby a recognized,essential ability of future manufacturing systems with the advances in smart manufacturing and Industry 4.0.In this work,a conceptual framework for resilient manufacturing strategy enabled by Industrial Internet is proposed.It is elaborated as a four-phase,closed-loop process that centered on proactive industry assessment.Key enabling technologies for the proposed framework are outlined in data acquisition and management,big data analysis,intelligent services,and others.Industrial Internet-enabled implementations in China in response to COVID-19 have then been reviewed and discussed from 3Rs’perspective,i.e.manufacturer capacity Recovery,supply chain Resilience and emergency Response.It is suggested that an industry-specific and comprehensive selection coordinated with the guiding policy and supporting regulations should be performed at the national,at least regional level.展开更多
With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smar...With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.展开更多
The concept of Internet of Everything is like a revolutionary storm,bringing the whole society closer together.Internet of Things(IoT)has played a vital role in the process.With the rise of the concept of Industry 4.0...The concept of Internet of Everything is like a revolutionary storm,bringing the whole society closer together.Internet of Things(IoT)has played a vital role in the process.With the rise of the concept of Industry 4.0,intelligent transformation is taking place in the industrial field.As a new concept,an industrial IoT system has also attracted the attention of industry and academia.In an actual industrial scenario,a large number of devices will generate numerous industrial datasets.The computing efficiency of an industrial IoT system is greatly improved with the help of using either cloud computing or edge computing.However,privacy issues may seriously harmed interests of users.In this article,we summarize privacy issues in a cloud-or an edge-based industrial IoT system.The privacy analysis includes data privacy,location privacy,query and identity privacy.In addition,we also review privacy solutions when applying software defined network and blockchain under the above two systems.Next,we analyze the computational complexity and privacy protection performance of these solutions.Finally,we discuss open issues to facilitate further studies.展开更多
The industrial Internet of Things (IIoT) is an important engine for manufacturingenterprises to provide intelligent products and services. With the development of IIoT, moreand more attention has been paid to the appl...The industrial Internet of Things (IIoT) is an important engine for manufacturingenterprises to provide intelligent products and services. With the development of IIoT, moreand more attention has been paid to the application of ultra-reliable and low latency communications(URLLC) in the 5G system. The data analysis model represented by digital twins isthe core of IIoT development in the manufacturing industry. In this paper, the efforts of3GPP are introduced for the development of URLLC in reducing delay and enhancing reliability,as well as the research on little jitter and high transmission efficiency. The enhancedkey technologies required in the IIoT are also analyzed. Finally, digital twins are analyzedaccording to the actual IIoT situation.展开更多
By identifying and responding to any malicious behavior that could endanger the system,the Intrusion Detection System(IDS)is crucial for preserving the security of the Industrial Internet of Things(IIoT)network.The be...By identifying and responding to any malicious behavior that could endanger the system,the Intrusion Detection System(IDS)is crucial for preserving the security of the Industrial Internet of Things(IIoT)network.The benefit of anomaly-based IDS is that they are able to recognize zeroday attacks due to the fact that they do not rely on a signature database to identify abnormal activity.In order to improve control over datasets and the process,this study proposes using an automated machine learning(AutoML)technique to automate the machine learning processes for IDS.Our groundbreaking architecture,known as AID4I,makes use of automatic machine learning methods for intrusion detection.Through automation of preprocessing,feature selection,model selection,and hyperparameter tuning,the objective is to identify an appropriate machine learning model for intrusion detection.Experimental studies demonstrate that the AID4I framework successfully proposes a suitablemodel.The integrity,security,and confidentiality of data transmitted across the IIoT network can be ensured by automating machine learning processes in the IDS to enhance its capacity to identify and stop threatening activities.With a comprehensive solution that takes advantage of the latest advances in automated machine learning methods to improve network security,AID4I is a powerful and effective instrument for intrusion detection.In preprocessing module,three distinct imputation methods are utilized to handle missing data,ensuring the robustness of the intrusion detection system in the presence of incomplete information.Feature selection module adopts a hybrid approach that combines Shapley values and genetic algorithm.The Parameter Optimization module encompasses a diverse set of 14 classification methods,allowing for thorough exploration and optimization of the parameters associated with each algorithm.By carefully tuning these parameters,the framework enhances its adaptability and accuracy in identifying potential intrusions.Experimental results demonstrate that the AID4I framework can achieve high levels of accuracy in detecting network intrusions up to 14.39%on public datasets,outperforming traditional intrusion detection methods while concurrently reducing the elapsed time for training and testing.展开更多
To address the problem of network security situation assessment in the Industrial Internet,this paper adopts the evidential reasoning(ER)algorithm and belief rule base(BRB)method to establish an assessment model.First...To address the problem of network security situation assessment in the Industrial Internet,this paper adopts the evidential reasoning(ER)algorithm and belief rule base(BRB)method to establish an assessment model.First,this paper analyzes the influencing factors of the Industrial Internet and selects evaluation indicators that contain not only quantitative data but also qualitative knowledge.Second,the evaluation indicators are fused with expert knowledge and the ER algorithm.According to the fusion results,a network security situation assessment model of the Industrial Internet based on the ER and BRB method is established,and the projection covariance matrix adaptive evolution strategy(P-CMA-ES)is used to optimize the model parameters.This method can not only utilize semiquantitative information effectively but also use more uncertain information and prevent the problem of combinatorial explosion.Moreover,it solves the problem of the uncertainty of expert knowledge and overcomes the problem of low modeling accuracy caused by insufficient data.Finally,a network security situation assessment case of the Industrial Internet is analyzed to verify the effectiveness and superiority of the method.The research results showthat this method has strong applicability to the network security situation assessment of complex Industrial Internet systems.It can accurately reflect the actual network security situation of Industrial Internet systems and provide safe and reliable suggestions for network administrators to take timely countermeasures,thereby improving the risk monitoring and emergency response capabilities of the Industrial Internet.展开更多
The Industrial Internet of Things(IIoT)has been growing for presentations in industry in recent years.Security for the IIoT has unavoidably become a problem in terms of creating safe applications.Due to continual need...The Industrial Internet of Things(IIoT)has been growing for presentations in industry in recent years.Security for the IIoT has unavoidably become a problem in terms of creating safe applications.Due to continual needs for new functionality,such as foresight,the number of linked devices in the industrial environment increases.Certification of fewer signatories gives strong authentication solutions and prevents trustworthy third parties from being publicly certified among available encryption instruments.Hence this blockchain-based endpoint protection platform(BCEPP)has been proposed to validate the network policies and reduce overall latency in isolation or hold endpoints.A resolver supports the encoded model as an input;network functions can be optimized as an output in an infrastructure network.The configuration of the virtual network functions(VNFs)involved fulfills network characteristics.The output ensures that the final service is supplied at the least cost,including processing time and network latency.According to the findings of this comparison,our design is better suited to simplified trust management in IIoT devices.Thus,the experimental results show the adaptability and resilience of our suggested confidence model against behavioral changes in hostile settings in IIoT networks.The experimental results show that our proposed method,BCEPP,has the following,when compared to other methods:high computational cost of 95.3%,low latency ratio of 28.5%,increased data transmitting rate up to 94.1%,enhanced security rate of 98.6%,packet reception ratio of 96.1%,user satisfaction index of 94.5%,and probability ratio of 33.8%.展开更多
Localisation of machines in harsh Industrial Internet of Things(IIoT)environment is necessary for various applications.Therefore,a novel localisation algorithm is proposed for noisy range measurements in IIoT networks...Localisation of machines in harsh Industrial Internet of Things(IIoT)environment is necessary for various applications.Therefore,a novel localisation algorithm is proposed for noisy range measurements in IIoT networks.The position of an unknown machine device in the network is estimated using the relative distances between blind machines(BMs)and anchor machines(AMs).Moreover,a more practical and challenging scenario with the erroneous position of AM is considered,which brings additional uncertainty to the final position estimation.Therefore,the AMs selection algorithm for the localisation of BMs in the IIoT network is introduced.Only those AMs will participate in the localisation process,which increases the accuracy of the final location estimate.Then,the closed‐form expression of the proposed greedy successive anchorization process is derived,which prevents possible local convergence,reduces computation,and achieves Cramér‐Rao lower bound accuracy for white Gaussian measurement noise.The results are compared with the state‐of‐the‐art and verified through numerous simulations.展开更多
The evolution of the Internet of Things(IoT)has empowered modern industries with the capability to implement large-scale IoT ecosystems,such as the Industrial Internet of Things(IIoT).The IIoT is vulnerable to a diver...The evolution of the Internet of Things(IoT)has empowered modern industries with the capability to implement large-scale IoT ecosystems,such as the Industrial Internet of Things(IIoT).The IIoT is vulnerable to a diverse range of cyberattacks that can be exploited by intruders and cause substantial reputational andfinancial harm to organizations.To preserve the confidentiality,integrity,and availability of IIoT networks,an anomaly-based intrusion detection system(IDS)can be used to provide secure,reliable,and efficient IIoT ecosystems.In this paper,we propose an anomaly-based IDS for IIoT networks as an effective security solution to efficiently and effectively overcome several IIoT cyberattacks.The proposed anomaly-based IDS is divided into three phases:pre-processing,feature selection,and classification.In the pre-processing phase,data cleaning and nor-malization are performed.In the feature selection phase,the candidates’feature vectors are computed using two feature reduction techniques,minimum redun-dancy maximum relevance and neighborhood components analysis.For thefinal step,the modeling phase,the following classifiers are used to perform the classi-fication:support vector machine,decision tree,k-nearest neighbors,and linear discriminant analysis.The proposed work uses a new data-driven IIoT data set called X-IIoTID.The experimental evaluation demonstrates our proposed model achieved a high accuracy rate of 99.58%,a sensitivity rate of 99.59%,a specificity rate of 99.58%,and a low false positive rate of 0.4%.展开更多
The emergence of industry 4.0 stems from research that has received a great deal of attention in the last few decades.Consequently,there has been a huge paradigm shift in the manufacturing and production sectors.Howev...The emergence of industry 4.0 stems from research that has received a great deal of attention in the last few decades.Consequently,there has been a huge paradigm shift in the manufacturing and production sectors.However,this poses a challenge for cybersecurity and highlights the need to address the possible threats targeting(various pillars of)industry 4.0.However,before providing a concrete solution certain aspect need to be researched,for instance,cybersecurity threats and privacy issues in the industry.To fill this gap,this paper discusses potential solutions to cybersecurity targeting this industry and highlights the consequences of possible attacks and countermeasures(in detail).In particular,the focus of the paper is on investigating the possible cyber-attacks targeting 4 layers of IIoT that is one of the key pillars of Industry 4.0.Based on a detailed review of existing literature,in this study,we have identified possible cyber threats,their consequences,and countermeasures.Further,we have provided a comprehensive framework based on an analysis of cybersecurity and privacy challenges.The suggested framework provides for a deeper understanding of the current state of cybersecurity and sets out directions for future research and applications.展开更多
Pig farming is becoming a key industry of China’s rural economy in recent years. The current pig farming is still relatively manual, lack of latest Information and Communication Technology (ICT) and scientific manage...Pig farming is becoming a key industry of China’s rural economy in recent years. The current pig farming is still relatively manual, lack of latest Information and Communication Technology (ICT) and scientific management methods. This paper proposes an industrial internet platform for massive pig farming, namely, IIP4MPF, which aims to leverage intelligent pig breeding, production rate and labor productivity with the use of artificial intelligence, the Internet of Things, and big data intelligence. We conducted requirement analysis for IIP4MPF using software engineering methods, designed the IIP4MPF system for an integrated solution to digital, interconnected, intelligent pig farming. The practice demonstrates that the IIP4MPF platform significantly improves pig farming industry in pig breeding and productivity.展开更多
The industrial Internet realizes intelligent control and optimized operation of the industrial system through network interconnection.The industrial Internet identifier is the core element to accomplish this task.The ...The industrial Internet realizes intelligent control and optimized operation of the industrial system through network interconnection.The industrial Internet identifier is the core element to accomplish this task.The traditional industrial Internet identifier resolution technologies depend excessively on IP networks,and cannot meet the requirements of ubiquitous resource-restraint Internet of Things(IoT)devices.An industrial Internet identifier resolution management strategy based on multi-identifier network architecture is proposed in this paper,which supports content names,identities,locations,apart from the traditional IP address.The application of multiple types of identifiers not only solves the problem of IP addresses exhaustion,but also enhances the security,credibility,and availability of the industrial Internet identification resolution system.An inter-translation scheme between multiple identifiers is designed to support multiple identifiers and the standard ones.We present an addressing and routing algorithm for identifier resolution to make it convenient to put our strategy into practice.展开更多
The risks of the current identity system represented by Domain Name System(DNS)and Object Identifier(OID)are studied.According to the characteristics of the industrial Internet Identity(Ⅲ)system,four open ecosystem p...The risks of the current identity system represented by Domain Name System(DNS)and Object Identifier(OID)are studied.According to the characteristics of the industrial Internet Identity(Ⅲ)system,four open ecosystem planes are divided,and a corresponding risk analysis view is established to analyze risks for various planes.This paper uses Isaiah Berlin’s definition of liberty to more generally express the concept of security as positive rights and negative rights.In the risk analysis view,the target system is modeled from four dimensions:stakeholders,framework,architecture,and capability delivery.At last,three defensive lines are proposed to establish the identity credit system.展开更多
Several excellent works have been done on the industrial Internet;however,some problems are still ahead,such as reliable security,heterogeneous compatibility,and system efficiency.Information-Centric Networking(ICN),a...Several excellent works have been done on the industrial Internet;however,some problems are still ahead,such as reliable security,heterogeneous compatibility,and system efficiency.Information-Centric Networking(ICN),an emerging paradigm for the future Internet,is expected to address the challenges of the industrial Internet to some extent.An integrated architecture for industrial network and identity resolution in the industrial Internet is proposed in this paper.A framework is also designed for the ICN-based industrial Network And Named Data Networking(NDN)based factory extranet with Software-Defined Networking(SDN).Moreover,an identity resolution architecture in the industrial Internet is proposed based on ICN paradigms with separate resolution nodes or with merging resolution and routing.展开更多
Industrial Internet of Things(IIoT)is a pervasive network of interlinked smart devices that provide a variety of intelligent computing services in industrial environments.Several IIoT nodes operate confidential data(s...Industrial Internet of Things(IIoT)is a pervasive network of interlinked smart devices that provide a variety of intelligent computing services in industrial environments.Several IIoT nodes operate confidential data(such as medical,transportation,military,etc.)which are reachable targets for hostile intruders due to their openness and varied structure.Intrusion Detection Systems(IDS)based on Machine Learning(ML)and Deep Learning(DL)techniques have got significant attention.However,existing ML and DL-based IDS still face a number of obstacles that must be overcome.For instance,the existing DL approaches necessitate a substantial quantity of data for effective performance,which is not feasible to run on low-power and low-memory devices.Imbalanced and fewer data potentially lead to low performance on existing IDS.This paper proposes a self-attention convolutional neural network(SACNN)architecture for the detection of malicious activity in IIoT networks and an appropriate feature extraction method to extract the most significant features.The proposed architecture has a self-attention layer to calculate the input attention and convolutional neural network(CNN)layers to process the assigned attention features for prediction.The performance evaluation of the proposed SACNN architecture has been done with the Edge-IIoTset and X-IIoTID datasets.These datasets encompassed the behaviours of contemporary IIoT communication protocols,the operations of state-of-the-art devices,various attack types,and diverse attack scenarios.展开更多
文摘Under the current background of an information society,the digital transformation of enterprises has become a necessary means to enhance the competitiveness of enterprises.This article is based on the industrial Internet platform,the digital planning and architecture of enterprises research.First,we analyze the current challenges of digital transformation and the development opportunities brought by the industrial Internet.Then,we propose a digital planning method based on the industrial Internet platform,which takes the full connectivity of people,machine and things and intelligent decision making as the core,takes data collection,processing,analysis and application as the main line,and finally forms the top-level design of the digital transformation of enterprises.At the same time,we also built an industrial Internet platform architecture model,including the previous end perception layer,network transmission layer,platform service layer,and application innovation layer for four levels,to support enterprises in innovative applications and decision support under the industrial Internet environment.Research shows that this kind of enterprise digital planning and architecture based on an industrial Internet platform can effectively promote enterprises to achieve business model innovation,system innovation,and strengthen the flexibility and agility of enterprises to respond to market changes.The results of this research not only have important theoretical and practical significance for guiding enterprises to carry out digital planning and build an industrial Internet platform,but also provide useful reference for relevant policy formulation.
基金supported by the National Natural Science Foundation of China(U22B2026)the ZTE Industry-Academia-Research Project(HC-CN-20221029003,IA20230628015)。
文摘With the introduction of 5G,users and devices can access the industrial network from anywhere in the world.Therefore,traditional perimeter-based security technologies for industrial networks can no longer work well.To solve this problem,a new security model called Zero Trust(ZT)is desired,which believes in“never trust and always verify”.Every time the asset in the industrial network is accessed,the subject is authenticated and its trustworthiness is assessed.In this way,the asset in industrial network can be well protected,whether the subject is in the internal network or the external network.However,in order to construct the zero trust model in the 5G Industrial Internet collaboration system,there are still many problems to be solved.In this paper,we first introduce the security issues in the 5G Industrial Internet collaboration system,and illustrate the zero trust architecture.Then,we analyze the gap between existing security techniques and the zero trust architecture.Finally,we discuss several potential security techniques that can be used to implement the zero trust model.The purpose of this paper is to point out the further direction for the realization of the Zero Trust Architecture(ZTA)in the 5G Industrial Internet collaboration system.
基金supported by the National Natural Science Foundation of China(62473341)Key Technologies R&D Program of Henan Province(242102211071,252102211086,252102210166).
文摘With the rapid development of the industrial Internet,the network security environment has become increasingly complex and variable.Intrusion detection,a core technology for ensuring the security of industrial control systems,faces the challenge of unbalanced data samples,particularly the low detection rates for minority class attack samples.Therefore,this paper proposes a data enhancement method for intrusion detection in the industrial Internet based on a Self-Attention Wasserstein Generative Adversarial Network(SA-WGAN)to address the low detection rates of minority class attack samples in unbalanced intrusion detection scenarios.The proposed method integrates a selfattention mechanism with a Wasserstein Generative Adversarial Network(WGAN).The self-attention mechanism automatically learns important features from the input data and assigns different weights to emphasize the key features related to intrusion behaviors,providing strong guidance for subsequent data generation.The WGAN generates new data samples through adversarial training to expand the original dataset.In the SA-WGAN framework,the WGAN directs the data generation process based on the key features extracted by the self-attention mechanism,ensuring that the generated samples exhibit both diversity and similarity to real data.Experimental results demonstrate that the SA-WGAN-based data enhancement method significantly improves detection performance for attack samples from minority classes,addresses issues of insufficient data and category imbalance,and enhances the generalization ability and overall performance of the intrusion detection model.
基金supported in part by the National Science Foundation Project of China (61931001, 61873026)the National Key R&D Program of China (2017YFC0820700)
文摘The industrial Internet of Things(IoT)is a trend of factory development and a basic condition of intelligent factory.It is very important to ensure the security of data transmission in industrial IoT.Applying a new chaotic secure communication scheme to address the security problem of data transmission is the main contribution of this paper.The scheme is proposed and studied based on the synchronization of different-structure fractional-order chaotic systems with different order.The Lyapunov stability theory is used to prove the synchronization between the fractional-order drive system and the response system.The encryption and decryption process of the main data signals is implemented by using the n-shift encryption principle.We calculate and analyze the key space of the scheme.Numerical simulations are introduced to show the effectiveness of theoretical approach we proposed.
基金the State Major Science and Technology Special Projects(Grant 2018ZX03001023-005)the National Natural Science Foundation of China under Grant No.61831002,61728101,and 61671074the Beijing Natural Science Foundation under Grant No.JQ18016.
文摘The Industrial Internet is a promising technology combining industrial systems with Internet connectivity to significantly improve the product efficiency and reduce production cost by cooperating with intelligent devices,in which the advanced computing,big data analysis and intelligent perception techniques have been involved.This paper comprehensively surveys the recent advances of the Industrial Internet,including reference architectures,key technologies,relative applications and future challenges.Reference architectures which have been proposed for different application scenarios and their corresponding characteristics are summarized.Key technologies,such as cloud computing,mobile edge computing,fog computing,which are classified according to different layers in the architecture,are presented to support a variety of applications in the Industrial Internet.Meanwhile,future challenges and research trends are discussed as well to promote further research of the Industrial Internet.
基金Supported by Natural Science Foundation of Zhejiang Province(Grant No.LY19E050019).
文摘COVID-19 pandemic has accelerated the re-shaping of globalized manufacturing industry.Achieving a high level of resilience is thereby a recognized,essential ability of future manufacturing systems with the advances in smart manufacturing and Industry 4.0.In this work,a conceptual framework for resilient manufacturing strategy enabled by Industrial Internet is proposed.It is elaborated as a four-phase,closed-loop process that centered on proactive industry assessment.Key enabling technologies for the proposed framework are outlined in data acquisition and management,big data analysis,intelligent services,and others.Industrial Internet-enabled implementations in China in response to COVID-19 have then been reviewed and discussed from 3Rs’perspective,i.e.manufacturer capacity Recovery,supply chain Resilience and emergency Response.It is suggested that an industry-specific and comprehensive selection coordinated with the guiding policy and supporting regulations should be performed at the national,at least regional level.
基金This work was supported in part by the National Natural Science Foundation of China(Nos.62072074,62076054,62027827,62002047)the Sichuan Science and Technology Innovation Platform and Talent Plan(Nos.2020JDJQ0020,2022JDJQ0039)+2 种基金the Sichuan Science and Technology Support Plan(Nos.2020YFSY0010,2022YFQ0045,2022YFS0220,2023YFG0148,2021YFG0131)the YIBIN Science and Technology Support Plan(No.2021CG003)the Medico-Engineering Cooperation Funds from University of Electronic Science and Technology of China(Nos.ZYGX2021YGLH212,ZYGX2022YGRH012).
文摘With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.
基金the National Natural Science Foundation of China(Grant No.61871023 and 61931001)Beijing Natural Science Foundation(Grant No.4202054).
文摘The concept of Internet of Everything is like a revolutionary storm,bringing the whole society closer together.Internet of Things(IoT)has played a vital role in the process.With the rise of the concept of Industry 4.0,intelligent transformation is taking place in the industrial field.As a new concept,an industrial IoT system has also attracted the attention of industry and academia.In an actual industrial scenario,a large number of devices will generate numerous industrial datasets.The computing efficiency of an industrial IoT system is greatly improved with the help of using either cloud computing or edge computing.However,privacy issues may seriously harmed interests of users.In this article,we summarize privacy issues in a cloud-or an edge-based industrial IoT system.The privacy analysis includes data privacy,location privacy,query and identity privacy.In addition,we also review privacy solutions when applying software defined network and blockchain under the above two systems.Next,we analyze the computational complexity and privacy protection performance of these solutions.Finally,we discuss open issues to facilitate further studies.
文摘The industrial Internet of Things (IIoT) is an important engine for manufacturingenterprises to provide intelligent products and services. With the development of IIoT, moreand more attention has been paid to the application of ultra-reliable and low latency communications(URLLC) in the 5G system. The data analysis model represented by digital twins isthe core of IIoT development in the manufacturing industry. In this paper, the efforts of3GPP are introduced for the development of URLLC in reducing delay and enhancing reliability,as well as the research on little jitter and high transmission efficiency. The enhancedkey technologies required in the IIoT are also analyzed. Finally, digital twins are analyzedaccording to the actual IIoT situation.
文摘By identifying and responding to any malicious behavior that could endanger the system,the Intrusion Detection System(IDS)is crucial for preserving the security of the Industrial Internet of Things(IIoT)network.The benefit of anomaly-based IDS is that they are able to recognize zeroday attacks due to the fact that they do not rely on a signature database to identify abnormal activity.In order to improve control over datasets and the process,this study proposes using an automated machine learning(AutoML)technique to automate the machine learning processes for IDS.Our groundbreaking architecture,known as AID4I,makes use of automatic machine learning methods for intrusion detection.Through automation of preprocessing,feature selection,model selection,and hyperparameter tuning,the objective is to identify an appropriate machine learning model for intrusion detection.Experimental studies demonstrate that the AID4I framework successfully proposes a suitablemodel.The integrity,security,and confidentiality of data transmitted across the IIoT network can be ensured by automating machine learning processes in the IDS to enhance its capacity to identify and stop threatening activities.With a comprehensive solution that takes advantage of the latest advances in automated machine learning methods to improve network security,AID4I is a powerful and effective instrument for intrusion detection.In preprocessing module,three distinct imputation methods are utilized to handle missing data,ensuring the robustness of the intrusion detection system in the presence of incomplete information.Feature selection module adopts a hybrid approach that combines Shapley values and genetic algorithm.The Parameter Optimization module encompasses a diverse set of 14 classification methods,allowing for thorough exploration and optimization of the parameters associated with each algorithm.By carefully tuning these parameters,the framework enhances its adaptability and accuracy in identifying potential intrusions.Experimental results demonstrate that the AID4I framework can achieve high levels of accuracy in detecting network intrusions up to 14.39%on public datasets,outperforming traditional intrusion detection methods while concurrently reducing the elapsed time for training and testing.
基金supported by the Provincial Universities Basic Business Expense Scientific Research Projects of Heilongjiang Province(No.2021-KYYWF-0179)the Science and Technology Project of Henan Province(No.212102310991)+2 种基金the Opening Project of Shanghai Key Laboratory of Integrated Administration Technologies for Information Security(No.AGK2015003)the Key Scientific Research Project of Henan Province(No.21A413001)the Postgraduate Innovation Project of Harbin Normal University(No.HSDSSCX2021-121).
文摘To address the problem of network security situation assessment in the Industrial Internet,this paper adopts the evidential reasoning(ER)algorithm and belief rule base(BRB)method to establish an assessment model.First,this paper analyzes the influencing factors of the Industrial Internet and selects evaluation indicators that contain not only quantitative data but also qualitative knowledge.Second,the evaluation indicators are fused with expert knowledge and the ER algorithm.According to the fusion results,a network security situation assessment model of the Industrial Internet based on the ER and BRB method is established,and the projection covariance matrix adaptive evolution strategy(P-CMA-ES)is used to optimize the model parameters.This method can not only utilize semiquantitative information effectively but also use more uncertain information and prevent the problem of combinatorial explosion.Moreover,it solves the problem of the uncertainty of expert knowledge and overcomes the problem of low modeling accuracy caused by insufficient data.Finally,a network security situation assessment case of the Industrial Internet is analyzed to verify the effectiveness and superiority of the method.The research results showthat this method has strong applicability to the network security situation assessment of complex Industrial Internet systems.It can accurately reflect the actual network security situation of Industrial Internet systems and provide safe and reliable suggestions for network administrators to take timely countermeasures,thereby improving the risk monitoring and emergency response capabilities of the Industrial Internet.
基金The authors extend their appreciation to the Deputyship for Research&Innovation,Ministry of Education in Saudi Arabia for funding this research work through the Project Number IFPHI-218-611-2020.”。
文摘The Industrial Internet of Things(IIoT)has been growing for presentations in industry in recent years.Security for the IIoT has unavoidably become a problem in terms of creating safe applications.Due to continual needs for new functionality,such as foresight,the number of linked devices in the industrial environment increases.Certification of fewer signatories gives strong authentication solutions and prevents trustworthy third parties from being publicly certified among available encryption instruments.Hence this blockchain-based endpoint protection platform(BCEPP)has been proposed to validate the network policies and reduce overall latency in isolation or hold endpoints.A resolver supports the encoded model as an input;network functions can be optimized as an output in an infrastructure network.The configuration of the virtual network functions(VNFs)involved fulfills network characteristics.The output ensures that the final service is supplied at the least cost,including processing time and network latency.According to the findings of this comparison,our design is better suited to simplified trust management in IIoT devices.Thus,the experimental results show the adaptability and resilience of our suggested confidence model against behavioral changes in hostile settings in IIoT networks.The experimental results show that our proposed method,BCEPP,has the following,when compared to other methods:high computational cost of 95.3%,low latency ratio of 28.5%,increased data transmitting rate up to 94.1%,enhanced security rate of 98.6%,packet reception ratio of 96.1%,user satisfaction index of 94.5%,and probability ratio of 33.8%.
文摘Localisation of machines in harsh Industrial Internet of Things(IIoT)environment is necessary for various applications.Therefore,a novel localisation algorithm is proposed for noisy range measurements in IIoT networks.The position of an unknown machine device in the network is estimated using the relative distances between blind machines(BMs)and anchor machines(AMs).Moreover,a more practical and challenging scenario with the erroneous position of AM is considered,which brings additional uncertainty to the final position estimation.Therefore,the AMs selection algorithm for the localisation of BMs in the IIoT network is introduced.Only those AMs will participate in the localisation process,which increases the accuracy of the final location estimate.Then,the closed‐form expression of the proposed greedy successive anchorization process is derived,which prevents possible local convergence,reduces computation,and achieves Cramér‐Rao lower bound accuracy for white Gaussian measurement noise.The results are compared with the state‐of‐the‐art and verified through numerous simulations.
文摘The evolution of the Internet of Things(IoT)has empowered modern industries with the capability to implement large-scale IoT ecosystems,such as the Industrial Internet of Things(IIoT).The IIoT is vulnerable to a diverse range of cyberattacks that can be exploited by intruders and cause substantial reputational andfinancial harm to organizations.To preserve the confidentiality,integrity,and availability of IIoT networks,an anomaly-based intrusion detection system(IDS)can be used to provide secure,reliable,and efficient IIoT ecosystems.In this paper,we propose an anomaly-based IDS for IIoT networks as an effective security solution to efficiently and effectively overcome several IIoT cyberattacks.The proposed anomaly-based IDS is divided into three phases:pre-processing,feature selection,and classification.In the pre-processing phase,data cleaning and nor-malization are performed.In the feature selection phase,the candidates’feature vectors are computed using two feature reduction techniques,minimum redun-dancy maximum relevance and neighborhood components analysis.For thefinal step,the modeling phase,the following classifiers are used to perform the classi-fication:support vector machine,decision tree,k-nearest neighbors,and linear discriminant analysis.The proposed work uses a new data-driven IIoT data set called X-IIoTID.The experimental evaluation demonstrates our proposed model achieved a high accuracy rate of 99.58%,a sensitivity rate of 99.59%,a specificity rate of 99.58%,and a low false positive rate of 0.4%.
基金The author(s)acknowledge Jouf University,Saudi Arabia for his funding support.
文摘The emergence of industry 4.0 stems from research that has received a great deal of attention in the last few decades.Consequently,there has been a huge paradigm shift in the manufacturing and production sectors.However,this poses a challenge for cybersecurity and highlights the need to address the possible threats targeting(various pillars of)industry 4.0.However,before providing a concrete solution certain aspect need to be researched,for instance,cybersecurity threats and privacy issues in the industry.To fill this gap,this paper discusses potential solutions to cybersecurity targeting this industry and highlights the consequences of possible attacks and countermeasures(in detail).In particular,the focus of the paper is on investigating the possible cyber-attacks targeting 4 layers of IIoT that is one of the key pillars of Industry 4.0.Based on a detailed review of existing literature,in this study,we have identified possible cyber threats,their consequences,and countermeasures.Further,we have provided a comprehensive framework based on an analysis of cybersecurity and privacy challenges.The suggested framework provides for a deeper understanding of the current state of cybersecurity and sets out directions for future research and applications.
文摘Pig farming is becoming a key industry of China’s rural economy in recent years. The current pig farming is still relatively manual, lack of latest Information and Communication Technology (ICT) and scientific management methods. This paper proposes an industrial internet platform for massive pig farming, namely, IIP4MPF, which aims to leverage intelligent pig breeding, production rate and labor productivity with the use of artificial intelligence, the Internet of Things, and big data intelligence. We conducted requirement analysis for IIP4MPF using software engineering methods, designed the IIP4MPF system for an integrated solution to digital, interconnected, intelligent pig farming. The practice demonstrates that the IIP4MPF platform significantly improves pig farming industry in pig breeding and productivity.
基金supported in part by PCL Future Regional Network Facilities for Large-scale Experiments and Applications under Grant NO.PCL2018KP001by Guangdong R&D Key Program under Grant No.GD2016B030305005+3 种基金by National Natural Science Foundation of China(NSFC)under Grant No.61671001by National Key R&D Program of China under Grant No.2017YFB0803204by Shenzhen Research Programs under Grant Nos.JSGG20170824095858416,JCYJ20190808155607340,and JCYJ20170306092030521This work is also supported by the Shenzhen Municipal Development and Reform Commission(Disciplinary Development Program for Data Sci⁃ence and Intelligent Computing).
文摘The industrial Internet realizes intelligent control and optimized operation of the industrial system through network interconnection.The industrial Internet identifier is the core element to accomplish this task.The traditional industrial Internet identifier resolution technologies depend excessively on IP networks,and cannot meet the requirements of ubiquitous resource-restraint Internet of Things(IoT)devices.An industrial Internet identifier resolution management strategy based on multi-identifier network architecture is proposed in this paper,which supports content names,identities,locations,apart from the traditional IP address.The application of multiple types of identifiers not only solves the problem of IP addresses exhaustion,but also enhances the security,credibility,and availability of the industrial Internet identification resolution system.An inter-translation scheme between multiple identifiers is designed to support multiple identifiers and the standard ones.We present an addressing and routing algorithm for identifier resolution to make it convenient to put our strategy into practice.
文摘The risks of the current identity system represented by Domain Name System(DNS)and Object Identifier(OID)are studied.According to the characteristics of the industrial Internet Identity(Ⅲ)system,four open ecosystem planes are divided,and a corresponding risk analysis view is established to analyze risks for various planes.This paper uses Isaiah Berlin’s definition of liberty to more generally express the concept of security as positive rights and negative rights.In the risk analysis view,the target system is modeled from four dimensions:stakeholders,framework,architecture,and capability delivery.At last,three defensive lines are proposed to establish the identity credit system.
基金supported in part by National Key Research&Development Project(Grant No.2019YFB1804400)the MIIT of China 2019(Innovative Identification and Resolution System for Industrial Internet of Things).
文摘Several excellent works have been done on the industrial Internet;however,some problems are still ahead,such as reliable security,heterogeneous compatibility,and system efficiency.Information-Centric Networking(ICN),an emerging paradigm for the future Internet,is expected to address the challenges of the industrial Internet to some extent.An integrated architecture for industrial network and identity resolution in the industrial Internet is proposed in this paper.A framework is also designed for the ICN-based industrial Network And Named Data Networking(NDN)based factory extranet with Software-Defined Networking(SDN).Moreover,an identity resolution architecture in the industrial Internet is proposed based on ICN paradigms with separate resolution nodes or with merging resolution and routing.
基金Deputy for Research and Innovation-Ministry of Education,Kingdom of Saudi Arabia,Grant/Award Number:NU/IFC/02/SERC/-/31Institutional Funding Committee at Najran University,Kingdom of Saudi Arabia。
文摘Industrial Internet of Things(IIoT)is a pervasive network of interlinked smart devices that provide a variety of intelligent computing services in industrial environments.Several IIoT nodes operate confidential data(such as medical,transportation,military,etc.)which are reachable targets for hostile intruders due to their openness and varied structure.Intrusion Detection Systems(IDS)based on Machine Learning(ML)and Deep Learning(DL)techniques have got significant attention.However,existing ML and DL-based IDS still face a number of obstacles that must be overcome.For instance,the existing DL approaches necessitate a substantial quantity of data for effective performance,which is not feasible to run on low-power and low-memory devices.Imbalanced and fewer data potentially lead to low performance on existing IDS.This paper proposes a self-attention convolutional neural network(SACNN)architecture for the detection of malicious activity in IIoT networks and an appropriate feature extraction method to extract the most significant features.The proposed architecture has a self-attention layer to calculate the input attention and convolutional neural network(CNN)layers to process the assigned attention features for prediction.The performance evaluation of the proposed SACNN architecture has been done with the Edge-IIoTset and X-IIoTID datasets.These datasets encompassed the behaviours of contemporary IIoT communication protocols,the operations of state-of-the-art devices,various attack types,and diverse attack scenarios.
