为解决在IIoT(industrial internet of things)环境下,现有的调度算法调度工作流中通信频繁、数据传输量大的任务所带来的完工时间上升、成本增加等影响的问题,提出一种基于聚类的工作流多雾协同调度算法。通过二分K均值算法对工作流中...为解决在IIoT(industrial internet of things)环境下,现有的调度算法调度工作流中通信频繁、数据传输量大的任务所带来的完工时间上升、成本增加等影响的问题,提出一种基于聚类的工作流多雾协同调度算法。通过二分K均值算法对工作流中的任务进行聚类,基于聚类结果,在多个雾服务器之间使用改进的免疫粒子群优化算法进行任务调度。实验结果表明,该算法相比其它一些传统的调度算法在完工时间、成本、负载均衡方面都有一定提升。展开更多
为了解决在工业物联网(industrial Internet of things,IIoT)环境下,现有的调度算法在调度工作流中对数据安全、响应时间有一定要求的任务所带来的完工时间上升、成本增加的问题,提出一种基于雾环境负载率而变化的任务调度策略,并使用...为了解决在工业物联网(industrial Internet of things,IIoT)环境下,现有的调度算法在调度工作流中对数据安全、响应时间有一定要求的任务所带来的完工时间上升、成本增加的问题,提出一种基于雾环境负载率而变化的任务调度策略,并使用改进的蜣螂优化算法对工作流调度问题进行求解。改进的算法使用HEFT(heterogeneous earliest finish time)算法对蜣螂种群进行初始化,降低了原始算法中随机性带来的影响。同时引入了镜面反射和反向学习思想,提高了算法的搜索性能。实验结果表明,该算法相比于其他一些传统的调度算法在完工时间与成本方面都有一定的性能提升。展开更多
In many IIoT architectures,various devices connect to the edge cloud via gateway systems.For data processing,numerous data are delivered to the edge cloud.Delivering data to an appropriate edge cloud is critical to im...In many IIoT architectures,various devices connect to the edge cloud via gateway systems.For data processing,numerous data are delivered to the edge cloud.Delivering data to an appropriate edge cloud is critical to improve IIoT service efficiency.There are two types of costs for this kind of IoT network:a communication cost and a computing cost.For service efficiency,the communication cost of data transmission should be minimized,and the computing cost in the edge cloud should be also minimized.Therefore,in this paper,the communication cost for data transmission is defined as the delay factor,and the computing cost in the edge cloud is defined as the waiting time of the computing intensity.The proposed method selects an edge cloud that minimizes the total cost of the communication and computing costs.That is,a device chooses a routing path to the selected edge cloud based on the costs.The proposed method controls the data flows in a mesh-structured network and appropriately distributes the data processing load.The performance of the proposed method is validated through extensive computer simulation.When the transition probability from good to bad is 0.3 and the transition probability from bad to good is 0.7 in wireless and edge cloud states,the proposed method reduced both the average delay and the service pause counts to about 25%of the existing method.展开更多
Protecting Supervisory Control and Data Acquisition-Industrial Internet of Things(SCADA-IIoT)systems against intruders has become essential since industrial control systems now oversee critical infrastructure,and cybe...Protecting Supervisory Control and Data Acquisition-Industrial Internet of Things(SCADA-IIoT)systems against intruders has become essential since industrial control systems now oversee critical infrastructure,and cyber attackers more frequently target these systems.Due to their connection of physical assets with digital networks,SCADA-IIoT systems face substantial risks from multiple attack types,including Distributed Denial of Service(DDoS),spoofing,and more advanced intrusion methods.Previous research in this field faces challenges due to insufficient solutions,as current intrusion detection systems lack the necessary accuracy,scalability,and adaptability needed for IIoT environments.This paper introduces CyberFortis,a novel cybersecurity framework aimed at detecting and preventing cyber threats in SCADA-IIoT systems.CyberFortis presents two key innovations:Firstly,Siamese Double Deep Q-Network with Autoencoders(Siamdqn-AE)FusionNet,which enhances intrusion detection by combining deep Q-Networks with autoencoders for improved attack detection and feature extraction;and secondly,the PopHydra Optimiser,an innovative solution to compute reinforcement learning discount factors for better model performance and convergence.This method combines Siamese deep Q-Networks with autoencoders to create a system that can detect different types of attacks more effectively and adapt to new challenges.CyberFortis is better than current top attack detection systems,showing higher scores in important areas like accuracy,precision,recall,and F1-score,based on data from CICIoT 2023,UNSW-NB 15,and WUSTL-IIoT datasets.Results from the proposed framework show a 97.5%accuracy rate,indicating its potential as an effective solution for SCADA-IIoT cybersecurity against emerging threats.The research confirms that the proposed security and resilience methods are successful in protecting vital industrial control systems within their operational environments.展开更多
The rapid development of the industrial internet of things(IIoT)has brought huge benefits to factories equipped with IIoT technology,each of which represents an IIoT domain.More and more domains are choosing to cooper...The rapid development of the industrial internet of things(IIoT)has brought huge benefits to factories equipped with IIoT technology,each of which represents an IIoT domain.More and more domains are choosing to cooperate with each other to produce better products for greater profits.Therefore,in order to protect the security and privacy of IIoT devices in cross-domain communication,lots of cross-domain authentication schemes have been proposed.However,most schemes expose the domain to which the IIoT device belongs,or introduce a single point of failure in multi-domain cooperation,thus introducing unpredictable risks to each domain.We propose a more secure and efficient domain-level anonymous cross-domain authentication(DLCA)scheme based on alliance blockchain.The proposed scheme uses group signatures with decentralized tracing technology to provide domain-level anonymity to each IIoT device and allow the public to trace the real identity of the malicious pseudonym.In addition,DLCA takes into account the limited resource characteristics of IIoT devices to design an efficient cross-domain authentication protocol.Security analysis and performance evaluation show that the proposed scheme can be effectively used in the cross-domain authentication scenario of industrial internet of things.展开更多
区块链技术对保证工业物联网(Industrial Internet of Things,IIoT)的数据安全性、可信度和透明度至关重要,推动了物联网(Internet of Things,IoT)设备之间的信任和安全交互,加速了工业自动化和智能化的发展。针对区块链在IIoT中的部署...区块链技术对保证工业物联网(Industrial Internet of Things,IIoT)的数据安全性、可信度和透明度至关重要,推动了物联网(Internet of Things,IoT)设备之间的信任和安全交互,加速了工业自动化和智能化的发展。针对区块链在IIoT中的部署优化面临网络拓扑动态复杂和无线节点能量受限等问题,提出了一种利用图卷积神经网络(graph convolutional neural network,GCN)的无线节点传输功率计算框架。通过拟合大量实验数据得到传输功率和时延之间的关系函数,引入能耗、分叉率、时延、算力等因素构建关于节点传输功率的系统效用最优化问题。经过训练后,GCN基于节点哈希算力、网络拓扑图、区块链出块间隔和区块大小等信息,可快速确定无线区块链节点最优传输功率,以提高IIoT区块链的系统能效和部署时效。实验结果表明,在复杂无线IoT环境下,所提方法能高效得到理想的无线区块链节点传输功率值,与最优值之间的平均相对偏差小于1.81%。展开更多
The industrial Internet of Things(IIoT)is a new indus-trial idea that combines the latest information and communica-tion technologies with the industrial economy.In this paper,a cloud control structure is designed for...The industrial Internet of Things(IIoT)is a new indus-trial idea that combines the latest information and communica-tion technologies with the industrial economy.In this paper,a cloud control structure is designed for IIoT in cloud-edge envi-ronment with three modes of 5G.For 5G based IIoT,the time sensitive network(TSN)service is introduced in transmission network.A 5G logical TSN bridge is designed to transport TSN streams over 5G framework to achieve end-to-end configuration.For a transmission control protocol(TCP)model with nonlinear disturbance,time delay and uncertainties,a robust adaptive fuzzy sliding mode controller(AFSMC)is given with control rule parameters.IIoT workflows are made up of a series of subtasks that are linked by the dependencies between sensor datasets and task flows.IIoT workflow scheduling is a non-deterministic polynomial(NP)-hard problem in cloud-edge environment.An adaptive and non-local-convergent particle swarm optimization(ANCPSO)is designed with nonlinear inertia weight to avoid falling into local optimum,which can reduce the makespan and cost dramatically.Simulation and experiments demonstrate that ANCPSO has better performances than other classical algo-rithms.展开更多
Nowadays,a large number of intelligent devices involved in the Industrial Internet of Things(IIoT)environment are posing unprecedented cybersecurity challenges.Due to the limited budget for security protection,the IIo...Nowadays,a large number of intelligent devices involved in the Industrial Internet of Things(IIoT)environment are posing unprecedented cybersecurity challenges.Due to the limited budget for security protection,the IIoT devices are vulnerable and easily compromised to launch Distributed Denial-of-Service(DDoS)attacks,resulting in disastrous results.Unfortunately,considering the particularity of the IIoT environment,most of the defense solutions in traditional networks cannot be directly applied to IIoT with acceptable security performance.Therefore,in this work,we propose a multi-point collaborative defense mechanism against DDoS attacks for IIoT.Specifically,for the single point DDoS defense,we design an edge-centric mechanism termed EdgeDefense for the detection,identification,classification,and mitigation of DDoS attacks and the generation of defense information.For the practical multi-point scenario,we propose a collaborative defense model against DDoS attacks to securely share the defense information across the network through the blockchain.Besides,a fast defense information sharing mechanism is designed to reduce the delay of defense information sharing and provide a responsive cybersecurity guarantee.The simulation results indicate that the identification and classification performance of the two machine learning models designed for EdgeDefense are better than those of the state-of-the-art baseline models,and therefore EdgeDefense can defend against DDoS attacks effectively.The results also verify that the proposed fast sharing mechanism can reduce the propagation delay of the defense information blocks effectively,thereby improving the responsiveness of the multi-point collaborative DDoS defense.展开更多
With the rapid development of data applications in the scene of Industrial Internet of Things(IIoT),how to schedule resources in IIoT environment has become an urgent problem to be solved.Due to benefit of its strong ...With the rapid development of data applications in the scene of Industrial Internet of Things(IIoT),how to schedule resources in IIoT environment has become an urgent problem to be solved.Due to benefit of its strong scalability and compatibility,Kubernetes has been applied to resource scheduling in IIoT scenarios.However,the limited types of resources,the default scheduling scoring strategy,and the lack of delay control module limit its resource scheduling performance.To address these problems,this paper proposes a multi-resource scheduling(MRS)scheme of Kubernetes for IIoT.The MRS scheme dynamically balances resource utilization by taking both requirements of tasks and the current system state into consideration.Furthermore,the experiments demonstrate the effectiveness of the MRS scheme in terms of delay control and resource utilization.展开更多
With the development of the Industrial Internet of Things(IIoT),end devices(EDs)are equipped with more functions to capture information.Therefore,a large amount of data is generated at the edge of the network and need...With the development of the Industrial Internet of Things(IIoT),end devices(EDs)are equipped with more functions to capture information.Therefore,a large amount of data is generated at the edge of the network and needs to be processed.However,no matter whether these computing tasks are offloaded to traditional central clusters or mobile edge computing(MEC)devices,the data is short of security and may be changed during transmission.In view of this challenge,this paper proposes a trusted task offloading optimization scheme that can offer low latency and high bandwidth services for IIoT with data security.Blockchain technology is adopted to ensure data consistency.Meanwhile,to reduce the impact of low throughput of blockchain on task offloading performance,we design the processes of consensus and offloading as a Markov decision process(MDP)by defining states,actions,and rewards.Deep reinforcement learning(DRL)algorithm is introduced to dynamically select offloading actions.To accelerate the optimization,we design a novel reward function for the DRL algorithm according to the scale and computational complexity of the task.Experiments demonstrate that compared with methods without optimization,our mechanism performs better when it comes to the number of task offloading and throughput of blockchain.展开更多
Fog Computing(FC)provides processing and storage resources at the edge of the Internet of Things(IoT).By doing so,FC can help reduce latency and improve reliability of IoT networks.The energy consumption of servers an...Fog Computing(FC)provides processing and storage resources at the edge of the Internet of Things(IoT).By doing so,FC can help reduce latency and improve reliability of IoT networks.The energy consumption of servers and computing resources is one of the factors that directly affect conservation costs in fog environments.Energy consumption can be reduced by efficacious scheduling methods so that tasks are offloaded on the best possible resources.To deal with this problem,a binary model based on the combination of the Krill Herd Algorithm(KHA)and the Artificial Hummingbird Algorithm(AHA)is introduced as Binary KHA-AHA(BAHA-KHA).KHA is used to improve AHA.Also,the BAHA-KHA local optimal problem for task scheduling in FC environments is solved using the dynamic voltage and frequency scaling(DVFS)method.The Heterogeneous Earliest Finish Time(HEFT)method is used to discover the order of task flow execution.The goal of the BAHA-KHA model is to minimize the number of resources,the communication between dependent tasks,and reduce energy consumption.In this paper,the FC environment is considered to address the workflow scheduling issue to reduce energy consumption and minimize makespan on fog resources.The results were tested on five different workflows(Montage,CyberShake,LIGO,SIPHT,and Epigenomics).The evaluations show that the BAHA-KHA model has the best performance in comparison with the AHA,KHA,PSO and GA algorithms.The BAHA-KHA model has reduced the makespan rate by about 18%and the energy consumption by about 24%in comparison with GA.This is a preview of subscription content,log in via an institution to check access.展开更多
By the emergence of the fourth industrial revolution,interconnected devices and sensors generate large-scale,dynamic,and inharmonious data in Industrial Internet of Things(IIoT)platforms.Such vast heterogeneous data i...By the emergence of the fourth industrial revolution,interconnected devices and sensors generate large-scale,dynamic,and inharmonious data in Industrial Internet of Things(IIoT)platforms.Such vast heterogeneous data increase the challenges of security risks and data analysis procedures.As IIoT grows,cyber-attacks become more diverse and complex,making existing anomaly detection models less effective to operate.In this paper,an ensemble deep learning model that uses the benefits of the Long Short-Term Memory(LSTM)and the AutoEncoder(AE)architecture to identify out-of-norm activities for cyber threat hunting in IIoT is proposed.In this model,the LSTM is applied to create a model on normal time series of data(past and present data)to learn normal data patterns and the important features of data are identified by AE to reduce data dimension.In addition,the imbalanced nature of IIoT datasets has not been considered in most of the previous literature,affecting low accuracy and performance.To solve this problem,the proposed model extracts new balanced data from the imbalanced datasets,and these new balanced data are fed into the deep LSTM AE anomaly detection model.In this paper,the proposed model is evaluated on two real IIoT datasets-Gas Pipeline(GP)and Secure Water Treatment(SWaT)that are imbalanced and consist of long-term and short-term dependency on data.The results are compared with conventional machine learning classifiers,Random Forest(RF),Multi-Layer Perceptron(MLP),Decision Tree(DT),and Super Vector Machines(SVM),in which higher performance in terms of accuracy is obtained,99.3%and 99.7%based on GP and SWaT datasets,respectively.Moreover,the proposed ensemble model is compared with advanced related models,including Stacked Auto-Encoders(SAE),Naive Bayes(NB),Projective Adaptive Resonance Theory(PART),Convolutional Auto-Encoder(C-AE),and Package Signatures(PS)based LSTM(PS-LSTM)model.展开更多
The industrial Internet of Things (IIoT) is an important engine for manufacturingenterprises to provide intelligent products and services. With the development of IIoT, moreand more attention has been paid to the appl...The industrial Internet of Things (IIoT) is an important engine for manufacturingenterprises to provide intelligent products and services. With the development of IIoT, moreand more attention has been paid to the application of ultra-reliable and low latency communications(URLLC) in the 5G system. The data analysis model represented by digital twins isthe core of IIoT development in the manufacturing industry. In this paper, the efforts of3GPP are introduced for the development of URLLC in reducing delay and enhancing reliability,as well as the research on little jitter and high transmission efficiency. The enhancedkey technologies required in the IIoT are also analyzed. Finally, digital twins are analyzedaccording to the actual IIoT situation.展开更多
With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smar...With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.展开更多
The Industrial Internet of Things(IIoT)has been growing for presentations in industry in recent years.Security for the IIoT has unavoidably become a problem in terms of creating safe applications.Due to continual need...The Industrial Internet of Things(IIoT)has been growing for presentations in industry in recent years.Security for the IIoT has unavoidably become a problem in terms of creating safe applications.Due to continual needs for new functionality,such as foresight,the number of linked devices in the industrial environment increases.Certification of fewer signatories gives strong authentication solutions and prevents trustworthy third parties from being publicly certified among available encryption instruments.Hence this blockchain-based endpoint protection platform(BCEPP)has been proposed to validate the network policies and reduce overall latency in isolation or hold endpoints.A resolver supports the encoded model as an input;network functions can be optimized as an output in an infrastructure network.The configuration of the virtual network functions(VNFs)involved fulfills network characteristics.The output ensures that the final service is supplied at the least cost,including processing time and network latency.According to the findings of this comparison,our design is better suited to simplified trust management in IIoT devices.Thus,the experimental results show the adaptability and resilience of our suggested confidence model against behavioral changes in hostile settings in IIoT networks.The experimental results show that our proposed method,BCEPP,has the following,when compared to other methods:high computational cost of 95.3%,low latency ratio of 28.5%,increased data transmitting rate up to 94.1%,enhanced security rate of 98.6%,packet reception ratio of 96.1%,user satisfaction index of 94.5%,and probability ratio of 33.8%.展开更多
The emergence of industry 4.0 stems from research that has received a great deal of attention in the last few decades.Consequently,there has been a huge paradigm shift in the manufacturing and production sectors.Howev...The emergence of industry 4.0 stems from research that has received a great deal of attention in the last few decades.Consequently,there has been a huge paradigm shift in the manufacturing and production sectors.However,this poses a challenge for cybersecurity and highlights the need to address the possible threats targeting(various pillars of)industry 4.0.However,before providing a concrete solution certain aspect need to be researched,for instance,cybersecurity threats and privacy issues in the industry.To fill this gap,this paper discusses potential solutions to cybersecurity targeting this industry and highlights the consequences of possible attacks and countermeasures(in detail).In particular,the focus of the paper is on investigating the possible cyber-attacks targeting 4 layers of IIoT that is one of the key pillars of Industry 4.0.Based on a detailed review of existing literature,in this study,we have identified possible cyber threats,their consequences,and countermeasures.Further,we have provided a comprehensive framework based on an analysis of cybersecurity and privacy challenges.The suggested framework provides for a deeper understanding of the current state of cybersecurity and sets out directions for future research and applications.展开更多
The evolution of the Internet of Things(IoT)has empowered modern industries with the capability to implement large-scale IoT ecosystems,such as the Industrial Internet of Things(IIoT).The IIoT is vulnerable to a diver...The evolution of the Internet of Things(IoT)has empowered modern industries with the capability to implement large-scale IoT ecosystems,such as the Industrial Internet of Things(IIoT).The IIoT is vulnerable to a diverse range of cyberattacks that can be exploited by intruders and cause substantial reputational andfinancial harm to organizations.To preserve the confidentiality,integrity,and availability of IIoT networks,an anomaly-based intrusion detection system(IDS)can be used to provide secure,reliable,and efficient IIoT ecosystems.In this paper,we propose an anomaly-based IDS for IIoT networks as an effective security solution to efficiently and effectively overcome several IIoT cyberattacks.The proposed anomaly-based IDS is divided into three phases:pre-processing,feature selection,and classification.In the pre-processing phase,data cleaning and nor-malization are performed.In the feature selection phase,the candidates’feature vectors are computed using two feature reduction techniques,minimum redun-dancy maximum relevance and neighborhood components analysis.For thefinal step,the modeling phase,the following classifiers are used to perform the classi-fication:support vector machine,decision tree,k-nearest neighbors,and linear discriminant analysis.The proposed work uses a new data-driven IIoT data set called X-IIoTID.The experimental evaluation demonstrates our proposed model achieved a high accuracy rate of 99.58%,a sensitivity rate of 99.59%,a specificity rate of 99.58%,and a low false positive rate of 0.4%.展开更多
Generally,the risks associated with malicious threats are increasing for the Internet of Things(IoT)and its related applications due to dependency on the Internet and the minimal resource availability of IoT devices.T...Generally,the risks associated with malicious threats are increasing for the Internet of Things(IoT)and its related applications due to dependency on the Internet and the minimal resource availability of IoT devices.Thus,anomaly-based intrusion detection models for IoT networks are vital.Distinct detection methodologies need to be developed for the Industrial Internet of Things(IIoT)network as threat detection is a significant expectation of stakeholders.Machine learning approaches are considered to be evolving techniques that learn with experience,and such approaches have resulted in superior performance in various applications,such as pattern recognition,outlier analysis,and speech recognition.Traditional techniques and tools are not adequate to secure IIoT networks due to the use of various protocols in industrial systems and restricted possibilities of upgradation.In this paper,the objective is to develop a two-phase anomaly detection model to enhance the reliability of an IIoT network.In the first phase,SVM and Naïve Bayes,are integrated using an ensemble blending technique.K-fold cross-validation is performed while training the data with different training and testing ratios to obtain optimized training and test sets.Ensemble blending uses a random forest technique to predict class labels.An Artificial Neural Network(ANN)classifier that uses the Adam optimizer to achieve better accuracy is also used for prediction.In the second phase,both the ANN and random forest results are fed to the model’s classification unit,and the highest accuracy value is considered the final result.The proposed model is tested on standard IoT attack datasets,such as WUSTL_IIOT-2018,N_BaIoT,and Bot_IoT.The highest accuracy obtained is 99%.A comparative analysis of the proposed model using state-of-the-art ensemble techniques is performed to demonstrate the superiority of the results.The results also demonstrate that the proposed model outperforms traditional techniques and thus improves the reliability of an IIoT network.展开更多
文摘为解决在IIoT(industrial internet of things)环境下,现有的调度算法调度工作流中通信频繁、数据传输量大的任务所带来的完工时间上升、成本增加等影响的问题,提出一种基于聚类的工作流多雾协同调度算法。通过二分K均值算法对工作流中的任务进行聚类,基于聚类结果,在多个雾服务器之间使用改进的免疫粒子群优化算法进行任务调度。实验结果表明,该算法相比其它一些传统的调度算法在完工时间、成本、负载均衡方面都有一定提升。
文摘为了解决在工业物联网(industrial Internet of things,IIoT)环境下,现有的调度算法在调度工作流中对数据安全、响应时间有一定要求的任务所带来的完工时间上升、成本增加的问题,提出一种基于雾环境负载率而变化的任务调度策略,并使用改进的蜣螂优化算法对工作流调度问题进行求解。改进的算法使用HEFT(heterogeneous earliest finish time)算法对蜣螂种群进行初始化,降低了原始算法中随机性带来的影响。同时引入了镜面反射和反向学习思想,提高了算法的搜索性能。实验结果表明,该算法相比于其他一些传统的调度算法在完工时间与成本方面都有一定的性能提升。
基金supported by the National Research Foundation of Korea (NRF) grant funded by the Korea Government (MSIT) (No.2021R1C1C1013133)supported by the Institute of Information and Communications Technology Planning and Evaluation (IITP)grant funded by the Korea Government (MSIT) (RS-2022-00167197,Development of Intelligent 5G/6G Infrastructure Technology for The Smart City)supported by the Soonchunhyang University Research Fund.
文摘In many IIoT architectures,various devices connect to the edge cloud via gateway systems.For data processing,numerous data are delivered to the edge cloud.Delivering data to an appropriate edge cloud is critical to improve IIoT service efficiency.There are two types of costs for this kind of IoT network:a communication cost and a computing cost.For service efficiency,the communication cost of data transmission should be minimized,and the computing cost in the edge cloud should be also minimized.Therefore,in this paper,the communication cost for data transmission is defined as the delay factor,and the computing cost in the edge cloud is defined as the waiting time of the computing intensity.The proposed method selects an edge cloud that minimizes the total cost of the communication and computing costs.That is,a device chooses a routing path to the selected edge cloud based on the costs.The proposed method controls the data flows in a mesh-structured network and appropriately distributes the data processing load.The performance of the proposed method is validated through extensive computer simulation.When the transition probability from good to bad is 0.3 and the transition probability from bad to good is 0.7 in wireless and edge cloud states,the proposed method reduced both the average delay and the service pause counts to about 25%of the existing method.
基金financially supported by the Ongoing Research Funding Program(ORF-2025-846),King Saud University,Riyadh,Saudi Arabia.
文摘Protecting Supervisory Control and Data Acquisition-Industrial Internet of Things(SCADA-IIoT)systems against intruders has become essential since industrial control systems now oversee critical infrastructure,and cyber attackers more frequently target these systems.Due to their connection of physical assets with digital networks,SCADA-IIoT systems face substantial risks from multiple attack types,including Distributed Denial of Service(DDoS),spoofing,and more advanced intrusion methods.Previous research in this field faces challenges due to insufficient solutions,as current intrusion detection systems lack the necessary accuracy,scalability,and adaptability needed for IIoT environments.This paper introduces CyberFortis,a novel cybersecurity framework aimed at detecting and preventing cyber threats in SCADA-IIoT systems.CyberFortis presents two key innovations:Firstly,Siamese Double Deep Q-Network with Autoencoders(Siamdqn-AE)FusionNet,which enhances intrusion detection by combining deep Q-Networks with autoencoders for improved attack detection and feature extraction;and secondly,the PopHydra Optimiser,an innovative solution to compute reinforcement learning discount factors for better model performance and convergence.This method combines Siamese deep Q-Networks with autoencoders to create a system that can detect different types of attacks more effectively and adapt to new challenges.CyberFortis is better than current top attack detection systems,showing higher scores in important areas like accuracy,precision,recall,and F1-score,based on data from CICIoT 2023,UNSW-NB 15,and WUSTL-IIoT datasets.Results from the proposed framework show a 97.5%accuracy rate,indicating its potential as an effective solution for SCADA-IIoT cybersecurity against emerging threats.The research confirms that the proposed security and resilience methods are successful in protecting vital industrial control systems within their operational environments.
文摘The rapid development of the industrial internet of things(IIoT)has brought huge benefits to factories equipped with IIoT technology,each of which represents an IIoT domain.More and more domains are choosing to cooperate with each other to produce better products for greater profits.Therefore,in order to protect the security and privacy of IIoT devices in cross-domain communication,lots of cross-domain authentication schemes have been proposed.However,most schemes expose the domain to which the IIoT device belongs,or introduce a single point of failure in multi-domain cooperation,thus introducing unpredictable risks to each domain.We propose a more secure and efficient domain-level anonymous cross-domain authentication(DLCA)scheme based on alliance blockchain.The proposed scheme uses group signatures with decentralized tracing technology to provide domain-level anonymity to each IIoT device and allow the public to trace the real identity of the malicious pseudonym.In addition,DLCA takes into account the limited resource characteristics of IIoT devices to design an efficient cross-domain authentication protocol.Security analysis and performance evaluation show that the proposed scheme can be effectively used in the cross-domain authentication scenario of industrial internet of things.
文摘区块链技术对保证工业物联网(Industrial Internet of Things,IIoT)的数据安全性、可信度和透明度至关重要,推动了物联网(Internet of Things,IoT)设备之间的信任和安全交互,加速了工业自动化和智能化的发展。针对区块链在IIoT中的部署优化面临网络拓扑动态复杂和无线节点能量受限等问题,提出了一种利用图卷积神经网络(graph convolutional neural network,GCN)的无线节点传输功率计算框架。通过拟合大量实验数据得到传输功率和时延之间的关系函数,引入能耗、分叉率、时延、算力等因素构建关于节点传输功率的系统效用最优化问题。经过训练后,GCN基于节点哈希算力、网络拓扑图、区块链出块间隔和区块大小等信息,可快速确定无线区块链节点最优传输功率,以提高IIoT区块链的系统能效和部署时效。实验结果表明,在复杂无线IoT环境下,所提方法能高效得到理想的无线区块链节点传输功率值,与最优值之间的平均相对偏差小于1.81%。
文摘The industrial Internet of Things(IIoT)is a new indus-trial idea that combines the latest information and communica-tion technologies with the industrial economy.In this paper,a cloud control structure is designed for IIoT in cloud-edge envi-ronment with three modes of 5G.For 5G based IIoT,the time sensitive network(TSN)service is introduced in transmission network.A 5G logical TSN bridge is designed to transport TSN streams over 5G framework to achieve end-to-end configuration.For a transmission control protocol(TCP)model with nonlinear disturbance,time delay and uncertainties,a robust adaptive fuzzy sliding mode controller(AFSMC)is given with control rule parameters.IIoT workflows are made up of a series of subtasks that are linked by the dependencies between sensor datasets and task flows.IIoT workflow scheduling is a non-deterministic polynomial(NP)-hard problem in cloud-edge environment.An adaptive and non-local-convergent particle swarm optimization(ANCPSO)is designed with nonlinear inertia weight to avoid falling into local optimum,which can reduce the makespan and cost dramatically.Simulation and experiments demonstrate that ANCPSO has better performances than other classical algo-rithms.
基金supported by the National Key Research and Development Program of China under Grant 2019YFB2102001.
文摘Nowadays,a large number of intelligent devices involved in the Industrial Internet of Things(IIoT)environment are posing unprecedented cybersecurity challenges.Due to the limited budget for security protection,the IIoT devices are vulnerable and easily compromised to launch Distributed Denial-of-Service(DDoS)attacks,resulting in disastrous results.Unfortunately,considering the particularity of the IIoT environment,most of the defense solutions in traditional networks cannot be directly applied to IIoT with acceptable security performance.Therefore,in this work,we propose a multi-point collaborative defense mechanism against DDoS attacks for IIoT.Specifically,for the single point DDoS defense,we design an edge-centric mechanism termed EdgeDefense for the detection,identification,classification,and mitigation of DDoS attacks and the generation of defense information.For the practical multi-point scenario,we propose a collaborative defense model against DDoS attacks to securely share the defense information across the network through the blockchain.Besides,a fast defense information sharing mechanism is designed to reduce the delay of defense information sharing and provide a responsive cybersecurity guarantee.The simulation results indicate that the identification and classification performance of the two machine learning models designed for EdgeDefense are better than those of the state-of-the-art baseline models,and therefore EdgeDefense can defend against DDoS attacks effectively.The results also verify that the proposed fast sharing mechanism can reduce the propagation delay of the defense information blocks effectively,thereby improving the responsiveness of the multi-point collaborative DDoS defense.
基金This work was supported by the National Natural Science Foundation of China(61872423)the Industry Prospective Primary Research&Development Plan of Jiangsu Province(BE2017111)the Scientific Research Foundation of the Higher Education Institutions of Jiangsu Province(19KJA180006).
文摘With the rapid development of data applications in the scene of Industrial Internet of Things(IIoT),how to schedule resources in IIoT environment has become an urgent problem to be solved.Due to benefit of its strong scalability and compatibility,Kubernetes has been applied to resource scheduling in IIoT scenarios.However,the limited types of resources,the default scheduling scoring strategy,and the lack of delay control module limit its resource scheduling performance.To address these problems,this paper proposes a multi-resource scheduling(MRS)scheme of Kubernetes for IIoT.The MRS scheme dynamically balances resource utilization by taking both requirements of tasks and the current system state into consideration.Furthermore,the experiments demonstrate the effectiveness of the MRS scheme in terms of delay control and resource utilization.
基金supported by the Projects of Software of Big Data Processing Tool(TC210804V-1)Big Data Risk Screening Model Procurement(No.S20200).
文摘With the development of the Industrial Internet of Things(IIoT),end devices(EDs)are equipped with more functions to capture information.Therefore,a large amount of data is generated at the edge of the network and needs to be processed.However,no matter whether these computing tasks are offloaded to traditional central clusters or mobile edge computing(MEC)devices,the data is short of security and may be changed during transmission.In view of this challenge,this paper proposes a trusted task offloading optimization scheme that can offer low latency and high bandwidth services for IIoT with data security.Blockchain technology is adopted to ensure data consistency.Meanwhile,to reduce the impact of low throughput of blockchain on task offloading performance,we design the processes of consensus and offloading as a Markov decision process(MDP)by defining states,actions,and rewards.Deep reinforcement learning(DRL)algorithm is introduced to dynamically select offloading actions.To accelerate the optimization,we design a novel reward function for the DRL algorithm according to the scale and computational complexity of the task.Experiments demonstrate that compared with methods without optimization,our mechanism performs better when it comes to the number of task offloading and throughput of blockchain.
文摘Fog Computing(FC)provides processing and storage resources at the edge of the Internet of Things(IoT).By doing so,FC can help reduce latency and improve reliability of IoT networks.The energy consumption of servers and computing resources is one of the factors that directly affect conservation costs in fog environments.Energy consumption can be reduced by efficacious scheduling methods so that tasks are offloaded on the best possible resources.To deal with this problem,a binary model based on the combination of the Krill Herd Algorithm(KHA)and the Artificial Hummingbird Algorithm(AHA)is introduced as Binary KHA-AHA(BAHA-KHA).KHA is used to improve AHA.Also,the BAHA-KHA local optimal problem for task scheduling in FC environments is solved using the dynamic voltage and frequency scaling(DVFS)method.The Heterogeneous Earliest Finish Time(HEFT)method is used to discover the order of task flow execution.The goal of the BAHA-KHA model is to minimize the number of resources,the communication between dependent tasks,and reduce energy consumption.In this paper,the FC environment is considered to address the workflow scheduling issue to reduce energy consumption and minimize makespan on fog resources.The results were tested on five different workflows(Montage,CyberShake,LIGO,SIPHT,and Epigenomics).The evaluations show that the BAHA-KHA model has the best performance in comparison with the AHA,KHA,PSO and GA algorithms.The BAHA-KHA model has reduced the makespan rate by about 18%and the energy consumption by about 24%in comparison with GA.This is a preview of subscription content,log in via an institution to check access.
文摘By the emergence of the fourth industrial revolution,interconnected devices and sensors generate large-scale,dynamic,and inharmonious data in Industrial Internet of Things(IIoT)platforms.Such vast heterogeneous data increase the challenges of security risks and data analysis procedures.As IIoT grows,cyber-attacks become more diverse and complex,making existing anomaly detection models less effective to operate.In this paper,an ensemble deep learning model that uses the benefits of the Long Short-Term Memory(LSTM)and the AutoEncoder(AE)architecture to identify out-of-norm activities for cyber threat hunting in IIoT is proposed.In this model,the LSTM is applied to create a model on normal time series of data(past and present data)to learn normal data patterns and the important features of data are identified by AE to reduce data dimension.In addition,the imbalanced nature of IIoT datasets has not been considered in most of the previous literature,affecting low accuracy and performance.To solve this problem,the proposed model extracts new balanced data from the imbalanced datasets,and these new balanced data are fed into the deep LSTM AE anomaly detection model.In this paper,the proposed model is evaluated on two real IIoT datasets-Gas Pipeline(GP)and Secure Water Treatment(SWaT)that are imbalanced and consist of long-term and short-term dependency on data.The results are compared with conventional machine learning classifiers,Random Forest(RF),Multi-Layer Perceptron(MLP),Decision Tree(DT),and Super Vector Machines(SVM),in which higher performance in terms of accuracy is obtained,99.3%and 99.7%based on GP and SWaT datasets,respectively.Moreover,the proposed ensemble model is compared with advanced related models,including Stacked Auto-Encoders(SAE),Naive Bayes(NB),Projective Adaptive Resonance Theory(PART),Convolutional Auto-Encoder(C-AE),and Package Signatures(PS)based LSTM(PS-LSTM)model.
文摘The industrial Internet of Things (IIoT) is an important engine for manufacturingenterprises to provide intelligent products and services. With the development of IIoT, moreand more attention has been paid to the application of ultra-reliable and low latency communications(URLLC) in the 5G system. The data analysis model represented by digital twins isthe core of IIoT development in the manufacturing industry. In this paper, the efforts of3GPP are introduced for the development of URLLC in reducing delay and enhancing reliability,as well as the research on little jitter and high transmission efficiency. The enhancedkey technologies required in the IIoT are also analyzed. Finally, digital twins are analyzedaccording to the actual IIoT situation.
基金This work was supported in part by the National Natural Science Foundation of China(Nos.62072074,62076054,62027827,62002047)the Sichuan Science and Technology Innovation Platform and Talent Plan(Nos.2020JDJQ0020,2022JDJQ0039)+2 种基金the Sichuan Science and Technology Support Plan(Nos.2020YFSY0010,2022YFQ0045,2022YFS0220,2023YFG0148,2021YFG0131)the YIBIN Science and Technology Support Plan(No.2021CG003)the Medico-Engineering Cooperation Funds from University of Electronic Science and Technology of China(Nos.ZYGX2021YGLH212,ZYGX2022YGRH012).
文摘With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.
基金The authors extend their appreciation to the Deputyship for Research&Innovation,Ministry of Education in Saudi Arabia for funding this research work through the Project Number IFPHI-218-611-2020.”。
文摘The Industrial Internet of Things(IIoT)has been growing for presentations in industry in recent years.Security for the IIoT has unavoidably become a problem in terms of creating safe applications.Due to continual needs for new functionality,such as foresight,the number of linked devices in the industrial environment increases.Certification of fewer signatories gives strong authentication solutions and prevents trustworthy third parties from being publicly certified among available encryption instruments.Hence this blockchain-based endpoint protection platform(BCEPP)has been proposed to validate the network policies and reduce overall latency in isolation or hold endpoints.A resolver supports the encoded model as an input;network functions can be optimized as an output in an infrastructure network.The configuration of the virtual network functions(VNFs)involved fulfills network characteristics.The output ensures that the final service is supplied at the least cost,including processing time and network latency.According to the findings of this comparison,our design is better suited to simplified trust management in IIoT devices.Thus,the experimental results show the adaptability and resilience of our suggested confidence model against behavioral changes in hostile settings in IIoT networks.The experimental results show that our proposed method,BCEPP,has the following,when compared to other methods:high computational cost of 95.3%,low latency ratio of 28.5%,increased data transmitting rate up to 94.1%,enhanced security rate of 98.6%,packet reception ratio of 96.1%,user satisfaction index of 94.5%,and probability ratio of 33.8%.
基金The author(s)acknowledge Jouf University,Saudi Arabia for his funding support.
文摘The emergence of industry 4.0 stems from research that has received a great deal of attention in the last few decades.Consequently,there has been a huge paradigm shift in the manufacturing and production sectors.However,this poses a challenge for cybersecurity and highlights the need to address the possible threats targeting(various pillars of)industry 4.0.However,before providing a concrete solution certain aspect need to be researched,for instance,cybersecurity threats and privacy issues in the industry.To fill this gap,this paper discusses potential solutions to cybersecurity targeting this industry and highlights the consequences of possible attacks and countermeasures(in detail).In particular,the focus of the paper is on investigating the possible cyber-attacks targeting 4 layers of IIoT that is one of the key pillars of Industry 4.0.Based on a detailed review of existing literature,in this study,we have identified possible cyber threats,their consequences,and countermeasures.Further,we have provided a comprehensive framework based on an analysis of cybersecurity and privacy challenges.The suggested framework provides for a deeper understanding of the current state of cybersecurity and sets out directions for future research and applications.
文摘The evolution of the Internet of Things(IoT)has empowered modern industries with the capability to implement large-scale IoT ecosystems,such as the Industrial Internet of Things(IIoT).The IIoT is vulnerable to a diverse range of cyberattacks that can be exploited by intruders and cause substantial reputational andfinancial harm to organizations.To preserve the confidentiality,integrity,and availability of IIoT networks,an anomaly-based intrusion detection system(IDS)can be used to provide secure,reliable,and efficient IIoT ecosystems.In this paper,we propose an anomaly-based IDS for IIoT networks as an effective security solution to efficiently and effectively overcome several IIoT cyberattacks.The proposed anomaly-based IDS is divided into three phases:pre-processing,feature selection,and classification.In the pre-processing phase,data cleaning and nor-malization are performed.In the feature selection phase,the candidates’feature vectors are computed using two feature reduction techniques,minimum redun-dancy maximum relevance and neighborhood components analysis.For thefinal step,the modeling phase,the following classifiers are used to perform the classi-fication:support vector machine,decision tree,k-nearest neighbors,and linear discriminant analysis.The proposed work uses a new data-driven IIoT data set called X-IIoTID.The experimental evaluation demonstrates our proposed model achieved a high accuracy rate of 99.58%,a sensitivity rate of 99.59%,a specificity rate of 99.58%,and a low false positive rate of 0.4%.
基金work through Researchers Supporting Project number(RSP-2020/164),King Saud University,Riyadh,Saudi Arabia.
文摘Generally,the risks associated with malicious threats are increasing for the Internet of Things(IoT)and its related applications due to dependency on the Internet and the minimal resource availability of IoT devices.Thus,anomaly-based intrusion detection models for IoT networks are vital.Distinct detection methodologies need to be developed for the Industrial Internet of Things(IIoT)network as threat detection is a significant expectation of stakeholders.Machine learning approaches are considered to be evolving techniques that learn with experience,and such approaches have resulted in superior performance in various applications,such as pattern recognition,outlier analysis,and speech recognition.Traditional techniques and tools are not adequate to secure IIoT networks due to the use of various protocols in industrial systems and restricted possibilities of upgradation.In this paper,the objective is to develop a two-phase anomaly detection model to enhance the reliability of an IIoT network.In the first phase,SVM and Naïve Bayes,are integrated using an ensemble blending technique.K-fold cross-validation is performed while training the data with different training and testing ratios to obtain optimized training and test sets.Ensemble blending uses a random forest technique to predict class labels.An Artificial Neural Network(ANN)classifier that uses the Adam optimizer to achieve better accuracy is also used for prediction.In the second phase,both the ANN and random forest results are fed to the model’s classification unit,and the highest accuracy value is considered the final result.The proposed model is tested on standard IoT attack datasets,such as WUSTL_IIOT-2018,N_BaIoT,and Bot_IoT.The highest accuracy obtained is 99%.A comparative analysis of the proposed model using state-of-the-art ensemble techniques is performed to demonstrate the superiority of the results.The results also demonstrate that the proposed model outperforms traditional techniques and thus improves the reliability of an IIoT network.
