A hybrid intrusion detection approach based on message queuing telemetry transport (MQTT) protocol in industrial internet of things

IF 2.5 4区 计算机科学 Q3 TELECOMMUNICATIONS Transactions on Emerging Telecommunications Technologies Pub Date : 2024-08-20 DOI:10.1002/ett.5030
Georg Thamer Francis, Alireza Souri, Nihat İnanç
{"title":"A hybrid intrusion detection approach based on message queuing telemetry transport (MQTT) protocol in industrial internet of things","authors":"Georg Thamer Francis,&nbsp;Alireza Souri,&nbsp;Nihat İnanç","doi":"10.1002/ett.5030","DOIUrl":null,"url":null,"abstract":"<p>The number of attacks against Industrial Internet of Things (IIoT) devices has increased over the past years, particularly on widely used communication protocols like Message Queuing Telemetry Transfer (MQTT). The fast increase in IIoT applications brings both critical challenges and technical gaps in cybersecurity. On the other hand, traditional cyber-attack detection approaches scrap to address and support the run-time responsibilities of IIoT environments. This study presents a hybrid Genetic Algorithm and Random Forest (GA_RF) method for detecting cyber-attacks in Industrial Control Machines (ICS) that use MQTT protocol in the IIoT environment. This architecture integrates ICS with edge devices and cloud servers, using a GA_RF algorithm to detect anomalies in data collected by sensors. Normal data is processed locally and then sent to the cloud for storage and return, ensuring continuous monitoring and security. Also, the MQTT-IOT-IDS2020 dataset as a real test case was applied for prediction of the proposed GA_RF method with compare to some other powerful machine and deep learning models. The experimental results show that the proposed GA_RF method has an optimum accuracy of 99.87%–100% for detecting cyber-attacks. This hybrid algorithm also achieved 0–0.0015 in Mean Absolute Error (MAE) and 100% in Precision, Recall, and F-score factors. This result led to the proposed architecture, which connects the ICS to a server while running GA_RF on the IIoT environment. In conclusion, this study indicates the effectiveness of GA_RF and aims to improve security by using the MQTT protocol in IIoT.</p>","PeriodicalId":23282,"journal":{"name":"Transactions on Emerging Telecommunications Technologies","volume":"35 9","pages":""},"PeriodicalIF":2.5000,"publicationDate":"2024-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Transactions on Emerging Telecommunications Technologies","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/ett.5030","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}
引用次数: 0

Abstract

The number of attacks against Industrial Internet of Things (IIoT) devices has increased over the past years, particularly on widely used communication protocols like Message Queuing Telemetry Transfer (MQTT). The fast increase in IIoT applications brings both critical challenges and technical gaps in cybersecurity. On the other hand, traditional cyber-attack detection approaches scrap to address and support the run-time responsibilities of IIoT environments. This study presents a hybrid Genetic Algorithm and Random Forest (GA_RF) method for detecting cyber-attacks in Industrial Control Machines (ICS) that use MQTT protocol in the IIoT environment. This architecture integrates ICS with edge devices and cloud servers, using a GA_RF algorithm to detect anomalies in data collected by sensors. Normal data is processed locally and then sent to the cloud for storage and return, ensuring continuous monitoring and security. Also, the MQTT-IOT-IDS2020 dataset as a real test case was applied for prediction of the proposed GA_RF method with compare to some other powerful machine and deep learning models. The experimental results show that the proposed GA_RF method has an optimum accuracy of 99.87%–100% for detecting cyber-attacks. This hybrid algorithm also achieved 0–0.0015 in Mean Absolute Error (MAE) and 100% in Precision, Recall, and F-score factors. This result led to the proposed architecture, which connects the ICS to a server while running GA_RF on the IIoT environment. In conclusion, this study indicates the effectiveness of GA_RF and aims to improve security by using the MQTT protocol in IIoT.

Abstract Image

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
工业物联网中基于消息队列遥测传输(MQTT)协议的混合入侵检测方法
在过去几年中,针对工业物联网(IIoT)设备的攻击数量不断增加,尤其是针对消息队列遥测传输(MQTT)等广泛使用的通信协议的攻击。IIoT 应用的快速增长给网络安全带来了严峻挑战和技术差距。另一方面,传统的网络攻击检测方法无法解决和支持物联网环境的运行时责任。本研究提出了一种混合遗传算法和随机森林(GA_RF)方法,用于检测 IIoT 环境中使用 MQTT 协议的工业控制机(ICS)中的网络攻击。该架构将 ICS 与边缘设备和云服务器集成在一起,使用 GA_RF 算法检测传感器收集的数据中的异常情况。正常数据在本地进行处理,然后发送到云端进行存储和返回,从而确保持续监控和安全性。此外,MQTT-IOT-IDS2020 数据集作为一个真实的测试案例,用于预测所提出的 GA_RF 方法,并与其他一些强大的机器和深度学习模型进行比较。实验结果表明,所提出的 GA_RF 方法在检测网络攻击方面具有 99.87%-100% 的最佳准确率。该混合算法的平均绝对误差(MAE)也达到了 0-0.0015,精确度、召回率和 F 分数均为 100%。根据这一结果,提出了在 IIoT 环境中运行 GA_RF 的同时将 ICS 连接到服务器的架构。总之,本研究表明了 GA_RF 的有效性,旨在通过在 IIoT 中使用 MQTT 协议来提高安全性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
CiteScore
8.90
自引率
13.90%
发文量
249
期刊介绍: ransactions on Emerging Telecommunications Technologies (ETT), formerly known as European Transactions on Telecommunications (ETT), has the following aims: - to attract cutting-edge publications from leading researchers and research groups around the world - to become a highly cited source of timely research findings in emerging fields of telecommunications - to limit revision and publication cycles to a few months and thus significantly increase attractiveness to publish - to become the leading journal for publishing the latest developments in telecommunications
期刊最新文献
Secrecy Performance of Full-Duplex Space-Air-Ground Integrated Networks in the Presence of Active/Passive Eavesdropper, and Friendly Jammer Soft Actor-Critic Request Redirection for Quality Control in Green Multimedia Content Distribution Issue Information An IoT-Based 5G Wireless Sensor Network Employs a Secure Routing Methodology Leveraging DCNN Processing Research and Implementation of a Classification Method of Industrial Big Data for Security Management
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1