TY - JOUR
T1 - Securing Critical Infrastructures
T2 - Deep-Learning-Based Threat Detection in IIoT
AU - Yu, Keping
AU - Tan, Liang
AU - Mumtaz, Shahid
AU - Al-Rubaye, Saba
AU - Al-Dulaimi, Anwer
AU - Bashir, Ali Kashif
AU - Khan, Farrukh Aslam
N1 - Funding Information:
This work was supported in part by the Japan Society for the Promotion of Science (JSPS) Grantsin- Aid for Scientific Research (KAKENHI) under Grant JP18K18044 and JP21K17736, in part by the National Natural Science Foundation of China under Grant No. 61373162, in part by the Sichuan Provincial Science and Technology Department Project under Grant No. 2019YFG0183, and in part by the Sichuan Provincial Key Laboratory Project under Grant No. KJ201402.
Publisher Copyright:
© 1979-2012 IEEE.
PY - 2021/10/1
Y1 - 2021/10/1
N2 - The Industrial Internet of Things (IIoT) is a physical information system developed based on traditional industrial control networks. As one of the most critical infrastructure systems, IIoT is also a preferred target for adversaries engaged in advanced persistent threats (APTs). To address this issue, we explore a deep-learning-based proactive APT detection scheme in IIoT. In this scheme, considering the characteristics of long attack sequences and long-term continuous APT attacks, our solution adopts a well-known deep learning model, bidirectional encoder representations from transformers (BERT), to detect APT attack sequences. The APT attack sequence is also optimized to ensure the model's long-term sequence judgment effectiveness. The experimental results not only show that the proposed deep learning method has feasibility and effectiveness for APT detection, but also certify that the BERT model has better accuracy and a lower false alarm rate when detecting APT attack sequences than other time series models.
AB - The Industrial Internet of Things (IIoT) is a physical information system developed based on traditional industrial control networks. As one of the most critical infrastructure systems, IIoT is also a preferred target for adversaries engaged in advanced persistent threats (APTs). To address this issue, we explore a deep-learning-based proactive APT detection scheme in IIoT. In this scheme, considering the characteristics of long attack sequences and long-term continuous APT attacks, our solution adopts a well-known deep learning model, bidirectional encoder representations from transformers (BERT), to detect APT attack sequences. The APT attack sequence is also optimized to ensure the model's long-term sequence judgment effectiveness. The experimental results not only show that the proposed deep learning method has feasibility and effectiveness for APT detection, but also certify that the BERT model has better accuracy and a lower false alarm rate when detecting APT attack sequences than other time series models.
UR - http://www.scopus.com/inward/record.url?scp=85115323114&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85115323114&partnerID=8YFLogxK
U2 - 10.1109/MCOM.101.2001126
DO - 10.1109/MCOM.101.2001126
M3 - Article
AN - SCOPUS:85115323114
SN - 0163-6804
VL - 59
SP - 76
EP - 82
JO - IEEE Communications Magazine
JF - IEEE Communications Magazine
IS - 10
ER -