Abstract
Threat problem has become more complex in the industrial environment due to the need to secure a large number of devices from attack while maintaining system reliability and real-time response to threats. In such scenario detection of threat in Industrial Internet of things (IIoT) devices becomes an important factor to avoid injection by malicious IIoT devices. The techniques based on the Hidden Markov Models (HMM) are probably the most popular in detecting threat of detection. However, HMM requires extensive training of the models and computational resources. Also, HMM has the drawback of convergence to a local optimum while using Baum–Welch algorithm for parameter estimation. In order to optimize the HMM parameters, global search techniques can be used. This work proposes Genetic algorithms (GA) for optimizing HMM parameters. The other difficulty in threat detection is the dynamic nature of the attack. Several new threats are emerging with many variants which are created from existing attacks, making threat modeling an arduous task. As a result, good features are critical to model traffic and provide an efficient way to detect known and possibly unknown attacks to detect. To achieve a better feature extraction from the network traffic, we propose a dynamic sliding window \(W\) which has a width of \(w\). The proposed multiple-HMM performs well to detect threats. The simulation results are compared to the results obtained by the Baum–Welch algorithm based approach showing higher accuracy and convergences.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Karie NM, Sahri NM, Haskell-Dowland P (2020) IoT threat detection advances, challenges and future directions. In: 2020 Workshop on Emerging Technologies for Security in IoT (ETSecIoT), Sydney, Australia, pp 22–29. https://doi.org/10.1109/ETSecIoT50046.2020.00009
Milosevic J, Malek M, Ferrante A (2016) A friend or a foe? Detecting malware using memory and CPU features. In: Proceedings of the 13th International Joint Conference on E-business and Telecommunications (ICETE 2016), vol 4, pp 73–84. https://doi.org/10.5220/0005964200730084
Xiao L, Wan X, Lu X, Zhang Y, Wu D (2018) IoT security techniques based on machine learning: how do IoT devices use AI to enhance security? IEEE Signal Process Mag 35(5):41–49. https://doi.org/10.1109/MSP.2018.2825478
Xin Y, Lingshuang Kong ZHI, Liu YC, Li Y, Zhu H, Gao M, Hou H, Wang C (2018) Machine learning and deep learning methods for cybersecurity. IEEE Access 6(2018):35365–35381. https://doi.org/10.1109/ACCESS.2018.2836950
Lesjak C, Hein D, Winter J (2015) Hardware-security technologies for industrial IoT: TrustZone and security controller. In: IECON 2015—41st Annual Conference of the IEEE Industrial Electronics Society, Nov 2015, pp 002589–002595. https://doi.org/10.1109/IECON.2015.7392493.
Abuhasel KA, Khan MA (2020) A secure industrial internet of things (IIoT) framework for resource management in smart manufacturing. IEEE Access 8:117354–117364. https://doi.org/10.1109/ACCESS.2020.3004711
Aazam M, Zeadally S, Harras KA (2018) Deploying fog computing in industrial internet of things and industry 4.0. IEEE Trans Indust Inf 14(10):4674–4682
Wang D, Wang X, Zhang Y, Jin L (2019) Detection of power grid disturbances and cyber-attacks based on machine learning. J Inf Secur Appl 46:42–52. https://doi.org/10.1016/j.jisa.2019.02.008
He Y, Mendis GJ, Wei J (2017) Real-time detection of false data injection attacks in smart grid: a deep learning-based intelligent mechanism. IEEE Trans Smart Grid 8(5):2505–2516. https://doi.org/10.1109/TSG.2017.2703842
Huda S, Yearwood J, Hassan MM, Almogren A (2018) Securing the operations in SCADA-IoT platform based industrial control system using ensemble of deep belief networks. Appl Soft Comput 71:66–77. https://doi.org/10.1016/j.asoc.2018.06.017
Hassan M, Gumaei A, Huda S, Almogren A (2020) Increasing the trustworthiness in the industrial IoT networks through a reliable cyber-attack detection model. IEEE Trans Industr Inf 2020:1–1. https://doi.org/10.1109/TII.2020.2970074
Ahmed A, Krishnan VVG, Foroutan SA, Touhiduzzaman M, Rublein C, Srivastava A, Wu Y, Hahn A, Suresh S (2019) Cyber physical security analytics for anomalies in transmission protection systems. IEEE Trans Ind Appl 55(6):6313–6323
Liang F, Yu W, Liu X, Griffith D, Golmie N (2019) Towards edge-based deep learning in industrial internet of things. IEEE Internet Things J. https://doi.org/10.1109/JIOT.2019.2963635
Hodo E et al (2016) Threat analysis of IoT networks using artificial neural network intrusion detection system. In: 2016 International Symposium on Networks, Computers and Communications (ISNCC), Yasmine Hammamet, pp 1–6. https://doi.org/10.1109/ISNCC.2016.7746067.
Thamilarasu G, Chawla S (1977) Towards deep-learning-driven intrusion detection for the internet of things. Sensors 2019:19. https://doi.org/10.3390/s19091977
Ullah F et al (2019) Cyber security threats detection in internet of things using deep learning approach. IEEE Access 7:124379–124389. https://doi.org/10.1109/ACCESS.2019.2937347
Abomhara M (2015) Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. J Cyber Secur Mobility 4(1):65–88
Rabiner LR (1989) A tutorial on hidden Markov models and selected applications in speech recognition. Proc IEEE 77(2):257–286. https://doi.org/10.1109/5.18626
Rabiner LR, Juang BH (1986) An introduction to hidden markov models. In: IEEE ASSP MAGAZINE, pp 4–16
Mor B, Garhwal S, Kumar A (2020) A systematic review of hidden markov models and their applications. Arch Comput Methods Eng. https://doi.org/10.1007/s11831-020-09422-4
Zegeye WK, Dean RA, Moazzami F (2019) Multi-layer hidden markov model based intrusion detection system. Mach Learn Knowl Extract 1:265–286. https://doi.org/10.3390/make1010017
Korayem M, Badr A, Farag I (2007a) Optimizing hidden markov models using genetic algorithms and artificial immune 651 systems. Comput Inf Syst 11(2):1–7
Baum L, Petrie T, Soules G, Weiss N (1970) A maximization technique occurring in the statistical analysis of probabilistic functions of markov chains. Ann Math Stat 41(1):164–171. https://doi.org/10.2307/2239727
Kuncheva L (2014) Combining pattern classifiers: methods and algorithms, 2nd edn. Wiley, Hoboken
Korayem M, Badr A, Farag I (2007b) Optimizing hidden markov models using genetic algorithms and artificial immune systems. Comput Inf Syst 11(2):1–7
Hamed T, Ernst JB, Kremer SC (2018) A survey and taxonomy of classifiers of intrusion detection systems. In: Daimi K (ed) Computer and network security essentials. Springer, Cham. https://doi.org/10.1007/978-3-319-58424-9_2
Qayyum A, Islam MH, Jamil M (2005) Taxonomy of statistical based anomaly detection techniques for intrusion detection. Emerg Technol IEEE 1:270–276
Brown DJ, Bill S, Wang BT (2020) A survey of intrusion detection systems. Department of Computer Science, University of California, San Diego, CA, USA; http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.87.408&rep=rep1&type=pdf. Accessed on 10 July 2020.
Salunkhe UR, Mali SN (2017) Security enrichment in intrusion detection system using classifier ensemble. J Electr Comput Eng. https://doi.org/10.1155/2017/1794849
Simske S (2019) Meta-analytic design patterns. Meta-Analytics. https://doi.org/10.1016/B978-0-12-814623-1.00004-6
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Khan, M.A., Abuhasel, K.A. An evolutionary multi-hidden Markov model for intelligent threat sensing in industrial internet of things. J Supercomput 77, 6236–6250 (2021). https://doi.org/10.1007/s11227-020-03513-6
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-020-03513-6