Document Type : Reseach Article

Authors

1 Department of Electrical Engineering, Ahar Branch, Islamic Azad University, Ahar, Iran

2 Department of Electrical Engineering, Ahar Branch, Islamic, Azad University, Ahar, Iran

3 Department of Electrical and Computer Engineering Faculty, University of Tabriz, Tabriz, Iran.

Abstract

The increasing number of Industrial Internet of Things (IIoT) devices presents hackers with a huge attack surface from which to conduct possibly more destructive assaults. Numerous of these assaults were successful as a consequence of the hackers' inventive and unique approaches. Due to the unpredictability of network technology and attack attempts, traditional Deep Learning (DL) approaches are made ineffective. The accuracy of DL algorithms has been shown across a range of scientific fields. The Convolutional Neural Network Model (CNN) technique is an ideal alternative for anomaly detection and classification since it can automatically classify incoming data and conduct calculations faster. We introduce Honeypot Early Intrusion Detection System (HEIDS) that detects anomalies and classifies intrusions in IIoT networks using DL methods. The model is designed to detect adversaries attempting to attack IIoT Industrial Control Systems (ICS). The suggested model is implemented using One-dimensional convolutional neural networks (CNN 1D). Due to the importance of industrial services, this system contributes to the enhancement of information security detection in the industrial domain. Finally, this research gives an assessment of the HEIDS datasets of IIoT, utilizing the CNN 1D technique. With this approach, the prediction accuracy of 1.0 was reached.

Keywords

  • [1] Wang, W. Zhang, H. He, P. Liu, D. X. Luo, Y. Liu, J. Jiang, Y. Li, X. Zhang, and W. Liu, “An evolutionary study of IoT malware,” IEEE Internet of Things Journal, Vol. 8, No. 20, pp. 15422-15440, 2021.
  • [2] Zhang, B. Zhang, Y. Zhou, H. He, and Z. Ding, “An IoT honeynet based on multiport honeypots for capturing IoT attacks,” IEEE Internet of Things Journal, Vol. 7, No. 5, pp. 3991-3999, 2019.
  • [3] Franco, A. Aris, B. Canberk, and A. S. Uluagac, “A survey of honeypots and honeynets for internet of things, industrial internet of things, and cyber-physical systems,” IEEE Communications Surveys & Tutorials, Vol. 23, No. 4, pp. 2351-2383, 2021.
  • [4] Pashaei, M. E. Akbari, M. Z. Lighvan, and Charmin, A, "Early Intrusion Detection System using honeypot for industrial control networks," Results in Engineering, 16, 100576, 2022.
  • [5] Tian, M. Du, X. Ji, G. Liu, Y. Dai, and Z. Han, “Honeypot detection strategy against advanced persistent threats in industrial internet of things: a prospect theoretic game,” IEEE Internet of Things Journal, Vol. 8, No. 24, pp. 17372-17381, 2021.
  • [6] Tsemogne, Y. Hayel, C. Kamhoua, and G. Deugoué, “Game-Theoretic Modeling of Cyber Deception Against Epidemic Botnets in Internet of Things,” IEEE Internet of Things Journal, Vol. 9, No. 4, pp. 2678-2687, 2021.
  • [7] Li, X. Feng, H. Wang, and L. Sun, “Understanding the usage of industrial control system devices on the internet,” IEEE Internet of Things Journal, Vol. 5, No. 3, pp. 2178-2189, 2018.
  • [8] Pashaei, M. E. Akbari, M. Z. Lighvan, and A. Charmin, “Honeypot Intrusion Detection System using an Adversarial Reinforcement Learning for Industrial Control Networks,” Majlesi Journal of Telecommunication Devices, Vol.12(1), pp. 17-28, 2023.
  • [9] Pashaei, M. E. Akbari, M. Z. Lighvan, and A. Charmin, “A Honeypot-assisted Industrial Control System to Detect Replication Attacks on Wireless Sensor Networks,” Majlesi Journal of Telecommunication Devices, Vol. 11(3), pp. 155-160, 2022.
  • Wagener, “Self-adaptive honeypots coercing and assessing attacker behaviour,” Institut National Polytechnique de Lorraine-INPL, 2011.
  • Pauna, and I. Bica, "RASSH-Reinforced adaptive SSH honeypot." In 2014 10th International Conference on Communications (COMM), IEEE. Vol., No. Issue, pp. 1-6, 2014.
  • Pauna, A.-C. Iacob, and I. Bica, "Qrassh-a self-adaptive ssh honeypot driven by q-learning." In 2018 international conference on communications (COMM), IEEE, pp. 441-446, 2018.
  • Pauna, I. Bica, F. Pop, and A. Castiglione, “On the rewards of self-adaptive IoT honeypots,” Annals of Telecommunications, Vol. 74, No. 7, pp. 501-515, 2019.
  • Luo, Z. Xu, X. Jin, Y. Jia, and X. Ouyang, “Iotcandyjar: Towards an intelligent-interaction honeypot for iot devices,” Black Hat, Vol. 1, pp. 1-11, 2017.
  • Zhou, "Chameleon: Towards adaptive honeypot for internet of things." in Proceedings of the ACM Turing Celebration Conference-China, pp. 1-5, 2019.
  • Lingenfelter, I. Vakilinia, and S. Sengupta, "Analyzing variation among IoT botnets using medium interaction honeypots," in 2020 10th Annual Computing and Communication Workshop and Conference (CCWC): IEEE, pp. 0761-0767, 2020.
  • Wang, J. Santillan, and F. Kuipers, “Thingpot: an interactive internet-of-things honeypot,” arXiv preprint arXiv:1807.04114, 2018.
  • Lingenfelter, I. Vakilinia, and S. Sengupta, "Analyzing variation among IoT botnets using medium interaction honeypots." in Proceedings of the ACM Turing Celebration Conference-China, pp. 0761-0767, 2019.
  • Siniosoglou, G. Efstathopoulos, D. Pliatsios, I. D. Moscholios, A. Sarigiannidis, G. Sakellari, G. Loukas, and P. Sarigiannidis, "NeuralPot: An industrial honeypot implementation based on deep neural networks." in 2020 IEEE Symposium on Computers and Communications (ISCC): IEEE, pp. 1-7, 2020.
  • Dowling, M. Schukat, and E. Barrett, “New framework for adaptive and agile honeypots,” ETRI Journal, Vol. 42, No. 6, pp. 965-975, 2020.
  • Maesschalck, V. Giotsas, B. Green, and N. Race, "Honeypots for Automatic Network-Level Industrial Control System Security." in 14th EuroSys Doctoral Workshop, 2020.
  • Wang, Y. Jiang, and J. Lan, “Fcnn: An efficient intrusion detection method based on raw network traffic,” Security and Communication Networks, Vol. 2021, 2021.
  • Vinayakumar, K. Soman, and P. Poornachandran, "Applying convolutional neural network for network intrusion detection." in 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI): IEEE, pp. 1222-1228, 2017.
  • Swapna, K. Soman, and R. Vinayakumar, “Automated detection of cardiac arrhythmia using deep learning techniques,” Procedia computer science, Vol. 132, pp. 1192-1201, 2018.
  • K. Verma, P. Kaushik, and G. Shrivastava, "A network intrusion detection approach using variant of convolution neural network." in 2019 International Conference on Communication and Electronics Systems (ICCES): IEEE, pp. 409-416, 2019.