Enhanced Deep Learning for IIoT Threat Intelligence: Revealing Advanced Persistent Threat Attack Patterns

Enhanced Deep Learning for IIoT Threat Intelligence: Revealing Advanced Persistent Threat Attack Patterns

연구 분야: Safety

학회: International Conference on Applications and Techniques in Information Security

The widespread adoption of the Industrial Internet of Things (IIoT) across the globe relatively increases the spread of security issues due to the growth of incursion groups through sophisticated nation-state sponsors. These incursion groups are known as Advanced Persistent Threats (APT) that target valued resources and remain undetected for a prolonged period in the victim’s network. Intelligent Learning models play a vital role in providing effective means of identifying such assaults by capturing the network flow and mapping the features to develop significant attack detection strategies to enhance cyber resilience for the IT & OT Infrastructure. However, the dynamic characteristics of APT pose Multi-layered monitoring and the traditional learning models fail to detect multiple attack variants of APT. In addition, these learning methods lack decisive features from the obtained high-dimensional heterogeneous IIoT network traffic data. In contrast to the resource-scarce sensor nodes, these strategies are resource-intensive. To address the limitations of the learning model, a Weighted PCA-based Enhanced Deep Neural Network (WPCA_E-DNN) is proposed to identify the APT characteristics. It employs Weighted PCA deployed to improve the model’s interpretability to extract pertinent features and Improved the Genetic Algorithm (GA) by assigning weights to the fitness function and tuning the hyperparameters of DNN to maintain the generalizability and local optima. Therefore, the efficiency of the proposed model is validated using the CICAPT IIoT 2024 dataset. The proposed model exhibits better results with 95.2%, 92.7%, 93.1% and 92.6% when compared with cutting-edge techniques in terms of accuracy, recall precision, and F1-Score.