TY - JOUR
T1 - Federated Threat-hunting Approach for Microservice-based Industrial Cyber-physical System
AU - Abdel-Basset, Mohamed
AU - Hawash, Hossam
AU - Sallam, Karam
N1 - Publisher Copyright:
© 2005-2012 IEEE.
PY - 2022/3/1
Y1 - 2022/3/1
N2 - The lightning convergence of industry 4.0 and the intelligent Internet of Things (IoT) technologies has significantly increased the vulnerability of industrial cyber-physical systems (ICPSs) to a large population of cyber threats. Intelligent threat detection for discovering cyber threats is a challenging task as it essentially deals with wide-scale, complicated, and heterogeneous ICPSs. This article presents a novel federated deep learning (DL) model (Fed-TH) for hunting cyber threats against ICPSs that captures the temporal and spatial representations of network data. Then, a container-based industrial edge computing framework is designed to deploy the Fed-TH as a threat-hunting microservice on suitable edge servers while maintaining decent resource orchestration. To tackle the latency issue of an ICSP, an exploratory microservice placement method is introduced to enable better microservice deployment based on the computational resources of the participants. The simulation results obtained from two public benchmarks validate the effectiveness of these approaches in terms of accuracy (92.97%, 92.84%) and f1-scores (91.61%, 90.49%).
AB - The lightning convergence of industry 4.0 and the intelligent Internet of Things (IoT) technologies has significantly increased the vulnerability of industrial cyber-physical systems (ICPSs) to a large population of cyber threats. Intelligent threat detection for discovering cyber threats is a challenging task as it essentially deals with wide-scale, complicated, and heterogeneous ICPSs. This article presents a novel federated deep learning (DL) model (Fed-TH) for hunting cyber threats against ICPSs that captures the temporal and spatial representations of network data. Then, a container-based industrial edge computing framework is designed to deploy the Fed-TH as a threat-hunting microservice on suitable edge servers while maintaining decent resource orchestration. To tackle the latency issue of an ICSP, an exploratory microservice placement method is introduced to enable better microservice deployment based on the computational resources of the participants. The simulation results obtained from two public benchmarks validate the effectiveness of these approaches in terms of accuracy (92.97%, 92.84%) and f1-scores (91.61%, 90.49%).
KW - Cyber-physical system
KW - deep learning (DL)
KW - industrial Internet of Things (IIoT)
KW - threat intelligence (TI)
UR - http://www.scopus.com/inward/record.url?scp=85112421280&partnerID=8YFLogxK
UR - https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=9424
U2 - 10.1109/TII.2021.3091150
DO - 10.1109/TII.2021.3091150
M3 - Article
SN - 1551-3203
VL - 18
SP - 1905
EP - 1917
JO - IEEE Transactions on Industrial Informatics
JF - IEEE Transactions on Industrial Informatics
IS - 3
ER -