Federated Threat-hunting Approach for Microservice-based Industrial Cyber-physical System

Mohamed Abdel-Basset, Hossam Hawash, Karam Sallam

Research output: Contribution to journalArticlepeer-review


The lightning convergence of industry 4.0 and the intelligent internet of things (IoT) technologies has significantly increased the vulnerability of industrial cyber-physical systems (ICPSs) to a large population of cyber threats. Intelligent threat detection for discovering cyber threats is a challenging task as it essentially deals with wide-scale, complicated and heterogeneous ICPSs. This study presents a novel federated deep learning (DL) model (i.e., Fed-TH) for hunting cyber threats against ICPSs that captures the temporal and spatial representations of network data. Then, a container-based industrial edge computing framework is designed to deploy the Fed-TH as a threat-hunting microservice on suitable edge servers while maintaining decent resource orchestration. To tackle the latency issue of an ICSP, an exploratory microservice placement (EMP) method is introduced to enable better microservice deployment based on the computational resources of the participants. The simulation results obtained from two public benchmarks validate the effectiveness of these approaches in terms of accuracy (92.97%, 92.84%) and f1-scores (91.61%, 90.49%)

Original languageEnglish
Pages (from-to)1-12
Number of pages12
JournalIEEE Transactions on Industrial Informatics
Publication statusE-pub ahead of print - 22 Jun 2021
Externally publishedYes


Dive into the research topics of 'Federated Threat-hunting Approach for Microservice-based Industrial Cyber-physical System'. Together they form a unique fingerprint.

Cite this