Federated Threat-hunting Approach for Microservice-based Industrial Cyber-physical System

Mohamed Abdel-Basset, Hossam Hawash, Karam Sallam

Research output: Contribution to journalArticlepeer-review

24 Citations (Scopus)


The lightning convergence of industry 4.0 and the intelligent Internet of Things (IoT) technologies has significantly increased the vulnerability of industrial cyber-physical systems (ICPSs) to a large population of cyber threats. Intelligent threat detection for discovering cyber threats is a challenging task as it essentially deals with wide-scale, complicated, and heterogeneous ICPSs. This article presents a novel federated deep learning (DL) model (Fed-TH) for hunting cyber threats against ICPSs that captures the temporal and spatial representations of network data. Then, a container-based industrial edge computing framework is designed to deploy the Fed-TH as a threat-hunting microservice on suitable edge servers while maintaining decent resource orchestration. To tackle the latency issue of an ICSP, an exploratory microservice placement method is introduced to enable better microservice deployment based on the computational resources of the participants. The simulation results obtained from two public benchmarks validate the effectiveness of these approaches in terms of accuracy (92.97%, 92.84%) and f1-scores (91.61%, 90.49%).

Original languageEnglish
Pages (from-to)1905-1917
Number of pages13
JournalIEEE Transactions on Industrial Informatics
Issue number3
Publication statusPublished - 1 Mar 2022
Externally publishedYes


Dive into the research topics of 'Federated Threat-hunting Approach for Microservice-based Industrial Cyber-physical System'. Together they form a unique fingerprint.

Cite this