IEEE Access (Jan 2025)
Multi-Stage Deep Learning for Intrusion Detection in Industrial Internet of Things
Abstract
The Industrial Internet of Things (IIoT) facilitates enhanced automation, predictive maintenance, real-time monitoring, and data analytics across various sectors, including manufacturing, energy, transportation, agriculture, and supply chain management, thereby improving productivity, efficiency, and operational safety. However, as IIoT networks continue to expand, it is imperative to secure them against increasingly sophisticated cyber threats. Deep Learning (DL) techniques have been extensively utilized for intrusion detection within IIoT systems. Nevertheless, addressing the class imbalance problem remains a significant challenge. The underrepresentation of certain attack types in training data frequently results in the development of DL models that struggle to accurately detect these categories of malicious activities. This limitation represents considerable risks to the security of IIoT networks, as undetected attacks and false alarms may lead to severe operational disruptions. In this paper, we propose a multi-stage deep learning (MSDL) method specifically designed to enhance intrusion detection within IIoT networks by addressing the class imbalance issue. We assessed the effectiveness of our approach utilizing two highly imbalanced datasets: X-IIoTID and WUSTL-IIoT. Our experimental findings indicate that the proposed MSDL method surpasses the baseline DL models as well as state-of-the-art oversampling and undersampling techniques. Specifically, the MSDL method exhibits significant improvements in recognizing minority-class attacks that are frequently misclassified. Consequently, the implementation of the MSDL for intrusion detection is anticipated to strengthen the overall security and resilience of IIoT systems, providing stronger protection against a diverse array of cyber threats in industrial applications.
Keywords
