A hybrid firefly-based attribute selection and split-point mechanism for securing software-defined industrial Internet of Things

Abstract

Cybersecurity has increased on software-defined networks (SDNs) since its inception in the early 2010s. That is due to the SDN's centralized nature in controlling the network, human-centered generative methods, and transferring data in the internet of behavior. The widespread usage of Internet of Things (IoT) networks, integrating SDNs with IoT, the intelligent industrial revolution, and the inclusion of the human-centric industrial revolution in the infrastructure of major industrial fields all were reasons to focus on creating effective attack detection systems intrusion detection system (IDS) for these industrial IoT (IIoT) networks. In this paper, we present an IDS we call SPAARC_DDSDN_IIoT. It is a four-layer industrial IoT architecture weaponized by security devices at each layer and uses the SDN's centralized approach. First is an application layer-based prediction approach called SPAARC. SPAARC is a split-point algorithm combined with an attribute-reduced classifier (SPAARC). It is applied to the proposed IDS-based SDN approach in the IIoT. SPAARC is a decision tree algorithm, and intrusion detection will be performed on the leaves of the resulting tree. Two datasets were used for the experiment: the DDoS_SDN and the XIIoT_ID. The firefly algorithm, as a swarm intelligence based on the behavior of fireflies, was used for feature selection. SPAARC achieved a notable accuracy of 99.9962% and 99.991%, surpassing all the other machine learning algorithms tested. SPAARC also achieved a mean absolute error of 0 and 0.008, a root mean squared error of 0.0062 and 0.0016, and a perfect score on both datasets for the remaining metrics.

Keywords

intrusion detection software-defined networks split-point mechanism attribute selection industrial Internet of Things

Get full access to this article

View all access options for this article.

References

Dawoud

Sianaki

Shahristani

, et al. Internet of Things intrusion detection: a deep learning approach. In: 2020 IEEE symposium series on computational intelligence (SSCI), 2020, 1516–1522. IEEE.

Tayyaba

Shah

Khan

Ahmed

, (2017, July). Software defined network (SDN) based Internet of Things (IoT): a road ahead. In: Proceedings of the international conference on future networks and distributed systems, 2017, p. Article 15. Cambridge, United Kingdom: Association for Computing Machinery.

Wan

Tang

Shu

Wang

Imran

Vasilakos

. Software-defined industrial Internet of Things in the context of Industry 4.0. IEEE Sensors J 2016; 16(20): 7373–7380.

Chakraborti

Ray

Chatterjee

Chakraborty

. Software-defined network vulnerabilities. In: Chakraborty

, et al. (eds) The “essence” of network security: an end-to-end panorama. Singapore: Springer, 2021, pp.215–239.

Galeano-Brajones

Carmona-Murillo

Valenzuela-Valdés

Luna-Valero

. Detection and mitigation of DoS and DDoS attacks in IoT-based stateful SDN: an experimental approach. Sensors 2020; 20(3): 816.

Yin

Zhang

Yang

. A DDoS attack detection and mitigation with software-defined Internet of Things framework. IEEE Access 2018; 6: 24694–24705.

Yates

Islam

Gao

. SPAARC: a fast decision tree algorithm. In: Australasian conference on data mining, pp.43–55. Singapore: Springer Singapore.

Fong

Biuk-Aghai

Millham

. Swarm search methods in WEKA for data mining. In: Proceedings of the 2018 10th international conference on machine learning and computing, pp.122–127.

Selvakumar

Muneeswaran

. Firefly algorithm based feature selection for network intrusion detection. Comput Secur 2018; 81: 148–155.

10.

Toony

Alqahtani

Alginahi

Said

. MULTI-BLOCK: a novel ML-based intrusion detection framework for SDN-enabled IoT networks using new pyramidal structure. Internet Things 2024; 26: 101231.

11.

Luo

. A distributed SDN-based intrusion detection system for IoT using optimized forests. PLoS One 2023; 18: e0290694.

12.

Zeleke

Mulugeta

Gared

. Efficient intrusion detection system for SDN orchestrated Internet of Things. J Comput Netw Commun 2021; 2021: 1–14.

13.

Nadeem

Goh

Ponnusamy

Aun

. DDoS detection in SDN using machine learning techniques. Comput Mater Continua 2021; 71(1): 771–789.

14.

Attique

Hao

Ping

Javeed

Kumar

. Explainable and data-efficient deep learning for enhanced attack detection in IIoT ecosystem. IEEE Internet Things J 2024; PP: 1–1.

15.

Chaganti

Suliman

Ravi

, et al. Deep learning approach for SDN-enabled intrusion detection system in IoT networks. Information 2023; 14(1): 41.

16.

Muthanna

MSA

Alkanhel

Muthanna

Rafiq

Abdullah

WAM

. Towards SDN-enabled, intelligent intrusion detection system for Internet of Things (IoT). IEEE Access 2022; 10: 22756–22768.

17.

Ferrag

Friha

Hamouda

Maglaras

Janicke

. Edge-IIoTset: a new comprehensive realistic cyber security dataset of IoT and IIoT applications for centralized and federated learning. 2022; 10: 40281–40306.

18.

Qathrady

Ullah

Alshehri

, et al. SACNN-IDS: a self-attention convolutional neural network for intrusion detection in industrial internet of things. CAAI Trans Intell Technol 2024; 9(6): 1398–1411.

19.

Al-Hawawreh

Sitnikova

Aboutorab

. X-IIoTID: a connectivity- and device-agnostic intrusion dataset for industrial internet of things. IEEE Internet Things J 2021; PP: 1–1.

20.

Ravi

Chaganti

Alazab

. Deep learning feature fusion approach for an intrusion detection system in SDN-based IoT networks. IEEE Internet Things Mag 2022; 5: 24–29.

21.

Kaur

Pal

Singh

. Hybridization of K-means and firefly algorithm for intrusion detection system. Int J Syst Assur Eng Manag 2018; 9: 901–910.

22.

Rai

Devi

Guleria

. Decision tree based algorithm for intrusion detection. Int J Adv Netw Appl 2016; 7: 2828–2834.

23.

Kazin

. DDoS SDN dataset. Kaggle, 2021. https://www.kaggle.com/datasets/aikenkazin/ddos-sdn-dataset.

24.

Hussain

Akhunzada

Iqbal

, et al. Secure IIoT-enabled Industry 4.0. Sustainability 2021; 13: 12384.