The industrial Internet of Things (IIoT) involves the integration of Internet of Things (IoT) technologies into industrial settings. However, given the high sensitivity of the industry to the security of industrial control system networks and IIoT, the use of software-defined networking (SDN) technology can provide improved security and automation of communication processes. Despite this, the architecture of SDN can give rise to various security threats. Therefore, it is of paramount importance to consider the impact of these threats on SDN-based IIoT environments. Unlike previous research, which focused on security in IIoT and SDN architectures separately, we propose an integrated method including two components that work together seamlessly for better detecting and preventing security threats associated with SDN-based IIoT architectures. The two components consist in a convolutional neural network-based Intrusion Detection System (IDS) implemented as an SDN application and a Blockchain-based system (BS) to empower application layer and network layer security, respectively. A significant advantage of the proposed method lies in jointly minimizing the impact of attacks such as command injection and rule injection on SDN-based IIoT architecture layers. The proposed IDS exhibits superior classification accuracy in both binary and multiclass categories.

翻译：工业物联网（IIoT）将物联网技术融入工业场景。鉴于工业领域对工业控制系统网络安全及工业物联网的极高敏感性，软件定义网络（SDN）技术可提升通信过程的安全性与自动化水平。然而SDN架构本身会引发多种安全威胁，因此评估这些威胁对基于SDN的工业物联网环境的影响至关重要。不同于以往分别针对工业物联网和SDN架构安全性的研究，本文提出一种集成方法，包含两个协同运行的组件，可更有效地检测和预防SDN架构下工业物联网的安全威胁。两个组件分别包括：作为SDN应用程序实现的基于卷积神经网络的入侵检测系统，以及基于区块链的系统，分别强化应用层与网络层的安全性。该方法的核心优势在于可协同最小化命令注入、规则注入等攻击对SDN工业物联网架构各层的影响。该入侵检测系统在二分类与多分类任务中均展现出优异的分类精度。