The rapid expansion of the industrial Internet of things (IIoT) has introduced new challenges in securing critical infrastructures against sophisticated cyberthreats. This study presents the development and evaluation of an advanced Intrusion detection (IDS) based on a hybrid LSTM-convolution neural network (CNN)-Attention architecture, specifically designed to detect and classify cyberattacks in IIoT environments. The research focuses on two key classification tasks: binary and multi-class classification. The proposed models was rigorously tested using the Edge-IIoTset dataset. To mitigate the class imbalance in the dataset, the synthetic minority over-sampling technique (SMOTE) was employed to generate synthetic samples for the underrepresented classes. This ensured that the model could learn effectively from all classes, thereby improving the overall classification performance. Through systematic experimentation, various deep learning (DL) models were compared, ultimately demonstrating that the LSTM-CNN-Attention model consistently outperformed others across key performance metrics. In binary classification, the model achieved near-perfect accuracy, while in multi-class classification, it maintained a high accuracy level (99.04%), effectively categorizing different attack types with a loss value of 0.0220%.
翻译:工业物联网(IIoT)的快速扩张为保护关键基础设施免受复杂网络威胁带来了新的挑战。本研究提出并评估了一种基于混合长短期记忆网络-卷积神经网络-注意力架构(LSTM-CNN-Attention)的先进入侵检测系统,该系统专为检测和分类IIoT环境中的网络攻击而设计。研究聚焦于两项关键分类任务:二分类与多分类。所提出的模型使用Edge-IIoTset数据集进行了严格测试。为缓解数据集中的类别不平衡问题,研究采用合成少数类过采样技术(SMOTE)为代表性不足的类别生成合成样本。这确保了模型能够从所有类别中有效学习,从而提升整体分类性能。通过系统化实验比较了多种深度学习模型,最终证明LSTM-CNN-Attention模型在关键性能指标上持续优于其他模型。在二分类任务中,该模型实现了近乎完美的准确率;在多分类任务中,其保持了高准确率水平(99.04%),能以0.0220%的损失值有效区分不同攻击类型。