Weam Husham AL-JABBARI, Muhammed Ali AYDIN, Hasan Hüseyin BALIK
The cybersecurity threat landscape in the context of Industrial Internet of Things (IIoT) is getting more complicated because the attack surface is getting bigger and new system behaviors are becoming more complex. Machine learning (ML) techniques have shown good prediction accuracy in identifying data from network traffic as safe or malicious. Net flow anomaly detection using ML is a fascinating topic because it can interpret complex network traffic and detect anomalies. This paper aims to decrease the exposure of BotNet attacks in the IIoT environment, which will ultimately result in enhancing the security of IIoT devices. The X-IIoTID dataset, which is a specialized dataset on IIoT cyber attacks, was used as a benchmark for the proposed system. The Eurasian Oystercatcher Optimizer (EOO) and Rock Hyraxes Swarm Optimization (RHSO) algorithms are used separately as features selection methods in conjunction with a fitness analyzer that employs the ML algorithm. The fitness analyzer that was suggested included two components: the first one was the accuracy that was achieved through ML, and the second one was the number of the features that were extracted. A comparison between the EOO and RHSO algorithms was made, and the RHSO algorithm yielded better results. Two ML algorithms (Random Forest, and KNN) were applied as a multiclass classifiers on the original X-IIoTID dataset (with its original features) and on the new sub datasets (with two subsets of features using dataset mapping). When compared to the existing literature, the results exhibited significant potential in terms of accuracy and resources consumption. The results of this paper indicate that the proposed system achieves better results than the comparative methodologies.

Anahtar Kelimeler: Cybersecurity, IIoT, BotNet, Eurasian Oystercatcher Optimizer (EOO), Rock Hyraxes Swarm Optimization (RHSO), X-IIoTID Dataset