A Novel Approach for Detection of Cyber Attacks in MQTT-Based IIoT Systems Using Machine Learning Techniques

Year 2024, Volume: 10 Issue: 4, 899 - 912, 31.12.2024

Serkan Gönen

https://doi.org/10.28979/jarnas.1559652

Abstract

The Internet of Things (IoT) and the Industrial Internet of Things (IIoT) have grown significantly in the last decade, underlining the increasing need for effective, secure, and reliable data communication protocols. The widely accepted Message Queuing Telemetry Transport (MQTT) protocol, with its structure that meets the needs of welding-oriented devices in IoT and IIoT applications, is a prime example. However, its user-friendly simplicity also makes it susceptible to threats such as Dispersed Services Rejection (DDOS), Brete-Force, and incorrectly shaped package attacks. This article introduces a robust and reliable framework for preventing and defending against such attacks in MQTT-based IIoT systems based on the theory of merging attacks. The expert system incorporates the Adaboost model and can detect anomalies by processing network traffic in a closed setting and identifying impending threats. With its robust design, the system was subjected to various attack scenarios during testing, and it consistently detected interventions with an average accuracy of 92.7%, demonstrating its potential for use in intervention detection systems. The research findings not only contribute to the theoretical and practical concerns about the effective protection of IIoT systems but also offer hope for the future of cybersecurity in these systems.

Keywords

IoT, IIoT, MQTT, cyber security, machine learning

References

• M. Al-Fayoumi, Q. A. Al-Haija, Capturing low-rate DDoS attack based on MQTT protocol in software defined-IoT environment, Array 19 (2023) 100316 10 pages.
• M. I. Fikriansyah, S. A. Karimah, F. Setiadi, Detection of DDOS attacks in IIoT case using machine learning algorithms, International Conference on Data Science and Its Applications (ICoDSA), 2024 IEEE, pp. 117–121.
• E. Shahri, P. Pedreiras, L. Almeida, A scalable real-time SDN-based MQTT framework for industrial applications, IEEE Open Journal of the Industrial Electronics Society 5 (2024) (2024) 215–235.
• R. A. Mahajan, R. G. Mahajan, M. Tatiya, U. H. Mandekar, M. Shahakar, Y. Patil, Enhancing MQTT security in the internet of things with an enhanced symmetric algorithm, Journal of Electrical Systems 20 (1s) (2024) 126–137.
• Y. Kombate, P. Houngue, O. Samuel, Securing MQTT: unveiling vulnerabilities and innovating cyber range solutions, Procedia Computer Science 241 (2024) 69–76.
• F. Buccafurri, V. De Angelis, R. Nardone, Securing mqtt by blockchain-based otp authentication, Sensor 20 (7) (2020) 2002 14 pages.
• Z. Liu, T. Liang, J. Lyu, D. Lang, A security-enhanced scheme for MQTT protocol based on domestic cryptographic algorithm, Computer Communications 221 (2024) (2024) 1–9.
• M. Saqib, A. H. Moon, A novel lightweight multi-factor authentication scheme for MQTT-based IoT applications, Microprocessors and Microsystems 110 (2024) (2024) 105088 20 pages.
• P. Koprov, X. Fang, B. Starly, Machine identity authentication via unobservable fingerprinting signature: A functional data analysis approach for MQTT 5.0 protocol, Journal of Manufacturing Systems 76 (2024) (2024) 59–74.
• A. Lohachab, ECC-based inter-device authentication and authorization scheme using MQTT for IoT networks, Journal of Information Security and Applications 46 (C) (2019) 1–12.
• I. Vaccari, G. Chiola, M. Aiello, M. Mongelli, E. Cambiaso, MQTTset, a new dataset for machine learning techniques on MQTT, Sensors 20 (22) (2020) Article Number 6578 17 pages.
• B. Mishra, A. Kertesz, The use of MQTT in M2M and IoT systems: A survey, IEEE Access 8 (2020) 201071–201086.
• G. T. Francis, A. Souri, N. İnanç, A hybrid intrusion detection approach based on message queuing telemetry transport (MQTT) protocol in industrial internet of things, Transactions on Emerging Telecommunications Technologies 35 (9) (2024) 5030 15 pages.
• C. Patel, N. Doshi, A novel MQTT security framework in generic IoT model, Procedia Computer Science 171 (2020) 1399–1408.
• X. Deng, Internet of things (IoT) intrusion detection system (IDS) for home networks, Doctoral Dissertation The George Washington University (2024) Washington.
• C. Prajisha, A. Vasudevan, An efficient intrusion detection system for MQTT-IoT using enhanced chaotic salp swarm algorithm and LightGBM, International Journal of Information Security 21 (6) (2022) 1263–1282.
• G. Karacayılmaz, H. Artuner, A novel approach detection for IIoT attacks via artificial intelligence, Cluster Computing 27 (2024) (2024) 10467–10485.
• S. Aymene, K. Lyes, A. Mondher, B. Ahmed, Securing IIoT Against DDoS attacks: A stochastic approach, Global Information Infrastructure and Networking Symposium (GIIS) (2024) 1–6.
• M. F. Zuhairi, S. M. Ali, Z. Shahid, M. M. Alam, M. M. Su'ud, Real-time feature engineering for anomaly detection in IoT-based MQTT networks, IEEE Access 12 (2024) (2024) 25700–25718.
• A. Sharma, K. Bhushan, A hybrid approach based on PUF and ML to protect MQTT based IoT system from DDoS attacks, Cluster Computing 27 (2024) (2024) 13809–13834.