Intelligent Automation Using Machine and Deep Learning in Cybersecurity of Industrial IoT: CCTV Security and DDoS Attack Detection

Intelligent Automation Using Machine and Deep Learning in Cybersecurity of Industrial IoT: CCTV Security and DDoS Attack Detection

Ana Gavrovska (School of Electrical Engineering, University of Belgrade, Serbia) and Andreja Samčović (Faculty of Transport and Traffic Engineering, University of Belgrade, Serbia)
DOI: 10.4018/978-1-7998-2910-2.ch008


Artificial intelligence is making significant changes in industrial internet of things (IIoT). Particularly, machine and deep learning architectures are now used for cybersecurity in smart factories, smart homes, and smart cities. Using advanced mathematical models and algorithms more intelligent protection strategies should be developed. Hacking of IP surveillance camera systems and Closed-Circuit TV (CCTV) vulnerabilities represent typical example where cyber attacks can make severe damage to physical and other Industrial Control Systems (ICS). This chapter analyzes the possibilities to provide better protection of video surveillance systems and communication networks. The authors review solutions related to migrating machine learning based inference towards edge and smart client devices, as well as methods for DDoS (Distributed Denial of Service) intelligent detection, where DDoS attack is recognized as one of the primary concerns in cybersecurity.
Chapter Preview


Web connectivity and application of artificial intelligence in automation and relevant sensor data exchange in industry and smart manufacturing have opened the door for fourth industrial revolution (Industry 4.0) (Boyes, Hallaq, Cunningham, & Watson, 2018; Lu, 2017; Tuptuk & Hailes, 2018). System architectures for Supervisory Control and Data Acquisition (SCADA) have been developed for direct control and smart monitoring, based on computers and communication networks (Jiang, Yin, & Kaynak, 2018). The growth of Internet of Things (IoT) and internet-based solutions has led to web SCADA and advanced Industrial Control Systems (ICSs) which employ web platforms and user interfaces. Physical processes are monitored in cyber-physical systems. Networked computers and other devices (sensors, actuators,...) are connected usually with distributed ICS/SCADA systems, where there is a control hierarchy: from direct Industrial IoT (IIoT) or device control (usually real-time control), to computer-based high-level control dedicated to: supervisory control of particular sets of devices, coordination and scheduling. A typical hierarchy in remote control systems is presented in Figure 1. Smart cities and smart factories use decentralized decision making. HMI (Human-Machine Interface) enables visualizing the control events and monitoring processes for authorized operators (Dawson, Lamb, & Carbajal, 2018; Hurttila, 2019; Qiu, Chen, Li, Atiquzzaman, & Zhao, 2018).

Figure 1.

A typical hierarchy in remote control systems (SCADA)


Artificial intelligence (AI) needs to be used to intelligently react to both user input and environmental parameters. Machine and deep learning should be integrated to IoT and IIoT, having in mind system requirements and low-power equipment (Awad, Beztchi, Smith, Lyles, & Prowell, 2018; Dogaru & Dumitrache, 2019; Pacheco, Cano, Flores, Trujillo, & Marquez, 2018; Tang, Sun, Liu, & Gaudiot, 2017; Teixeira et al., 2018). Intelligent control relies on cognitive systems, making a job-losing concern. It is believed that use of I(IoT) by utilizing AI makes efficient and cost-effective solutions, incorporates knowledge for advanced processing and reasoning, Figure 2. Also, using IoT and AI, multi-agent systems can contribute in executing tasks efficiently compared to individual solving issues.

Figure 2.

(I)IoT with the use of AI


Even though industrial facilities and machines can be easily operated using web based architectures, (cyber-) security, privacy and safety issues still remain, where high economic costs and business models, designs (know-how) and information are in stake. Besides ethical and legal issues, there are also compatibility issues or issues of inappropriate AI usage. Computer and network attacks and AI errors may seriously affect the physical and other ICS processes. Software malware may control ICS/SCADA devices and change the control processes, or steal and/or modify valuable information. Information security is considered in order to prevent or reduce unauthorized access and use of IIoT (Dogaru & Dumitrache, 2019; Pacheco et al., 2018; Thames & Schaefer, 2016). The combination of balanced protection of the confidentiality, integrity and availability of data is the key in industrial security, where proposed standards and regulations, protocols, policies, antivirus and encryption are used with rising security awareness, and should not affect productivity in any way. Protocols such as Modbus are used to enable standard TCP/IP communication. Control products can use specific firewalls and virtual private networks.

Key Terms in this Chapter

Cybersecurity: It is a general term which describes technologies, processes, methods, and practices for the purpose of protection of internet-connected information systems from attacks, i.e., cyberattacks. Cybersecurity can refer to security of data, software or hardware within information systems.

Deep Learning: It is a part of machine learning intended for learning form large amounts of data, as in the case of experience-based learning. It can be considered that feature engineering in deep learning-based models is partly left to the machine. In the case of artificial neural networks, deep neural networks are expected to have various layers within architectures for solving complex problems with higher accuracy compared to traditional machine learning. Moreover, high performance automatic results are expected without human intervention.

Attack Detection System: It is also known as intrusion detection system. It is a system that monitors network traffic for detection of unauthorized access or activity in a network-based environment. When anomalous event is detected, some attack/intrusion detection systems are capable of taking specific actions to prevent or weaken the impact of the attacks.

Network Traffic: It is the amount of data, mostly encapsulated in network packets, transferring across a network at a point of time. Network monitoring and measurements enable network traffic control.

Closed-Circuit Television (CCTV): Also known as video surveillance system. It is a closed-circuit system consisted of video cameras which transmit visual information to a specific place found on the same network. It differs from broadcast television, where the signal is openly transmitted. The term is used for camera-based surveillance security systems where visual monitoring is needed (e.g., in stores, banks, airports, factories), and can have many industrial and non-industrial applications.

Industrial Internet of Things: Sensors and devices which are internet-based interconnected for industrial applications and smart industrial environments are known as IIoT or Industrial Internet of Things. The connectivity of devices and information systems enable improvements in efficiency and productivity.

Distributed Denial of Service (DDoS): In DDoS attack, the incoming network traffic affects a target (e.g., server) from many different compromised sources. Consequently, online services are unavailable due to the attack. The target's resources are affected with different malicious network-based techniques (e.g., flood of network traffic packets).

Machine Learning: It refers to an application of artificial intelligence focusing on algorithms which can be used for building models (e.g., based on statistics) from input data. Such automatic analytical models need to provide outputs based on the learning relations between input and output values. The algorithms are often categorized as supervised, semi-supervised or unsupervised.

Complete Chapter List

Search this Book: