Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Toward a Multi-Layer ML-Based Security Framework for Industrial IoT

Aymen Bouferroum, Valeria Loscri, Abderrahim Benslimane

Abstract

The Industrial Internet of Things (IIoT) introduces significant security challenges as resource-constrained devices become increasingly integrated into critical industrial processes. Existing security approaches typically address threats at a single network layer, often relying on expensive hardware and remaining confined to simulation environments. In this paper, we present the research framework and contributions of our doctoral thesis, which aims to develop a lightweight, Machine Learning (ML)-based security framework for IIoT environments. We first describe our adoption of the Tm-IIoT trust model and the Hybrid IIoT (H-IIoT) architecture as foundational baselines, then introduce the Trust Convergence Acceleration (TCA) approach, our primary contribution that integrates ML to predict and mitigate the impact of degraded network conditions on trust convergence, achieving up to a 28.6% reduction in convergence time while maintaining robustness against adversarial behaviors. We then propose a real-world deployment architecture based on affordable, open-source hardware, designed to implement and extend the security framework. Finally, we outline our ongoing research toward multi-layer attack detection, including physical-layer threat identification and considerations for robustness against adversarial ML attacks.

Toward a Multi-Layer ML-Based Security Framework for Industrial IoT

Abstract

The Industrial Internet of Things (IIoT) introduces significant security challenges as resource-constrained devices become increasingly integrated into critical industrial processes. Existing security approaches typically address threats at a single network layer, often relying on expensive hardware and remaining confined to simulation environments. In this paper, we present the research framework and contributions of our doctoral thesis, which aims to develop a lightweight, Machine Learning (ML)-based security framework for IIoT environments. We first describe our adoption of the Tm-IIoT trust model and the Hybrid IIoT (H-IIoT) architecture as foundational baselines, then introduce the Trust Convergence Acceleration (TCA) approach, our primary contribution that integrates ML to predict and mitigate the impact of degraded network conditions on trust convergence, achieving up to a 28.6% reduction in convergence time while maintaining robustness against adversarial behaviors. We then propose a real-world deployment architecture based on affordable, open-source hardware, designed to implement and extend the security framework. Finally, we outline our ongoing research toward multi-layer attack detection, including physical-layer threat identification and considerations for robustness against adversarial ML attacks.
Paper Structure (13 sections, 2 equations, 4 figures)

This paper contains 13 sections, 2 equations, 4 figures.

Table of Contents

  1. Introduction
  2. Context and Positioning
  3. IIoT Network Architecture and Trust Baseline
  4. Trust Management in IIoT
  5. Trust Convergence Acceleration
  6. Problem Formulation
  7. ML-Based Prediction and Dynamic Adjustment
  8. Performance Evaluation
  9. Proposed Deployment and Research Directions
  10. Real-World Deployment Architecture
  11. Malicious Node Response and Remediation
  12. Extension to Multi-Layer Attack Detection
  13. Conclusion

Figures (4)

  • Figure 1: H-IIoT network architecture.
  • Figure 2: Architecture of the TCA solution bouferroum2025tca.
  • Figure 3: TCA performance evaluation: (a) trust convergence under Good, Medium, and Poor network conditions comparing Tm-IIoT and TCA, (b) convergence resilience under varying malicious node ratios ($P_m$ = 20%--50%), and (c) scalability analysis of average convergence time with increasing network size.
  • Figure 4: Proposed real-world IIoT deployment architecture.