1
A Systematic Literature Review on Cyber Security Threats of Industrial Internet of Things

Ravi Gedam* and Surendra Rahamatkar┼

Amity University Chhattisgarh, Raipur, India

Abstract

In recent years, the Industrial Internet of Things (IIoT) has become one of the popular technology among Internet users for transportation, business, education, and communication development. With the rapid adoption of IoT technology, individuals and organizations easily communicate with each other without great effort from the remote location. Although, IoT technology often confronts unauthorized access to sensitive data, personal safety risks, and different types of attacks. Hence, it is essential to model the IoT technology with proper security measures to cope up with the rapid increase of IoT-enabled devices in the real-time market. In particular, predicting security threats is significant in the Industrial IoT applications due to the huge impact on production, financial loss, or injuries. Also, the heterogeneity of the IoT environment necessitates the inherent analysis to detect or prevent the attacks over the voluminous IoT-generated data. Even though the IoT network employs machine learning and deep learning-based security mechanisms, the resource constraints create a set-back in the security provisioning especially, in maintaining the trade-off between the IoT devices' capability and the security level. Hence, in-depth analysis of the IoT data along with the time efficiency is crucial to proactively predict the cyber-threats. Despite this, relearning the new environment from the scratch leads to the time-consuming process in the large-scale IoT environment when there are minor changes in the learning environment while applying the static machine learning or deep learning models. To cope up with this constraint, incrementally updating the learning environment is essential after learning the partially changed environment with the knowledge of previously learned data. Hence, to provide security to the resource-constrained IoT environment, selecting the potential input data for the incremental learning model and fine-tuning the parameters of the deep learning model for the input data is vital, which assists towards the proactive prediction of the security threats by the time-efficient learning of the dynamically arriving input data.

Keywords: Industrial IoT, smart manufacturing, industry 4.0, interoperability, deep learning, incremental learning

1.1 Introduction

In recent years, Industrial Internet of Things (IIoT) technology [1] has gained significant attention among the internet users in the real-world with the increased advantage of the ubiquitous connectivity and interaction between the physical and cyber worlds. With the enormously interconnected IoT devices, IIoT devices have been used in various applications such as smart homes, smart cars, smart healthcare, smart agriculture, and smart retail. The exponential rise of IoT technology often confronts security and privacy concerns [2]. Nowadays, cyber-attacks such as ransomware and malware have increasingly targeted IoT applications to impact the distributed network. Even though the existing security measures are adopted in the IoT environment, IIoT applications are still vulnerable to different attacks due to the massive attack surface [3, 4]. Hence, it is essential to design the defense mechanisms to detect and predict the attacks in the IIoT platform. Applying the traditional security models or mechanisms is inadequate for the IIoT environment due to the intrinsic resource and computational constraints. Intrusion detection models dynamically monitor abnormal behaviors or patterns in the system to detect malicious activity. The existing intrusion detection researches have mainly focused on rule-based detection techniques, which lack to support the detection of anomalies in the emerging IIoT platform [5]. To detect anomalies without false alarms, artificial intelligence methods have been widely used by security researchers. For the most part, in order to deal with the massive amount of data generated by IoT devices, machine learning and deep learning algorithms have been used to perform automated data analysis as well as to provide meaningful interpretations [6, 7]. Several research works have employed machine learning and deep learning techniques to detect malicious activity in the IIoT environment. Despite the combination of intrusion detection and artificial intelligence-based research, it still confronts the precise detection of anomalies in IIoT networks.

Owing to the dynamic arrival of the new malware classes and instances in the IIoT platform, traditional machine learning, and deep learning-based security models deal with the catastrophic forgetting problems. Catastrophic forgetting is the ignorance of the knowledge about previous significant classes while performing the classification for the new classes. The security experts have widely utilized incremental learning models [8, 9]. The incremental learning model continuously learns the new data with the knowledge of the previous learning results. It plays a significant role in improving the detection or prediction performance in developing the security models for the detection of known and unknown attacks. The incremental learning model often confronts the stability-plasticity problem: previous data retaining and new data preserving [10]. Hence, harvesting useful insights from the enormous amount of data are crucial to improve the learning performance. In essence, preprocessing the continuously arriving data streams to augment the training data is crucial for the incremental learning model. Thus, this work focuses on modeling the security mechanism for the IIoT application with the contextual preprocessing and the enhanced deep incremental learning model. With the target of improving the detection performance, it employs the incremental feature selection with optimization for the contextual preprocessing and fine-tunes the learning parameters for the proactive prediction of the malicious activities in the IIoT environment.

1.2 Background of Industrial Internet of Things

The Fourth Industrial Revolution (4.0) paradigm can be thought of as a road map that takes us through the four industrial revolutions in the development of manual-to-market industrial production processes. Figure 1.1 illustrates the process of creation. With the beginning of the First Industrial Revolution in the 1800s came the development of mechanization and electric power generation [11]. When mechanical and mechanical power were introduced in the 1800s, the very first Industrial Revolution was launched (Figure 1.2). This resulted in the transition away from physical labor toward the very first methods of production, which was particularly noticeable in the textile industry [12]. The improved overall quality of life played a significant role in the transition process, according to the researchers. Because of the electrification of the world, millions of people were able to industrialize and develop, sparking the Second Industrial Revolution [13]. To illustrate this point, consider the following quote from Henry Ford, which refers to the Ford T-Model automobile: "You can have any colour as long as it is black." Although mass production is becoming increasingly popular, there is still room for product customization if mass production is not used. It is the third industrial revolution, which began with the introduction of microelectronics and automation and has continued to the present day [14]. Module manufacturing is encouraged as a result of this, in which a variety of items is created on flexible production lines by employing programmable machines as well as various materials [15].

Figure 1.1 Challenges in artificial intelligence-based IIoT security model.

Figure 1.2 The industrial revolutions.

These manufacturing processes, on the other hand, are limited in their ability to accommodate varying output volumes, which is a disadvantage. The fourth industrial revolution has begun as a result of the advancement of information and communications technology (ICT). Intelligent automation of cyber-physical systems with decentralized control and advanced networking is the technological foundation for artificial intelligence-based systems. Intelligent automation of cyber-physical systems with decentralized control and advanced networking is based on decentralized control and advanced networking (IoT functionalities) [25, 26]. A self-organizing cyber-physical production structure was created by reorienting this new industrial production technology using classical hierarchical automation systems. As a result of this new manufacturing technology, scalable mass-customized production as well as flexibility in terms of production volume are now possible.

Research Gap

The existing security researchers have handled the different types of attacks on the IIoT network by adopting the deep learning and incremental learning models; however, the incremental learning-based security models have been confronted with several shortcomings particularly, in the IIoT network, which are discussed as follows.

• Applying the available existing IIoT security solutions is critical due to the primary concern of the resource constraints in the IIoT network.
• Owing to the need for cross-layer design and optimization algorithms for the security mechanisms, the available security solutions are inappropriate for the IIoT model.
• The DDoS or intrusion...