Dissemination Control in Dynamic Data Clustering For Dense IIoT Against False Data Injection Attack

TL;DR

This paper presents CONFINIT, a novel intrusion detection system that enhances data dissemination security in dense IIoT networks by effectively detecting false data injection attacks, significantly improving clustering and attack detection performance.

Contribution

The work introduces CONFINIT, combining watchdog surveillance and collaborative consensus to mitigate false data injection attacks in dense IIoT environments, a novel approach not previously addressed.

Findings

CONFINIT increased the number of clusters by up to 40% in attack-free scenarios.

Achieved 99% attack detection rate and 90% accuracy across multiple IIoT scenarios.

Under specific attack variants, detection rates reached 100% with less than 2% false positives/negatives.

Abstract

The IoT has made possible the development of increasingly driven services, like industrial IIoT services, that often deal with massive amounts of data. Meantime, as IIoT networks grow, the threats are even greater, and false data injection attacks (FDI) stand out as being one of the most aggressive. The majority of current solutions to handle this attack do not take into account the data validation, especially on the data clustering service. Aiming to advance on the issue, this work introduces CONFINIT, an intrusion detection system for mitigating FDI attacks on the data dissemination service performing in dense IIoT networks. CONFINIT combines watchdog surveillance and collaborative consensus strategies for assertively excluding various FDI attacks. The simulations showed that CONFINIT compared to DDFC increased by up to 35% - 40% the number of clusters without attackers in a gas pressure IIoT environment. CONFINIT achieved attack detection rates of 99%, accuracy of 90 and F1 score of 0.81 in multiple IIoT scenarios, with only up to 3.2% and 3.6% of false negatives and positives rates, respectively. Moreover, under two variants of FDI attacks, called Churn and Sensitive attacks, CONFINIT achieved detection rates of 100%, accuracy of 99 and F1 of 0.93 with less than 2% of false positives and negatives rates.