Identification of malicious activities in industrial internet of things based on deep learning models

Muna AL-Hawawreh, Nour Moustafa, Elena Sitnikova

Research output: Contribution to journalArticlepeer-review

183 Citations (Scopus)


Internet Industrial Control Systems (IICSs) that connect technological appliances and services with physical systems have become a new direction of research as they face different types of cyber-attacks that threaten their success in providing continuous services to organizations. Such threats cause firms to suffer financial and reputational losses and the stealing of important information. Although Network Intrusion Detection Systems (NIDSs) have been proposed to protect against them, they have the difficult task of collecting information for use in developing an intelligent NIDS which can proficiently detect existing and new attacks. In order to address this challenge, this paper proposes an anomaly detection technique for IICSs based on deep learning models that can learn and validate using information collected from TCP/IP packets. It includes a consecutive training process executed using a deep auto-encoder and deep feedforward neural network architecture which is evaluated using two well-known network datasets, namely, the NSL-KDD and UNSW-NB15. As the experimental results demonstrate that this technique can achieve a higher detection rate and lower false positive rate than eight recently developed techniques, it could be implemented in real IICS environments.

Original languageEnglish
Pages (from-to)1-11
Number of pages11
JournalJournal of Information Security and Applications
Publication statusPublished - Aug 2018
Externally publishedYes


  • Auto-encoder
  • Deep learning
  • Industrial internet of things (IIoT)
  • Internet industrial control systems (IICSs)


Dive into the research topics of 'Identification of malicious activities in industrial internet of things based on deep learning models'. Together they form a unique fingerprint.

Cite this