Document Type : Research Paper


1 Electronic Engineering Departement, Collage of Electronics Engineering, Ninevah University, Mosul, Iraq

2 Computer Engineering Departement, Collage of Engineering, University of Mosul, Mosul, Iraq


This paper presents a security paradigm for edge devices to defend against various internal and external threats. The first section of the manuscript proposes employing machine learning models to identify MQTT-based (Message Queue Telemetry Transport) attacks using the Intrusion Detection and Prevention System (IDPS) for edge nodes. Because the Machine Learning (ML) model cannot be trained directly on low-performance platforms (such as edge devices),a new methodology for updating ML models is proposed to provide a tradeoff between the model performance and the computational complexity. The proposed methodology involves training the model on a high-performance computing platform and then installing the trained model as a detection engine on low-performance platforms (such as the edge node of the edge layer) to identify new attacks. Multiple security techniques have been employed in the second half of the manuscript to verify that the exchanged trained model and the exchanged data files are valid and undiscoverable (information authenticity and privacy) and that the source (such as a fog node or edge device) is indeed what it it claimed to be (source authentication and message integrity). Finally, the proposed security paradigm is found to be effective against various internal and external threats and can be applied to a low-cost single-board computer (SBC).


Main Subjects

[1]           T. Vaiyapuri, Z. Sbai, H. Alaskar, and N. A. Alaseem, "Deep Learning Approaches for Intrusion Detection in IIoT Networks–Opportunities and Future Directions," International Journal of Advanced Computer Science and Applications (IJACSA), vol. 12, pp. 86-92, 2021.
[2]           Z. E. Huma, S. Latif, J. Ahmad, Z. Idrees, A. Ibrar, Z. Zou, et al., "A Hybrid Deep Random Neural Network for Cyberattack Detection in the Industrial Internet of Things," IEEE Access, vol. 9, pp. 55595-55605, 2021.
[3]           M. Zolanvari, M. A. Teixeira, and R. Jain, "Effect of imbalanced datasets on security of industrial IoT using machine learning," in 2018 IEEE International Conference on Intelligence and Security Informatics (ISI), 2018, pp. 112-117.
[4]           H. Alaiz-Moreton, J. Aveleira-Mata, J. Ondicol-Garcia, A. L. Muñoz-Castañeda, I. García, and C. Benavides, "Multiclass classification procedure for detecting attacks on MQTT-IoT protocol," Complexity, vol. 2019, pp. 1-11, 2019.
[5]           E. Jove, J. Aveleira-Mata, H. Alaiz-Moretón, J.-L. Casteleiro-Roca, D. Y. Marcos del Blanco, F. Zayas-Gato, et al., "Intelligent One-Class Classifiers for the Development of an Intrusion Detection System: The MQTT Case Study," Electronics, vol. 11, pp. 422-433, 2022.
[6]           M. A. Ferrag, L. Shu, H. Djallel, and K.-K. R. Choo, "Deep learning-based intrusion detection for distributed denial of service attack in Agriculture 4.0," Electronics, vol. 10, pp. 1257-1282, 2021.
[7]           H. Yao, P. Gao, P. Zhang, J. Wang, C. Jiang, and L. Lu, "Hybrid intrusion detection system for edge-based IIoT relying on machine-learning-aided detection," IEEE Network, vol. 33, pp. 75-81, 2019.
[8]           S. Madhawa, P. Balakrishnan, and U. Arumugam, "Roll forward validation based decision tree classification for detecting data integrity attacks in industrial internet of things," Journal of Intelligent & Fuzzy Systems, vol. 36, pp. 2355-2366, 2019.
[9]           H. Qiao, J. O. Blech, and H. Chen, "A Machine learning based intrusion detection approach for industrial networks," in 2020 IEEE International Conference on Industrial Technology (ICIT), 2020, pp. 265-270.
[10]         A. Ghannadrad, "Machine learning-based DoS attacks detection for MQTT sensor networks," 2021.
[11]         G. E. I. Selim, E. Hemdan, A. M. Shehata, and N. A. El-Fishawy, "Anomaly events classification and detection system in critical industrial internet of things infrastructure using machine learning algorithms," Multimedia Tools and Applications, vol. 80, pp. 12619-12640, 2021.
[12]         G. Siaterlis, M. Franke, K. Klein, K. A. Hribernik, G. Papapanagiotakis, S. Palaiologos, et al., "An IIoT approach for edge intelligence in production environments using machine learning and knowledge graphs," Procedia CIRP, vol. 106, pp. 282-287, 2022.
[13]         W. Sun, J. Liu, and Y. Yue, "AI-enhanced offloading in edge computing: When machine learning meets industrial IoT," IEEE Network, vol. 33, pp. 68-74, 2019.
[14]         L. Zhang, S. Jiang, X. Shen, B. B. Gupta, and Z. Tian, "PWG-IDS: An Intrusion Detection Model for Solving Class Imbalance in IIoT Networks Using Generative Adversarial Networks," arXiv preprint arXiv:2110.03445, 2021.
[15]         M. A. Ferrag, O. Friha, D. Hamouda, L. Maglaras, and H. Janicke, "Edge-IIoTset: A New Comprehensive Realistic Cyber Security Dataset of IoT and IIoT Applications for Centralized and Federated Learning," IEEE Access, vol. 10, pp. 40281-40306, 2022.
[16]         A. Samy, H. Yu, and H. Zhang, "Fog-based attack detection framework for internet of things using deep learning," IEEE Access, vol. 8, pp. 74571-74585, 2020.
[17]         I. Butun, M. Almgren, V. Gulisano, and M. Papatriantafilou, "Intrusion Detection in Industrial Networks via Data Streaming," in Industrial IoT, ed: Springer, 2020, pp. 213-238.
[18]         R. Colelli, S. Panzieri, and F. Pascucci, "Securing connection between IT and OT: the Fog Intrusion Detection System prospective," in 2019 II Workshop on Metrology for Industry 4.0 and IoT (MetroInd4. 0&IoT), 2019, pp. 444-448.
[19]         (19-9-2021). Mosquitto MQTT Broker. Available:
[20]         MQTTset Dataset [Online]. Available: https: //‎
[21]         I. Vaccari, G. Chiola, M. Aiello, M. Mongelli, and E. Cambiaso, "MQTTset, a new dataset for machine learning techniques on MQTT," Sensors, vol. 20, pp. 6578-6595, 2020.
[22]         R. Oppliger, SSL and TLS: Theory and Practice: Artech House, 2016.
[23]         K. McKay and D. Cooper, "Guidelines for the selection, configuration, and use of transport layer security (TLS) implementations," National Institute of Standards and Technology2017.
[24]         Q. I. Ali, "An efficient simulation methodology of networked industrial devices," in 2008 5th International Multi-Conference on Systems, Signals and Devices, 2008, pp. 1-6.
[25]         B. I. Reddy and V. Srikanth, "Review on wireless security protocols (WEP, WPA, WPA2 & WPA3)," International Journal of Scientific Research in Computer Science, Engineering and Information Technology, vol. 5, pp. 28-35, 2019.
[26]         S. Alblwi and K. Shujaee, "A survey on wireless security protocol WPA2," in Proceedings of the international conference on security and management (SAM), 2017, pp. 12-17.