Block Hunter: Federated Learning for Cyber Threat Hunting in Blockchain-based IIoT Networks
Department
Software Engineering and Game Development
Document Type
Article
Publication Date
1-1-2022
Abstract
Nowadays, blockchain-based technologies are being developed in various industries to improve data security. IIoT devices have become increasingly prevalent in our digital world, especially in support of developing smart factories. Although blockchain is a powerful tool, it is vulnerable to cyber attacks. Detecting anomalies in blockchain-based IIoT networks in smart factories is crucial in protecting networks and systems from unexpected attacks. In this paper, we use Federated Learning (FL) to build a threat hunting framework called Block Hunter to automatically hunt for attacks in blockchain-based IIoT networks. Block Hunter utilizes a cluster-based architecture for anomaly detection combined with several machine learning models in a federated environment. To the best of our knowledge, Block Hunter is the first federated threat hunting model in IIoT networks that identifies anomalous behavior while preserves privacy.
Journal Title
IEEE Transactions on Industrial Informatics
Journal ISSN
15513203
Digital Object Identifier (DOI)
10.1109/TII.2022.3168011