Аннотации:
Industrial Internet of things (IIoT) environments need to implement reliable
security measures because of the growth in network traffic and overall connectivity. Accordingly, this work provides the architecture of network traffic analysis and the detection
of intrusions in a network with the help of edge computing and using machine-learning
methods. The study uses k-means and DBSCAN techniques to examine the flow of traffic
in a network and to discover several groups of behavior and possible anomalies. An assessment of the two clustering methods shows that K-means achieves a silhouette score of
0.612, while DBSCAN achieves 0.473. For intrusion detection, k-nearest neighbors (KNN),
random forest (RF), and logistic regression (LR) were used and evaluated. The analysis
revealed that both KNN and RF yielded seamless results in terms of precision, recall, and
F1 score, close to the maximum possible value of 1.00, as demonstrated by both ROC and
precision–recall curves. Accuracy matrices show that RF had better precision and recall for
both benign and attacks, while KNN and LR had good detection with slight fluctuations.
With the integration of edge computing, the framework is improved by real-time data
processing, which means a lower latency of the security system. This work enriches the
knowledge of the IIOT by offering a detailed solution to the issue of cybersecurity in IoT
systems, based on well-grounded performance assessments and the right implementation
of current technologies. The results thus support the effectiveness of the proposed framework to improve security and provide tangible improvements over current approaches by
identifying potential threats within a network.
