Golden Jackal Optimization with a Deep Learning-Based Cybersecurity Solution in Industrial Internet of Things Systems

Abstract

Recently, artificial intelligence (AI) has gained an abundance of attention in cybersecurity for Industry 4.0 and has shown immense benefits in a large number of applications. AI technologies have paved the way for multiscale security and privacy in cybersecurity, namely AI-based malicious intruder protection, AI-based intrusion detection, prediction, and classification, and so on. Moreover, AI-based techniques have a remarkable potential to address the challenges of cybersecurity that Industry 4.0 faces, which is otherwise called the IIoT. This manuscript concentrates on the design of the Golden Jackal Optimization with Deep Learning-based Cyberattack Detection and Classification (GJODL-CADC) method in the IIoT platform. The major objective of the GJODL-CADC system lies in the detection and classification of cyberattacks on the IoT platform. To obtain this, the GJODL-CADC algorithm presents a new GJO-based feature selection approach to improve classification accuracy. Next, the GJODL-CADC method makes use of a hybrid autoencoder-based deep belief network (AE-DBN) approach for cyberattack detection. The effectiveness of the AE-DBN approach can be improved through the design of the pelican optimization algorithm (POA), which in turn improves the detection rate. An extensive set of simulations were accomplished to demonstrate the superior outcomes of the GJODL-CADC technique. An extensive analysis highlighted the promising performance of the GJODL-CADC technique compared to existing techniques.

1. Introduction

The Industrial Internet of Things (IIoT) is a wide-ranging system containing various resourceful and interconnected devices, which provide several benefits to smart computing in frameworks and organizations, from manufacturers to services [1]. In Industry 4.0, manufacturing and industrial processes and techniques remain automated with the latest technologies [2]. Large-scale machine-to-machine and IoT transmissions are incorporated for improving automation, enhancing self-monitoring and communications, and emerging intelligent machines, which can recognize problems with no requirement for human interaction [3]. Massive devices and sensors are interconnected for generating information, and processing, safe transmission, and accurate data gathering becomes significant in IIoT environments [4]. The desirable advantages and possibilities of the IIoT revolution aside, industrial devices and the IIoT have been exposed to attacks by hackers who continuously attempted to obtain necessary information or cultivate destructive processes [5]. Since IIoT applications are growing, related security risks and cyberattacks have also increased [6]. There are various examples of cyberattacks on the IIoT that have taken place recently, which affect hardware components like sensors or pump conditions as well as the software components of the system [7].

Various organizations use intrusion detection systems (IDSs) to resist malicious attacks and protect the security of IIoT nodes and networks [8]. IDSs allow secure, private, and reliable data transmissions across the network, and they play an important role in the IIoT [9]. Tasks that involve fully protecting an IIoT network from attacks or partially detecting, reporting, avoiding, and responding to malicious activities are executed by the IDS. IDSs produced through statistical approaches are behavior-based [10]. Their reviews depend on earlier rules that are employed for modelling behaviors based on the network [11]. However, this technique is not chosen nowadays because it is challenging to measure such reviews. The classification of standard IDSs is typically introduced as hybrid, anomaly-based, and signature-based IDSs [12]. ML approaches are the most commonly desired techniques to carry out intrusion detection. ML can enable the experiential learning and decision-making method of the different systems by enhancing the expertise and capability without the use of open programming [13]. In IDSs that are made via employing DL approaches, recent and updated databases are selected to execute widespread intrusion detection [14]. DL-based IDSs are generally trained by employing state-of-the-art databases that have been produced for intrusion detection [15].

This manuscript focuses on the design of the Golden Jackal Optimization with Deep Learning-based Cyberattack Detection and Classification (GJODL-CADC) technique in the IIoT platform. The GJODL-CADC system presents a new GJO-based feature selection approach to improve classification accuracy. Next, the GJODL-CADC technique makes use of a hybrid autoencoder-based deep belief network (AE-DBN) system for cyberattack detection. The effectiveness of the AE-DBN model can be improved through the design of the pelican optimization algorithm (POA), which in turn improves the detection rate. An extensive set of outcomes was accomplished to depict the greater outcome of the GJODL-CADC methodology.

2. Related Works

Golchha et al. [16] introduced a technique for identifying cyberattacks in the IIoT network by utilizing the voting-based ensemble learning technique. In this developed model, recent ensemble and traditional ML algorithms such as Histogram Gradient Boosting (HGB), RF, and CatBoost, as well as complex voting classifiers, are utilized for effectively detecting cyberattacks. The authors of [17] presented a DL technique to create a novel, balanced representation of imbalanced databases. The novel representation was provided for an ensemble DL attack identification method that was specially developed for an ICS platform. This method leverages DNN and DT classifiers for detecting cyberattacks from innovative representations. Hasan et al. [18] developed a smart DL-enabled algorithm for protecting the IIoT platform from lethal and complex multivariant botnet attacks.

Yazdinejad et al. [19] suggested an ensemble DL method that employs the advantages of the LSTM and AE structures. The LSTM is employed to make a model of normal data time-series to learn standard data formats, and the significant data features can be detected by an AE. This developed technique extracts novel balanced data in imbalanced databases, and these novel balanced data are provided in the deep-LSTM-AE anomaly recognition algorithm. In [20], a secure automatic 2-stages-IDS (SATIDS) was introduced that employs the MRMR-FS approaches and an improved form of a LSTM that depends on an artificial RNN for increasing the IDS effectiveness. Huma et al. [21] introduced a new method, termed the hybrid deep RNN (HDRNN), for identifying cyberattacks in IIoT systems. The HDRaNN incorporates a DRaNN and MLP with dropout normalization.

Gómez et al. [22] recommended a DL-based approach named SUSAN for making anomaly detectors to identify cyberattacks that influence the sustainability of industrial systems. SUSAN has followed an adaptable and modular design, which permits the ensembling of various detectors for attaining more accurate identifications. The authors [23] suggested a dependable DL-based routing attack recognition method for the IIoT. The authors reviewed the adversarial training model to identify attempted attacks in RPL. It supports the achievement of reliable learning methods. A GAN-Classifier (GAN-C) algorithm is established for attack detection activities that involve a two-phase incorporation of the SVM and GAN approaches.

3. The Proposed Model

This manuscript has developed a novel GJODL-CADC method for cyberattack recognition and classification in the IIoT platform. The purpose of the GJODL-CADC method lies in the detection and classification of cyberattacks from the IoT platform. To obtain this, the GJODL-CADC method comprises three main procedures such as GJO-based feature selection, AE-DBN-based detection, and POA-based hyperparameter tuning. Figure 1 defines the workflow of the GJODL-CADC approach.

3.1. Design of Feature Selection Using GJO Algorithm

The GJO algorithm can be applied to electing the features. The traditional GJO technique is derived from the hunting strategy of golden jackal couples, and also adopted a swarm-based technique [24]. The foraging procedure involves searching for capturing prey, prey tracking neighboring prey, and attacking prey. Like other metaheuristic approaches, the initial solution of the GJO technique is distributed uniformly on the searching range and is given below:

$$Y_0=Y_{\min }+rand\times \left(ub-lb\right)$$

(1)

The initial procedure includes the generation of the initial prey matrix, with the FMJ and MJ conquering the initial and following locations, correspondingly. In Equation (1), $Y_0$ shows the primary random population and $ub$ and $lb$ represent the upper and lower limitations of the decision variable. $rand$ denotes the random integer that ranges from zero to one. The composition of prey is shown below:

$$Prey=\left[\begin{array}{cccc}{Y}_{1,1}& Y_{1,2}& \dots & Y_{1,\mathrm{d}}\\ Y_{2,1}& Y_{2,2}& \dots & Y_{2,\mathrm{d}}\\ ⋮& ⋮& ⋮& ⋮\\ Y_{n,1}& Y_{n,2}& \dots & Y_{n,\mathrm{d}}\end{array}\right]$$

(2)

In Equation (2), $Y_{ij}$ refers to the $i\mathrm{th}$ prey’s $j\mathrm{th}$ parameter. There are $d$ variables and $n$ preys in total. The prey location is considered an optimum solution.

In the optimization process, an objective function evaluates the fitness of all the prey with the resultant fitness value being compiled as determined in the following matrix:

$$F_{OA}=\left[\begin{array}{c}f\left(Y_{1,1};Y_{1,2};\dots ;Y_{1,d}\right)\\ f\left(Y_{2,1};Y_{2,2};\dots ;Y_{2,d}\right)\\ ⋮\\ f\left(Y_{\mathrm{n},1};Y_{\mathrm{n},2};\dots ;Y_{\mathrm{n}d}\right)\end{array}\right]$$

(3)

In Equation (3),$Y_{ij}$ shows the values of the $j\mathrm{th}$ parameter of the $i\mathrm{th}$ target, $f$ denotes the objective function, and $F_{OA}$ indicates the matrix to store the fitness of the prey. The jackal pair search for a suitable target position.

Generally, jackals locate food effectively, with the extraordinary ability to pursue and detect targets. Nonetheless, there are instances in which their efforts have failed, and the possible prey avoids capture, which prompts them to abandon and find alternate sources of nourishment. While hunting, the MJ takes the lead, whereas the FMJ closely follows them, and the mathematical model can be expressed as follows:

$$Y_1\left(t\right)=Y_M\left(t\right)-E.\left|Y_M\left(t\right)-rl.Prey\left(t\right)\right|$$

(4)

$$Y_2\left(t\right)=Y_{FM}\left(t\right)-E.\left|Y_{FM}\left(t\right)-rl.Prey\left(t\right)\right|$$

(5)

Here $Prey$($t$) indicates the vector of the target location, $\mathrm{and} t$ shows the existing iteration. $YM\left(t\right)$ and $YFM\left(t\right)$ denote the locations of the MJ and FMJ, correspondingly. The revised locations of the MJ and FMJ regarding the target are signified as $Y\left(t\right)$ and $Y_2\left(t\right)$. The $E$ evasive energy of the target was calculated as follows:

$$E=E_1\ast E_0$$

(6)

$$E_0=2\ast r-1$$

(7)

$$E_1=c_1\ast \left(1-\left(\frac{t}{T}\right)\right)$$

(8)

where $r$ illustrates the random number from the range of zero and one. $E_0$ denotes the initial state of the target’s energy and $E_1$ signifies the prey’s diminishing energy.

$T$ indicates the $\max$ iteration counter and $c_1$ denotes the constant value of 1.5. $E_1$ linearly reduces through iteration, from 1.5 to $0$. In Equations (4) and (5), the distance between the jackals and the prey is evaluated using $\left|Y\left(t\right)-rl.Prey\left(t\right)\right|$. This distance is either deducted from or added to its existing location based on how well the prey manages to avoid the jackals. The vector of random numbers $rl$ in Equations (4) and (5) represent the Lévy movement and are calculated according to the LF.

$$rl=0.05\times LP\left(y\right)$$

(9)

In Equation (9), $LP$ denotes the LF function that can be evaluated using the following expression:

$$LF\left(y\right)=0.01\times \frac{\left(\mu \times \sigma \right)}{\left(\left|v^{\left(\frac{1}{\beta }\right)}\right|\right)};\sigma ={\left(\frac{\Gamma \left(1+\beta \right)\times \sin \left(\frac{\pi \beta }{2}\right)}{\Gamma \left(\frac{1+\beta }{2}\right)\times \beta \times \left(2^{\frac{\beta -1}{2}}\right)}\right)}^{\frac{1}{\beta }}$$

(10)

In Equation (10), the value of $\beta$ is fixed to 1.5 and $u,$ $v$ denotes a randomly generated value within the range of $\left[0,1\right]$. The position of the jackal was updated by averaging Equations (4) and (5) as follows:

$$Y\left(t+1\right)=\frac{Y_1\left(t\right)+Y_2\left(t\right)}{2}$$

(11)

Since the prey are chased by jackals, their evasive decline of energy results in the final encirclement of the target through the pair of jackals that were recognized in an earlier stage. The target is attacked when surrounded and used up by the jackals. The mathematical expression of the hunting behavior of the MJ and FMJ jackals that pursue in pairs is given below:

$$Y_1\left(t\right)=Y_M\left(t\right)-E.\left|rl.Y_M\left(t\right)-Prey\left(t\right)\right|$$

(12)

$$Y_2\left(t\right)=Y_{FM}\left(t\right)-E.\left|rl.Y_{FM}\left(t\right)-Prey\left(t\right)\right|$$

(13)

where $Prey \left(t\right)$ refers to the vector position of prey in the existing iteration $t$, and $Y\left(t\right)$ and $YM\left(t\right)$ represent the position of the MJ and FMJ. The upgraded MJ and FMJ locations in connection with the prey are signified by $Y\left(t\right)$ and $Y_2\left(t\right)$. Equation (6) defines the prey’s escaping energy or $E$.

The FF employed in the presented GJO system is intended to find a balance between the count of elected features in all the performances (lesser) and the classifier accuracy (higher) acquired by deploying these elected features; Equation (14) defines the FF for evaluating outcomes.

$$Fitness=\alpha {\gamma }_R\left(D\right)+\beta \frac{\left|R\right|}{\left|C\right|}$$

(14)

In which ${\gamma }_R\left(D\right)$ defines the classifier errors of the provided classifier. $\left|R\right|$ defines the cardinality of the elected subsets and $\left|C\right|$ stands for the entire feature counts from the database; $\alpha$ and $\beta$ are two parameters corresponding to the importance of the classification quality and subset length. ∈ [1,0] and $\beta =1-\alpha .$

3.2. Cyberattack Detection Using AE-DBN Model

For detecting cyberattacks, the AE-DBN model can be applied. The DBN is regarded as a group of easy unsupervised networks, like RBM, that perform as the hidden state of all the subnets and the visible layer of the subsequent layers [25]. The layer in the DBN infrastructure takes an effectual-by-layer process that defines how variables are dependent upon variables from the layer above. The presented DBN network comprises many hidden and visible RBM layers and LR for classification from the end layer. During the primary phase of the development method, distinct feature spaces of vectors can be mapped, and then all the layers of the RBM network have been trained in an unsupervised manner, correspondingly, to preserve the feature data of all components. During the secondary phase, fine alterations are developed. Figure 2 depicts the infrastructure of AE-DBN.

An AE is a three-layer unsupervised NN. It can be understood that the simplest procedure of NNs is employed for representation learning, like FS, or decreasing the size and attempts to recreate the input patterns from the resultant layer.

Assume that X is data with $n$ instances and $m$ features. $Y$ represents the encoded result. The mathematical expressions of the encoder and decoder functions for a simple AE are provided in Equations (15) and (16), correspondingly.

$$Y=f\left(wX+b\right)$$

(15)

$$\acute{X}=g\left(\acute{w}Y+b\right)$$

(16)

In Equations (15) and (16), $w$ and $b$ signify the adaptable parameters, $f$ and $g$ denote the activation function, $W$ defines the weighted $\left(\acute{X}\right)$ transpose, and $\acute{X}$ stands for the reconstructed input vector from the resultant layer. The presented AE-DBN structure comprises two major parts. During the primary part, the AE is employed as a DL approach for extraction features in the input data. The secondary part is defined by the DL approach that is dependent upon the DBN for forecasting the RUL. The encoder portion of the AE is responsible for the feature extract that signifies the features of the input data. These feature extractions are provided to the DBN of the presented structure that is utilized for predicting the RUL. Primarily, the AE has been trained individually for obtaining the weighted matrix that was previously trained in the DBN RUL forecast method. The decoder portion of the AE has been employed to verify the feature extraction validity to recreate the novel data. Afterwards, the achieved weighted matrix for the AE was integrated with the DBN approach and was lastly trained to utilize the input data for the RUL forecast.

3.3. Hyperparameter Tuning Using POA

Finally, the POA can be applied to the hyperparameter tuning process. The POA inspires the natural behavior of pelicans in the hunting procedure that is separated into two main stages, namely approaching the prey and the surface flight [26].

3.3.1. Exploration Stage

The exploration stage is a primary step of the POA, and it arbitrarily defines the prey location and moves near to its determined region. The mathematical formula for the pelican performance in this stage is as follows:

$$P_i=X_k, i=1,2, \dots ,N, k=1,2, \dots ,N$$

(17)

$$x_{i,j}^{P1}=\left\{\begin{array}{l}{x}_{i,j}+rand\cdot \left(p_j-I\cdot x_{ij}\right), F_p<F_i\hfill \\ x_{i,j}+rand\cdot \left(x_{i,j}-p_j\right), else,\hfill \end{array}\right.$$

(18)

$$X_i=\left\{\begin{array}{l}{X}_i^{P_1}, F_i^{P_1}<F_i;\hfill \\ X_i, else,\hfill \end{array}\right.$$

(19)

where $P_i$ implies the location of the prey chosen by $i$ pelican; $F_i$ denotes the value of the main function, viz., which is the value of the degree of adaptation; $k$ indicates the arbitrary natural number made from 1 and N; $x_{ij}^{P1}$ represents the novel state of $i$ pelican from the $j$ dimension; $F_i^{p_1}$ stands for the alteration value equivalent to it. $rand$ defines the random number from the range of zero and one, and the value of $I$ is both one and two. $I$ and $rand$ denote the arbitrary numbers utilized for generating the arbitrary POA performance from upgrades and searches.

3.3.2. Exploitation Step

In the secondary step, once the pelicans obtain the surface, they can spread their wings on water and move the fish upwards, having earlier located the prey, from its throat pockets. Modeling this behavioral procedure of pelicans permits the POA technique to converge to the optimum location in the hunting region, which improves the local searching ability and exploitation of the POA. In the mathematical model, this technique can check the locations close to the pelican position so that this method can converge to the optimum position.

$$x_{i,j}^{P_2}=x_{i,j}+R\cdot \left(1-\frac{t}{T}\right)\cdot \left(2\cdot rand-1\right)\cdot x_{ij}$$

(20)

$$X_i=\left\{\begin{array}{l}{X}_i^{P_2}, F_i^{P_2}<F_i;\hfill \\ X_i, else,\hfill \end{array}\right.$$

(21)

In which $t$ refers to the existing iteration counts; $T$ denotes the maximal iteration counts; $R$ represents the constant that is obtaining the value of 0.2; $x_{i,j}^{P_2}$ indicates the novel state of $i$ pelican from the $j$ dimension from the second hunting stage; and $F_i^{P_2}$ refers to the equivalent fitness value from the novel state.

The POA system develops an FF to accomplish the best classifier performances. It explains a positive integer for depicting a good solution for the candidate performances. In this case, the minimized classifier errors suppose an FF, as expressed in Equation (22).

$$\begin{gathered} fitness\left(x_i\right)=ClassifierErrorRate\left(x_i\right) \\ =\frac{No. of misclassified instances }{Total no. of instances }\ast 100 \end{gathered}$$

(22)

4. Results and Discussion

The performance analysis of the GJODL-CADC methodology is investigated on two datasets: the UNSWNB15 [27] and UCI SECOM [28] datasets. The UNSW-NB15 dataset has 42 features (excluding the labels) and 10 class labels (nine attacks and one normal) such as Normal, Fuzzers, Analysis, Exploits, Backdoors, Generic, Shellcode, DoS, Worms, and Reconnaissance. The GJODL-CADC technique has chosen 27 features from the UNSWNB15 dataset. Next, the UCI-SECOM dataset has 591 features with two classes. The GJODL-CADC model has selected 328 features.

Figure 3 illustrates the classifier analysis of the GJODL-CADC algorithm on the UNSWNB15 dataset. Figure 3a,b represents the confusion matrix achieved via the GJODL-CADC technique on the TR set/TS set at a ratio of 70:30. This outcome represented that the GJODL-CADC system detected and classified all 10 classes accurately. Next, Figure 3c,d describes the classifier result of the GJODL-CADC technique on a ratio of 70:30 of the TR set/TS set. The experimental results demonstrated the effective classification of all types of class labels.

Table 1. Classifier outcome of the GJODL-CADC approach on the UNSWNB15 dataset.

UNSWNB15 Dataset
Class	$\mathit{A}\mathit{c}\mathit{c}{\mathit{u}}_{\mathit{y}}$ (%)	$\mathit{P}\mathit{r}\mathit{e}{\mathit{c}}_{\mathit{n}}$ (%)	$\mathit{S}\mathit{e}\mathit{n}{\mathit{s}}_{\mathit{y}}$ (%)	$\mathit{S}\mathit{p}\mathit{e}{\mathit{c}}_{\mathit{y}}$ (%)	${\mathit{F}}_{\mathit{s}\mathit{c}\mathit{o}\mathit{r}\mathit{e}}$ (%)
TR set (70%)
Normal	98.70	89.57	98.42	98.73	93.79
Generic	99.56	98.58	97.07	99.84	97.82
Exploits	99.43	96.11	98.09	99.57	97.09
Fuzzers	99.76	99.29	98.31	99.92	98.80
DoS	99.46	96.92	97.97	99.63	97.44
Reconnaissance	99.61	99.22	96.67	99.92	97.93
Analysis	99.40	98.66	95.25	99.86	96.93
Backdoor	99.44	99.12	95.33	99.90	97.19
Shellcode	99.54	97.00	98.41	99.67	97.70
Worms	99.56	98.84	96.73	99.87	97.77
Average	99.45	97.33	97.23	99.69	97.25
TS set (30%)
Normal	98.73	89.76	98.68	98.74	94.01
Generic	99.47	98.20	96.13	99.82	97.15
Exploits	99.30	94.89	98.75	99.37	96.78
Fuzzers	99.67	98.61	97.92	99.85	98.26
DoS	99.70	98.47	98.09	99.85	98.28
Reconnaissance	99.77	99.70	98.23	99.96	98.96
Analysis	99.17	97.95	93.77	99.78	95.81
Backdoor	99.40	97.58	96.25	99.74	96.91
Shellcode	99.60	98.38	97.74	99.81	98.06
Worms	99.53	99.30	95.95	99.93	97.59
Average	99.43	97.28	97.15	99.68	97.18

and Figure 4 report the complete classifier results of the GJODL-CADC system on the UNSWNB15 database. The outcome value illustrated the effectual classification of all kinds of classes.

Figure 5 illustrates the training accuracy, denoted using $TR\_acc{u}_y$ and $V{L}_{acc{u}_y},$ of the GJODL-CADC method on the UNSWNB15 dataset. The $TL\_acc{u}_y$ is defined by the estimation of the GJODL-CADC algorithm on the TR dataset, whereas the $VL\_acc{u}_y$ is calculated by evaluating the performance on a separate testing dataset. The experimental outcomes exhibited that the $TR\_acc{u}_y$ and $VL\_acc{u}_y$ rise with an upsurge in epochs. Therefore, the performance of the GJODL-CADC system becomes enhanced with the TR and TS dataset with an increase in the count of epochs.

In Figure 6, the $TR\_loss$ and $VR\_loss$ analysis of the GJODL-CADC method on the UNSWNB15 dataset is demonstrated. The $TR\_loss$ defines the error between the forecast performance and original values of the TR data. The $VR\_loss$ denotes the measure of the performance of the GJODL-CADC approach on individual validation data. The outcomes specify that the $TR\_loss$ and $VR\_loss$ tend to reduce with increasing epochs. The outcomes depict the improved performance of the GJODL-CADC algorithm and its ability to generate accurate classification. The minimized values of $TR\_loss$ and $VR\_loss$ exhibit the higher performance of the GJODL-CADC approach on capturing relationships and patterns.

A comprehensive PR analysis of the GJODL-CADC technique is revealed in the UNSWNB15 2015 database in Figure 7. The results described that the GJODL-CADC system leads to raising values of PR. Further, the GJODL-CADC system can achieve greater PR values on all class labels.

In Figure 8, an ROC analysis of the GJODL-CADC approach is demonstrated on the UNSWNB15 dataset. The outcome defined that the GJODL-CADC algorithm led to greater ROC values. Also, the GJODL-CADC system can extend higher ROC values on all class labels.

In Figure 9, a brief comparison analysis of the GJODL-CADC technique with existing techniques was made using the UN-SWNB15 dataset [29,30,31,32]. The results described that the ANN and SVM models exhibit poor performance. At the same time, the kNN, DT, VLSTM, MFSDL-ADIIoT, and SSA-CRNN techniques have obtained slightly boosted performance. However, the GJODL-CADC technique exhibits better performance with maximum $pre{c}_n$, $rec{a}_l$, $acc{u}_y$, and $F_{score}$ percentages of 97.28%, 97.15%, 99.45%, and 97.18%, respectively.

Figure 10 shows the classifier study of the GJODL-CADC method on the UCI SECOM dataset. Figure 10a,b represents the confusion matrix attained via the GJODL-CADC technique on a 70:30 ratio of the TR set/TS set. The outcome signified that the GJODL-CADC method has detected and classified all 10 classes accurately. Then, Figure 10c,d represents the classifier results of the GJODL-CADC approach on a 70:30 ratio of the TR set/TS set. The experimental results show the efficient classification of all kinds of class labels.

Table 2. Classifier outcomes of the GJODL-CADC approach on the UCI SECOM database.

UCI SECOM Dataset
Class	$\mathit{A}\mathit{c}\mathit{c}{\mathit{u}}_{\mathit{y}}$ (%)	$\mathit{P}\mathit{r}\mathit{e}{\mathit{c}}_{\mathit{n}}$ (%)	$\mathit{S}\mathit{e}\mathit{n}{\mathit{s}}_{\mathit{y}}$ (%)	$\mathit{S}\mathit{p}\mathit{e}{\mathit{c}}_{\mathit{y}}$ (%)	${\mathit{F}}_{\mathit{s}\mathit{c}\mathit{o}\mathit{r}\mathit{e}}$ (%)
TR set (70%)
Class 1	97.66	99.36	97.66	99.37	98.51
Class 2	99.37	97.69	99.37	97.66	98.52
Average	98.52	98.53	98.52	98.52	98.51
TS set (30%)
Class 1	97.99	98.78	97.99	98.81	98.38
Class 2	98.81	98.03	98.81	97.99	98.42
Average	98.40	98.41	98.40	98.40	98.40

and Figure 11 report a complete classifier analysis of the GJODL-CADC methodology based on the UCI SECOM database. The investigational results demonstrated the effective classification of all kinds of class labels. For 70% of the TR set, the GJODL-CADC approach gains average $acc{u}_y$, $pre{c}_n$, $sen{s}_y$, $spe{c}_y$, and $F_{score}$ percentages of 98.52%, 98.53%, 98.52%, 98.52%, and 98.51%, respectively. Then, for 30% of the TS set, the GJODL-CADC method gains average $acc{u}_y$, $pre{c}_n$, $sen{s}_y$, $spe{c}_y$, and $F_{score}$ percentages of 98.40%, 98.41%, 98.40%, 98.40%, and 98.40%, correspondingly.

In Figure 12, a detailed comparison result of the GJODL-CADC algorithm with the current methods was made. The outcome indicated that the DNN Layer-1 and DNN Layer-2 techniques exhibit poor performance. Simultaneously, the DNN Layer-3, Ensemble, PSO Ensemble, SSA-CRNN, and MFSDL-ADIIoT systems have acquired slightly increased performance. But the GJODL-CADC approach reveals its higher performance, with maximum $pre{c}_n$, $rec{a}_l$, $acc{u}_y$, and $F_{score}$ percentages of 98.41%, 98.40%, 98.52%, and 98.40%, correspondingly. These outcomes showcase the enhanced performance of the GJODL-CADC method. The enhanced performance of the proposed model is due to the incorporation of the GJO-based feature subset selection and the POA-based hyperparameter tuning.

5. Conclusions

This study has developed a novel GJODL-CADC technique for cyberattack detection and classification in the IIoT platform. The goal of the GJODL-CADC system lies in the detection and classification of cyberattacks in the IoT environment. To obtain this, the GJODL-CADC algorithm comprises three major processes, namely GJO-based feature selection, AE-DBN-based detection, and POA-based hyperparameter tuning. The effectiveness of the AE-DBN model can be improved through the design of the POA, which in turn improves the detection rate. To demonstrate the greater outcomes of the GJODL-CADC technique, a widespread set of simulations were executed. The extensive outcomes demonstrated the promising outcomes of the GJODL-CADC technique compared to recent models, with maximum accuracy ratings of 99.45% and 98.52% on the UN-SWNB15 and UCI SECOM databases. Thus, the GJODL-CADC technique can be applied for effectual cyberattack recognition in the IIoT environment. Future works can investigate the performance of the proposed model on large-scale databases. In addition, the proposed model can focus on resolving outlier detection and class imbalance data handling problems.