Neuro-Robotic Synergy: Crafting the Secure Future of Industries in the Post Pandemic Era

Abstract

In recent years, ICSs have become increasingly commonplace in virtually every industry. The abbreviation “ICSs” refers to industrial control systems. These are specially designed computers used for monitoring, managing, and controlling procedures and tasks across a wide range of industries and vital infrastructure sectors. Production, power, disinfection of water, transport, and other sectors all greatly benefit from ICS use. The authors of this paper aim to detect ICS cyber hazards in industry. This article is the result of the writers’ extensive research on ICS programs and the impact of cyberattacks on them as well. The study narrowed its attention to just three ICS applications because there are simply too many to count: power plants, water reservoirs, and gas pipelines. The present paper focuses on the development and evaluation of neural networks for use in cyberattacks. An early form of neural network, the residual system, came first in the field. When a breach is detected in the ICS, the neural network sorts it into one of several categories. The produced datasets must not compromise users’ privacy or cause harm to the relevant industry if they fall into the wrong hands. An encoding device, decoder, pseudo-encoder, and critical model neural networks work together to generate random data. Finally, a set of trials is conducted in which a residual neural network is utilized to classify cyberattacks based on both the created and original datasets. Results from a series of studies indicate that using the created dataset is an effective technique to train high-quality neural networks for use in cybersecurity on a large amount of data without sacrificing the accuracy of the models. The Kullback-Leibler and Jensen-Shannon divergences also serve as the theoretical foundation and technique, respectively. In particular, the paper recommends operational and maintenance cybersecurity standards for ICS. This entails such things as secure password practices, patch management, and anti-malware defense. Physical safeguards for ICS is another topic that is covered.

1. Introduction

Industries all across the world have undergone dramatic changes as a result of the COVID-19 epidemic. The study begins with a brief overview of industrial control systems (ICSs) and their applications in the production and maintenance of essential services and goods. Process monitoring and control systems are essentially highly specialized computers. Deep neural networks and automated machinery have been added to control systems as a result of a combination of technological advances and the need for platforms that can last and be changed [1]. These ground-breaking innovations have not only sped up automation but also present new threats to data security and infrastructure robustness. This research explores the synergistic interaction between neural systems and industrial machines, focusing on their impact on the business world after COVID [2]. In addition, in the IoRT paradigm, many smart devices and computers are linked with robotic machinery in factories, so viruses can easily damage the whole robotic infrastructure. The paper stresses the significance of safeguarding these management systems against ever-evolving cyberattacks and provides a thorough overview of tactics and developments designed to reduce vulnerabilities and keep factories running smoothly. The goal of this study is to provide an in-depth comprehension of the relationship between neural systems, robotics in industry, and cyberattacks in the post-COVID age through an analysis of cutting-edge ideas and safety concerns [3,4]. In this article, we also elaborate on the wide variety of cyberattacks that are directed against these developments after COVID-19 and explain why a comprehensive strategy is needed to protect control systems from attack [5]. We provide a wide variety of tactics and methods for reducing risks, protecting sensitive data, and ensuring the smooth operation of control mechanisms, all based on the latest research and industry standards. ICSs have been extensively used in the production, power generation, and water supply sectors since the middle of the 20th century. Because of their dependency on the time and date systems, ICSs were brought into the spotlight after the Y2K bug. As a result, there is now a greater demand for improved ICS security standards. Both new threats and new opportunities for industrial control system (ICS) cybersecurity have emerged as a result of recent technological developments, such as the widespread use of cloud computing and Internet of Things (IoT) devices. Another developing pattern is the use of AI and ML to solve the problem of protecting industrial control systems. This article delves further into the topic, exploring the interplay between neural systems, robots used in industry, and the need for strong cybersecurity [6,7]. We want to provide those who make decisions, technology professionals, and security specialists with the expertise and foresight to traverse this novel era of technological advancement and protect against possible challenges by exploring undiscovered facets of the merging and security models [8,9,10].

In the past few years, industrial control systems (ICSs) have proliferated in almost every industry, enabling effective oversight, monitoring, and control of many operations. These specialized computing systems, called “ICSs,” are crucial in industries such as electricity generation, water treatment, transportation, and others. However, their ubiquity has made them vulnerable to cyberattacks. The results of significant studies into ICS programs illuminate their weaknesses and the far-reaching effects of cyber threats. This project develops and rigorously evaluates neural networks as cyberdefense solutions for power plants, water reservoirs, and gas pipelines. Using the first neural network iteration, the residual framework, the research allows ICSs to swiftly classify and respond to security breaches. This project shows the uttermost dedication to the confidentiality of information and industry well-being. The coordinated operation of encoding devices, decoders, pseudo-encoders, and essential model neural networks generates randomized data while maintaining security. This protects user privacy and the businesses they support from data theft. Several trials show that a residual neural network can classify cyberattacks. This network can train neural networks accurately, utilizing both intentionally created datasets and genuine data. The paper’s theoretical base, including Kullback-Leibler and Jensen-Shannon divergences, strengthens its technical strength. Beyond technological standards, the study emphasizes the operations and upkeep of cybersecurity requirements for ICSs, including secure password management, attentive patch deployment, and strong anti-malware protections. The article emphasizes the need for physical protections to protect ICS from cyberattacks. This article strengthens ICS cybersecurity but emphasizes the need to address resource needs for its multi-model solution. Combining the approach’s effectiveness with resource demands is a key concern that requires further research and mitigation techniques. ICS cybersecurity is constantly evolving, but this study paper provides a solid foundation for future developments, securing industries’ post-pandemic future.

The paper’s dedication to efficient cybersecurity solutions is on display in its emphasis on the residual system, an early kind of neural network, for classifying cyberattacks. Zero-day vulnerability and threat detection within ICSs is an issue that demands special attention. While this study does a good job of analyzing existing threats and laying out a solid framework for categorizing cyberattacks, it does not do much to help detect new or future hazards. Improving the paper’s applicability and usefulness by including methodologies for detecting new threats would strengthen the ability of ICSs to evolve and protect against constantly changing cyberattacks. The paper’s all-encompassing approach to ICS cybersecurity is useful as a grounding resource in this ever-changing environment, and it also gains from the authors’ outlook on future threats. The significance of neural networks and the threats to cybersecurity highlight the crucial role of explainability in artificial intelligence and machine learning research. For these complicated neural networks to be explainable, they must provide clear and interpretable explanations on how they arrive at their selections, categorizations, or predictions. There are several reasons why knowing the thought process underlying an AI system’s risk assessment is essential in the field of cybersecurity. To begin with, it improves openness, which inspires confidence in the AI’s results among cybersecurity experts and policymakers. Second, it helps pinpoint the source of problems and find where the system is weakest. Third, by illuminating the exact features or signs that lead to a cyber threat classification, it aids in the creation of practical mitigation methods. In the end, explainability is crucial to closing the gap between cutting-edge artificial intelligence (AI) solutions and their actual applicability in dealing with and mitigating cybersecurity threats.

The fundamental goal of this research is to develop a safety strategy that effectively safeguards the operating systems of linked robots inside an IoRT network. To defend against hostile efforts to undermine the accuracy of data sharing, transfer, and network coordination, a continuous machine learning-driven security method is needed [11]. Furthermore, IoT, the Internet of Automated Things (IoAT), internet privacy and cyber defense, and ML are all discussed in a recent and pertinent research summary. To identify certain gaps in understanding and potential contributions from using ML to solve the given problem, the ideas and currently employed approaches are reviewed [12]. Research approach development is based on results from a literature study of relevant recent works. After determining that the defined approach can be successfully applied to a real-world deployment scenario, it must be put into action [13]. The study of methodology for securing IoRT control networks is evaluated for precision and efficiency, and its potential as an international remedy is discussed. Concluding opinions, suggestions for future study, and dissemination of the proposed approach for review by others are included in current research. The focus of this work is ICS cyber risk detection since the authors recognize the growing significance of cybersecurity in ICSs. Because there are so many uses of ICS, our research focuses on only three: power plants, water storage facilities, and gas pipelines.

This is comparable to how a more in-depth implementation of ML accomplishes DL [14,15]. For substantial return propagation and corrected errors, DL models are ANNs with numerous hidden layers and sophisticated activation functions [16]. Machine learning methods such as decision tree models, random forests, classifiers, machine learning, neural networks with deep learning (DNN), etc. are some of the most applicable machine learning (ML) methods for recognizing patterns or categorization in the framework of recognizing threats for identification of data and command relationships within an IoRT system [17,18]. To protect the registered robotic systems from harm, the model acts as a “network administrator” by continuously keeping tabs on data transmissions in an IoRT structure that uses fog, edge, or cloud nodes. An ML-based security system is built in [19] for identifying viruses in the networks of Android OS-based IoT devices; this system is driven by an RNN (recurrent neural network) with long-short-term memory (LSTM) concealed layers. After the post-COVID era, there was also an important study [20] that investigated the security flaws in industrial automation systems. There were discussions of cyberattacks on automation equipment and plans for reducing those dangers. Though this research did not focus solely on neural systems and industrial machines, it did highlight more general security risks that would become more relevant with their merger [21]. Findings from related studies in a variety of settings [22], from manufacturing to buildings to hospitals to military bases to spaceships, show that robotic assistants work side by side with mankind to do simple to complicated tasks. In the modernization of the business world, these robots are indispensable. As a result, robots that work together boost productivity in the office, but they also pose a number of potential safety hazards due to the use of IoT with all these machines. Machines and robots are programmed with several pieces of IoT equipment. Therefore, robust and secure contact necessitates the use of efficient security precautions. To evaluate the development of cooperation between humans and robots during the past decade, this study gives an assessment of low-level control approaches for an interactive robot. This paper gives a brief overview of the control mechanisms that should be built into a well-organized structure so that a mechanical task can be done, from the high-level task strategy to the minimal control setup for safe and resilient interactions.

Another piece of research [23], conducted during COVID, focused on the vulnerabilities of key facilities, such as control systems for industries. The report highlighted the crucial need for robust safety precautions by discussing the consequences of breaches in vital services and infrastructure [24]. Numerous studies have integrated more diverse devices inside the IoT into contemporary healthcare systems to facilitate applications such as recognizing actions, fitness support, vital signs observation, daily nutrition tracking, and sleep monitoring, all of which have been inspired by the development of devices with a reduction in size and a focus on user convenience. Both specialized health instruments and multipurpose sensors that were not developed for health monitoring can be used to implement these crucial applications for disease prevention, diagnosis, and treatment. This page provides a summary of such research, discussing several kinds of sensors used in the Internet of Things as well as smart medical tracking devices [25].

Thus, the literature study reveals instances where the Internet of Things has been applied to disaster preparedness through the deployment of networked sensors and the identification of radioactive materials. When compared to a GCR system, an approach that makes use of the Internet of Things and cloud computing is preferable. Target tracking is another example of an additional application capability made possible by the IoT; numerous different tracking techniques and algorithms exist to account for both target location estimates and localization. In particular, a number of studies on the detection of neutrons and X-rays have been presented [26]. The majority of these are associated with cosmic-ray neutron monitoring (NM). Examples of complicated embedded technology utilized in constructing NM systems include the use of multiple computing devices (e.g., PIC32, Raspberry Pi, and Arduino) [27]. In addition, File Transfer Protocol (FTP) has been used to link NM to the web; this is not an IoT-optimized standard. MQTT is a lighter protocol because of its asymmetry design, as stated by [28] B. Wukkadada et al., who compared HTTP and MQTT in the IoT and found that “MQTT uses minimal electricity in order to keep an open interaction, to receive data, and to send messages” [29]. Another similar study conducted on an IoT-enabled system for detection, monitoring, and tracking of nuclear materials states that a low-cost embedded system for high-energy radiation detection applications was developed for national security purposes [30]. Comparable studies on IoT-enabled systems for keeping track of and monitoring materials that are nuclear have found that, in the name of national security, a compact embedded device was designed to detect radiation with significant energy at affordable prices [31]. For the concept demonstration, multiple nodes could be seen over a web connection with a 20,000 bits/s CloudMQTT schedule, and the network was checked with typical radiation device preamplifier 109A equipment from the ORTEC company. As a result, the architecture can be scaled to create a highly effective large-scale data multisensor system [32].

By analyzing different past research in this paper [26,32], we offer a controlled deep learning machine learning algorithm and model for detecting network infection in a traditional IoT infrastructure. This DL method is implemented at the fog stage in our suggested security design in order to make use of readily accessible computing power and to combine it with a network security system. The research’s evaluation of how the Internet of Things works now can be used to improve the current design of the IoRT in light of its safety needs to keep people talking to each other, protect the safety of information circulation, and keep bad people away during IoRT deployment. Before the Internet of Things (IoT) can be widely adopted for personal or business robotics, these and other security concerns must be addressed.

This paper follows these sections: Chapter 1: Introduction presents an overview of the research, focusing on the growing use of industrial control systems (ICSs) across many sectors, the effects of cyberattacks on critical facilities such as power plants, water reservoirs, and gas pipelines, and the relevance of this work within the context of the current COVID era. It provides an overview of the paper’s primary concern, which is the creation and assessment of neural networks for ICSs’ cyber protection. A review of the literature, also discussed in this part, examines the theoretical underpinnings of the study and the relevant prior art. It sets the stage by reviewing related past research and current understanding of neural networks for ICS cybersecurity development and application. Chapter 2: The study, in which strategy is outlined in the methodology section, and it involves the employment of generative tools such as adaptive autoencoders and the implementation of Kullback-Leibler and Jensen-Shannon divergence systems. It describes the data generation process and the design of the neural networks employed in the research. Chapter 3: Results, in which the findings of the study are presented, detailing the findings from the comparison of real and simulated datasets. It analyzes the accuracy of the generated data and evaluates the efficacy of the neural network method in classifying cyberattacks. In Chapter 4, we draw conclusions and highlight significant results and the consequences of improving cybersecurity in ICSs. Finally, the report concludes with some suggestions on where future research could go.

2. Methodology

2.1. Proposed Method

The residual system, a specific sort of neural network, is discussed in this research as a means of detecting breaches in ICSs. Breach classification is done with the use of neural networks. To safeguard the reliability of the interconnected systems from attack, we present a robust security approach for safeguarding the transmission of data inside an ordinary IoRT network in this study. In addition to the ML models proposed, we also present a practical systems architecture that can be used to build up a standard IoRT deployment, regardless of whether it is in an internet-based or offline environment. The designed machine learning architecture was realized in an online editor called Jupyter, which was programmed in the Python programming language. Numerous Python libraries were leveraged for this implementation. These include Pandas, Numpy, Scikit-Learn, Matplotlib, and Seaborn. The machine learning architecture was built with the help of these libraries, which were used for things such as initial processing, modeling, visualizing, and analyzing the results. They provide helpful features and tools that make it easier and more efficient for researchers and programmers to create and test machine learning models. We utilized Pandas data frames to process, clean, and explore our structured data. To effectively manage vector features and run matrix computations, we turned to NumPy. An exploratory study was performed with Scikit Learning, and Matplotlib and Seaborn were used to show the resulting plots and graphs. The theoretical underpinnings and methods used in this study, including Kullback-Leibler and Jensen-Shannon divergences, are discussed in the publication.

2.2. Online System Architecture

The cloud is a distant data center where users can store data for archival purposes and have access to worldwide computing capabilities. The fog server provides computational and file storage capabilities to the area network while interacting with a cloud-based service for information upload and archiving [33].

To reduce the computational burden on the many connected devices and the latency that results from executing the computations via a cloud service, the suggested machine learning (ML) model is deployed on the fog server. The fundamental security system of the cloud computing service provides a firewall to separate the cloud service and the fog; however, we suggest integrating a DL and ML model into the fog server’s security firewall. Because of this security-provided firewall, the regional network connecting the fog and the automation systems and devices can be kept safe from any harmful traffic. Access to a worldwide web of autonomous machinery is made possible by this framework, and security is handled at the cloud-fog-device level. If the fog server lacks the computational power to complete the task, the ML model could be placed in the cloud and combined with the cloud service’s security system [34]. However, in this instance, the automated equipment in the computer network where the security appliance is not operational could be compromised by a targeting-premise attack on the cloud server. The double-screening process would increase network latency if implemented in the current planned architecture. Figure 1 depicts the suggested system design using a cloud-fog-networked setup.

2.3. Offline System Architecture

In this setting, security is prioritized over internet connectivity for connected devices. When a business procedure is automated using an IoRT setup, all the data required at each stage of the method are stored locally [35]. The connectivity of equipment and structures pertinent to each step of a multi-step industrial procedure, for instance, can provide collaboration of resources, actual-time operation tracking, and assured operational effectiveness. Each node in this architecture uses edge computing to perform some form of processing independently from the others. If specific procedures report variables obtained from the linked systems or machines, then the relevant computations could be handled by a central server [36].

In both function and execution, this design is very close to the online structure. This example uses a bagging ensemble to create a simple edge-based decision tree method [37]. Every node in the network runs the method in the background and provides data for the overall analysis. Industrial automated processes, which use several robotic systems and gadgets, might greatly benefit from this security method. It is because it is safer to put your faith in the work of many people than in the work of a few, and because bias is correctly removed across the system [38].

However, the number of devices used to implement this design has no appreciable impact on the framework’s network-wide efficiency. As was previously said, a fog node is the best option in such a setup because it can do most network sanitization tasks. Figure 2 depicts the architecture in question.

2.4. Dataset

The suggested method [39] was developed and evaluated with the Avast (Prague) IoT-23 dataset. Several publications that suggest machine learning techniques for safeguarding IoT networks make use of this dataset, which may be accessed through the Stratosphere Lab website. The full IoT-23 dataset is available for download at https://mcfp.felk.cvut.cz/publicDatasets/IoT-23-Dataset/iot_23_datasets_small.tar.gz (accessed on 6 September 2023), but due to storage limits, we utilized the smaller 8.8 GB version instead.

There are twenty (20) harmful and a total of three (3) neutral attack situations in this collection of data, all involving malware on Internet of Things (IoT) gadgets.

Because IoRT is an approach to implementing IoT in a commercial and automated environment, our work generalizes the usage of this collection of data for the development and evaluation of our recommended ML algorithm.

2.5. Exploratory Data Analysis (EDA)

The paper explains how to generate random information in order to test cyberattack detection using a variety of methods, such as encoding, decoding, pseudo-encoding, and critical model neural networks, all while maintaining privacy and industrial security. In order to acquire a feel for the collection of information, we first used the programming language Python version 3.10 and its related statistical tools such as Pandas, Matplotlib, and Seaborn to sift through the features that are accessible and the files. The investigation was carried out using Google Collab, a Jupyter Notebook kernel running in a web browser [40]. The memory was utilized to exploit the resources of the cloud service provided by Google, and the free-tier virtualized instance that was launched had twelve gigabytes of memory, 107.72 GB of storage space, and a 2.20 GHz single-core Intel (R) Xeon (R) CPU. It can be computationally expensive to run numerous neural network models concurrently or sequentially, particularly if the models are large or complicated. Large amounts of memory may be needed for the storage and manipulation of datasets, model settings, and interim outcomes. It can take a lot of time and energy to train high-quality neural networks on enormous datasets. Distributing the workload across numerous processors or computing nodes using parallel processing techniques helps speed up model training and inference. By utilizing cloud-based services and infrastructure, scalable resources can be made available on-demand, streamlining the management of peak resource needs. Using model optimization techniques such as model quantization and pruning can lessen the need for storage space and processing power for neural networks without dramatically degrading their performance. It is recommended to use random samples for both testing and training instead of the complete dataset. This can lessen the load on available means without sacrificing effectiveness. Training and inferring neural networks can be accelerated by using specialized hardware such as graphics processing units (GPUs) or tensor processing units (TPUs). Distributing computations across numerous machines or clusters might be helpful for managing resource needs while doing large-scale investigations.

There were 1,446,621 rows in the IoT-23 dataset, including 21 characteristics. The initial features’ names were changed to help readers make sense of the information.

Table 1. Description of features in the IoT-23 Dataset [42].

Label	Feature
ts	Flow start time
uid	Session ID
id.orig_h	Source IP
id.orig_p	Source port
id.resp_h	Destination IP
id.resp_p	Destination port
proto	Connection protocol
service	Protocol ID
duration	Session duration
orig_bytes	Data from source to destination
resp_bytes	Data from destination to source
conn_state	Session status
local_orig	Source IP
local_resp	Destination IP
missed_bytes	Lost data during session
history	Source packet history
orig_packts	Source packets
orig_ip_bytes	Source packet flow
resp_packts	Destination packets
resp_ip_bytes	Destination packet flow
label	Transaction type (e.g., benign, malicious)

outlines the specifics [41].

Data Pre-Processing and Filtering

It was discovered that the database had columns and features that contained empty values, NaNs, and additional data that were not suitable for the ML tasks.

“The ’ts’, ’uid’, ’id.orig_h’, ’id.orig_p’, ’id.resp_h’, ’id.resp_p’, ’service’, ’local_orig’, ’local_resp’, ’history’” feature deletions occurred due to the presence of empty values, redundancy with additional attributes, or a lack of relevance to the problem at hand. Because of the negligible amount of records containing values that are null (fewer than five percent per column), those values were additionally substituted with zeros (0 s) in the remaining features [42]. By studying the ‘labels’ target feature, we were able to identify the numerous labels for both malicious and safe behavior. Figure 3 depicts the analysis.

Many machine learning algorithms that use this set of data employ the labels shown in Figure 3 and Figure 4 as is. Fortunately, we considered the removal of malware-related data and action on the network’s infrastructure to be the final objective for safeguarding the target’s IoRT system. As such, Figure 3′s resulting labels are reduced to a binary categorization (1 or 0), where 1 represents malicious behavior (such as DDoS, Okiru, etc.) and 0 represents non-malicious activity [43].

Figure 5 and Figure 6 depict the frequency and persistence distributions of the newly identified traits.

In conclusion, a CSV file of 116.16 MB in size was created from the collected data through the pandas.to_csv() function.

2.6. Architect Design

Figure 1 demonstrates the online design of IoRT, in which the DL model acts in the world wide web cloud storage system and firewall; the firewall’s configuration is configured to allow or oppose traffic handling through the Fog server (DL). Figure 2 shows the traditional architecture of IoRT. Data are transmitted straight from the router through the security layer and onto the IoT technology panel and the automation system [44]. In addition, as shown in Figure 2, a firewall sits between the ML, DL, locally stored processing, and modem in the IoRT offline architectural system, which is connected to the IoT device board and an ML-segregated network. Some of the values in our data are expressed in terms of time durations. We are using a period as the data type since it makes the most sense in Figure 5 and Figure 6. We are plotting this information on a bar chart, and the traffic data will be available again soon, in which malicious and benign traffic statistics are displayed as a function of time. With this design, threat traffic is reduced, and the IoRT network is protected from vulnerabilities.

2.7. Neural Networks Proactive in their Detection of Zero-Day or Unidentified Risks in ICS

Several methods can be used to make models based on neural networks proactive in their detection of zero-day or unidentified risks in ICS. Recognition of anomalies and behavioral analysis are two areas where cutting-edge machine learning and security methods can be applied to improve these models. By continuously monitoring system behavior and educating the models on historical data, it is possible to identify deviations from best practices as security risks. Unsupervised learning techniques, such as autoencoders or generative adversarial networks (GANs), can be used to find strange ICS data without the need for pre-defined signatures. In addition, a proactive strategy is more likely to spot unknown threats and zero-day exploits if threat intelligence feeds are incorporated, red team exercises are performed, and human specialists are involved in the detection process. Strong reaction mechanisms and ongoing learning and modification are also essential for proactive ICS cybersecurity.

3. Results and Discussion

Experiments are conducted, wherein a residual neural network is utilized to categorize cyberattacks. According to the article, the developed dataset can be used to efficiently and accurately train superior neural networks for use in cybersecurity. In this portion of the paper, we also show the results of the comparison of the models we recommend to traditional models used in the reviewed approaches during training and evaluation [45].

3.1. Performance Metrics

Multiple algorithms for machine learning can be compared using the following measures:

• Sensitivity or recall: The probability of obtaining valid findings is quantified by this metric. The model’s accuracy in identifying unwanted traffic is evaluated through this evaluation process.

Equation (1) gives a mathematical representation of this metric.

$$\mathrm{S}\mathrm{e}\mathrm{n}\mathrm{s}\mathrm{i}\mathrm{t}\mathrm{i}\mathrm{v}\mathrm{i}\mathrm{t}\mathrm{y}=\frac{\mathrm{T}\mathrm{r}\mathrm{u}\mathrm{e}\mathrm{P}\mathrm{o}\mathrm{s}\mathrm{i}\mathrm{t}\mathrm{i}\mathrm{v}\mathrm{e}\mathrm{s}}{\left[\mathrm{T}\mathrm{r}\mathrm{u}\mathrm{e}\mathrm{P}\mathrm{o}\mathrm{s}\mathrm{i}\mathrm{t}\mathrm{i}\mathrm{v}\mathrm{e}\mathrm{s}+\mathrm{F}\mathrm{a}\mathrm{l}\mathrm{s}\mathrm{e}\mathrm{N}\mathrm{e}\mathrm{g}\mathrm{a}\mathrm{t}\mathrm{i}\mathrm{v}\mathrm{e}\mathrm{s}\right]}$$

(1)

2.

Specificity: The likelihood of observing null results is thus calculated. That is why it is important to analyze how well models can tell good traffic from bad.

$$Sensitivity=\frac{TrueNegatives}{\left[TrueNegatives+FalsePositives\right]}$$

(2)

3.

Balanced accuracy: The average of the true positive and true negative detection rates provides insight into a model’s accuracy. Since accurately categorizing traffic that is not malicious is crucial to the IoRT network’s health, we consider this a key metric in our evaluation. Rebuilding instructional messages to get past the recommended smart security system causes delays during manufacturing when innocuous traffic is incorrectly categorized [46].

$$BalancedAccuracy=\frac{Sensitivity+Specificity}{2}$$

(3)

The range of equal precision is 0–1, with 0 denoting the worst probable result and 1 the best.

4.

Precision: Vulnerability metric is analogous to this one. However, it does not evaluate the accuracy of the framework, but rather the number of false positives it produces. For traffic that is not harmfully categorized, a lower score for this metric indicates a less effective model [4].

$$Precision=\frac{TruePositives}{\left[TruePositives+FalsePositives\right]}$$

(4)

5.

F1-score: To evaluate how well a model distinguishes the category of positives, this measure provides a common denominator. The harmonic mean describes the midpoint between accuracy and sensitivity, as seen in Equation (5).

$$F1Score=2\left(\frac{Sensitivity\times Precision}{Sensitivity+Precision}\right)$$

(5)

6.

Training cycle plan: This represents the total time required to train a machine learning algorithm to solve the required challenge of classification. This value is fetched on the fly using Python’s Time framework.

These improvements are crucial for future generations of automation in industries in the period following COVID in order to realize safe and effective IoRT network era [47].

3.2. Result in Tables

The outcomes of applying the aforementioned ML models to the beforehand processed IoT-23 dataset are summarized in

Table 2. Synopsis of DEEP MLP model training with 100 hidden layers.

	Accuracy	Sensitivity	Specificity	Balanced Accuracy	Precision	F1-Score	Training Time (seconds)	Prediction Time (seconds)
Deep MLP	93.4	99.5	55.9	0.78	93.3	0.96	870.31	1.20
Log-R	86.1	100	0	0.5	86.1	0.93	19.44	0.08
N-Bayes	89.9	99.4	31.2	0.65	90	0.94	0.57	0.2
K-NN	93.2	99.5	53.7	0.77	93.0	0.96	0.10	5280.08
R-Forest	85.5	99.1	0.8	0.5	86.1	0.92	122.14	5.82
D-Trees (DDT)	85.1	98.6	1.4	0.5	86.1	0.92	7.15	0.19
Bagged-DT	93.5	99.6	55.9	0.78	93.3	0.96	15.64	1.11

, including the results of logistic regression (Log-R), naive Bayes model (N-Bayes), k-nearest-neighbors model (K-NN), random forest model (R-Forest), decision tree models (D-Trees), and deep neural network models (Multi-Layer Perceptron) [48].

Deep MLP + D-Trees Bagging Ensemble

According to the results presented in the table prior to this, the more complex MLP model achieves the highest results across the board. Figure 7 and Figure 8 show the full breakdown of the study’s findings.

The design’s F1-score and balancing accuracy are both excellent in this case [49]. This is important because it explains how the framework was able to correctly determine the harmful internet traffic class with a low rate of inaccurate results (0.4 percent of all testing data points). Given that even a single false negative can have dire consequences, the added protection afforded by decision trees is priceless [50].

The entire group of trees reduced the proportion of false negatives to 0.3%, but real positives and incorrectly identified positives increased. There is a noticeable improvement in both predictive accuracy and time to forecast when the models that are recommended are combined. Even though neither technique is very quick in training or prediction, they both take very little time to compute and are quite cheap [51]. What is more, both models feature excellent specificity. Despite the effectiveness of systems such as Log-R, naive Bayes, decision trees, and random forests, this is crucial for permitting optimal traffic in the entire network. KNN’s score was comparable. However, the necessary computing time for forecasting is unrealistic. It has a greater calculation cost and performs marginally worse than the suggested deeper MLP and bagging-decision trees. Figure 9 and Figure 10 display the different sources of confusion among the deployed classifiers [52].

Because of the length of time required for testing and learning with Support Vector Machines, they were not incorporated into this project’s design. Its practicability for IoRT privacy has been examined elsewhere [53].

System, network, and data protection software, libraries, and programs must be deployed in several layers to ward off cyberattacks [54]. To improve their cybersecurity, many businesses rely on the following general types of tools and technology: Network intrusion protection systems (IDPS) and firewalls, malware and virus scanners, endpoint protection, encryption tools, safe web surfing, risk assessment tools, firewalls for web applications (WAF), separating a network, and network security monitoring (NSM) tools However, effective cybersecurity requires more than simply the deployment of equipment; it also necessitates the implementation of appropriate rules, processes, and user training. As the security landscape shifts, it’s also important to stay abreast of new security measures and update your defenses accordingly. The benefits of a multi-model solution with regard to cybersecurity efficacy must be weighed against the solution’s possible resource costs and drawbacks. Strategies for dealing with resource limitations and making sure the research is useful include computational speed, model effectiveness, and cloud computing. An effective multi-model strategy requires balancing optimal utilization of resources with the necessary level of accuracy while taking into account the related expenses and complexity [55].

3.3. Discussions

Emerging technologies such as neural systems and automated machinery are reshaping many industries, including production, robotics, and control. The combination of these innovations is promising in the post-COVID era when remote operations and improved security are of the utmost importance. Neural networks can detect abnormalities and dangers in real-time, improving protection. Such networks can identify breaches or illegal electronic control system access by learning trends from past information. Neural network-controlled machinery robots allow remote supervision and operations. This allows professionals to remotely maintain and repair systems, decreasing virus spread in post-COVID settings. Dynamic environments require learning that is adaptive, which artificial neural networks enable. They can adapt to evolving circumstances to keep operations effective and adaptable to their operating needs. Neural systems and industrial machines boost productivity [56]. These innovations can improve the efficiency of systems, streamline procedures, and reduce delays, boosting economic resilience after the epidemic. Merging neural networks and robotic machinery takes skill. These procedures require experienced workers for their creation, execution, and upkeep, which may cause a shortage. While neural networks may improve security, they can still be attacked. Such networks are vulnerable to attacks that might compromise control systems, underscoring the necessity for strong cybersecurity. Machine learning and robotics in the industry are expensive to set up and operate. Initial setup, instruction, updates, and possible transformations for keeping up with technology are among these costs. As neural networks grow more important in systems of control, ethical issues arise. These groups’ decisions may affect employment opportunities, security, and privacy. A compromise between technology and human interaction is essential. These networks and industrial machines need reliable connectivity to operate remotely. Network outages might interfere with processes and compromise systems for control. In the end, there are benefits and drawbacks to using neural networks and industrial robots together to secure automation in the post-COVID age. While the use of such technologies can improve protection, operations from afar, and effectiveness, they also present a number of problems that must be overcome. An all-encompassing strategy that takes into account potential gains and losses is necessary to make the most of these technologies in an ever-changing industrial setting. An essential feature of contemporary AI study, especially in the realm of cybersecurity, is the idea of explanation in AI/ML, which centers on developing machine learning systems that are more open and interpretable. Nonetheless, readers should be aware that some research papers will place an emphasis on explainability for the aforementioned reasons. The primary emphasis of the research seems to be the creation and assessment of neural networks for the identification of cyber threats in ICS. While it’s great that they recognized the importance of explainability, that may not have been their primary motivation. The report may have centered on other topics, such as the reliability and efficiency of the model in dealing with cybersecurity issues. In addition, there is a need for more study and methods to be developed in order to achieve explainability in complicated neural network models, particularly in the field of cybersecurity. The authors have chosen to focus on a subset of the technical difficulties associated with cyberhazard detection and may return to the issue of explainability in other projects or studies [57].

3.4. Comparative Analysis

This section will examine much-related research incorporating IoT, ML, and different technologies to offer intelligent functions that enhance user knowledge. The research in [52] set out to discover ways to build Internet-secure systems for automation in industry. These techniques concentrate on two primary fields: identifying breaches at the connection phase providing data obtained from network traffic and recognizing abnormalities at the system’s operational level with data illustrating the actual operation of the networked system. This study examines four ML algorithms categories, including monitored, semi-supervised, uncontrolled, and reinforcement training, used for breach and detection of anomalies.

According to another research [58], it is possible that robots could learn how to do production-related tasks via observation and analysis. The next stage in the quest to automate production processes is the adaptability of the automated machinery, which will guarantee an elevated level of effectiveness and security. The essay focuses on the idea of Robotics understanding to do manufacturing jobs via measuring and observing.

This research investigates [59] IoT, AI, ML, and additional technologies that are often used in programs to greatly aid individuals and businesses in fulfilling both corporate and recreational demands [60]. Due to the high risk of error and complexity of traditional procedures, organizations will likely automate business processes. Consequently, we created a complex stepwise layered neural network modeling technique to help robotic businesses better regulate and observe their workplaces. Below is a comparison table between the various models based on the given results as shown in

Table 3. Comparison Table for Different Models.

Deep MLP	Log-R (Logistic Regression)	N-Bayes (Naive Bayes)	K-NN (K-Nearest Neighbors)	R-Forest (Random Forest)	D-Trees (Decision Trees)	Bagged-DT (Bagged Decision Trees)
Accuracy: 93.4%	Accuracy: 86.1%	Accuracy: 89.9%	Accuracy: 93.2%	Accuracy: 85.5%	Accuracy: 85.1%	Accuracy: 93.5%
Sensitivity: 99.5%	Sensitivity: 100%	Sensitivity: 99.4%	Sensitivity: 99.5%	Sensitivity: 99.1%	Sensitivity: 98.6%	Sensitivity: 99.6%
Specificity: 55.9%	Specificity: 0%	Specificity: 31.2%	Specificity: 53.7%	Specificity: 0.8%	Specificity: 1.4%	Specificity: 55.9%
Balanced Accuracy: 0.78	Balanced Accuracy: 0.5	Balanced Accuracy: 0.65	Balanced Accuracy: 0.77	Balanced Accuracy: 0.5	Balanced Accuracy: 0.5	Balanced Accuracy: 0.78
Precision: 93.3%	Precision: 86.1%	Precision: 90%	Precision: 93%	Precision: 86.1%	Precision: 86.1%	Precision: 93.3%
F1-Score: 0.96	F1-Score: 0.93	F1-Score: 0.94	F1-Score: 0.96	F1-Score: 0.92	F1-Score: 0.92	F1-Score: 0.96
Training Time: 870.31 s	Training Time: 19.44 s	Training Time: 0.57 s	Training Time: 0.10 s	Training Time: 122.14 s	Training Time: 7.15 s	Training Time: 15.64 s
Prediction Time: 1.20 s	Prediction Time: 0.08 s	Prediction Time: 0.2 s	Prediction Time: 5280.08 s	Prediction Time: 5.82 s	Prediction Time: 0.19 s	Prediction Time: 1.11 s

Contrasting the designs according to their accomplishments in metrics [53]. Precision: Bagged-DT (93.5%) and Deep MLP (93.4%) got the greatest results. Sensitivities: The maximum levels of sensitivity are achieved by Log-R, K-NN, which and Bagged-DT (99.5% or 99.6%). Specificity: Out of all the designs, Log-R has the greatest particular score (100%), followed by Bagged-DT & Deep MLP with scores of 55.9% each. Bagged-DT with Deep MLP with Equal Accurateness.

. There is no evaluation of this work in relation to other ICS cybersecurity initiatives or methodologies. It is crucial to assess the accuracy, efficiency, and practical application of the suggested neural network strategy in comparison to both established and new methodologies [4].

4. Conclusions and Recommendations

4.1. Conclusions

To guarantee the safety of devices connected to an IoRT network, we provide an efficient architecture and ML classification algorithms that are feasible in practice. An IoRT network’s safety and reliability can be maintained while instructions from legitimate traffic are prioritized with this method of detection and elimination.

The reported findings show that the suggested approach outperforms other frequently employed models when it comes to the specified task. Additionally, by using a grid-based search for hyper-parameter adjustment, the best possible collection of models was selected within the bounds of the predetermined hyper-parameters. We conclude that using a combined classifier is more effective than using a single classifier. This can sometimes be attainable due to the categorization problem, estimator, and dataset.

The Bagging-D-Trees Classification with the DL classifiers in a series arrangement ensured a 99.5% positive classification coverage rate. This guarantees that a network of connected robots using simple decision Trees will detect any positive categories that evade the deep learner’s grading. It is worth noting that the Bagging-decision-trees classification yields a comparable score starting at two (2) devices. This is helpful for keeping the system’s decision honest even if certain devices go down. Finally, the study presented herein provides encouraging evidence that a safe and effective IoRT network is feasible in the workplace. This helps move Industry 4.0 closer to its objective of a fully autonomous, secure, and intelligent commercial system. The research seems to center on data-gathering methods and the efficacy of utilizing neural networks to identify intrusions as a means to improve the cybersecurity of ICSs. It also includes suggestions for enhancing the security of ICSs across different sectors.

4.2. Prospects and Recommendation

As the IoT-23 dataset is just one of several Internet of Things virus-capturing records, it is recommended that the suggested method and safety measures be tested with other publicly accessible malware-capture databases in the near future. If the method suggested for dealing with classification issues of a comparable kind holds water in such experiments, then optimism in that technique will grow. Optimization techniques can use random or thorough iterations of the search field of the machine learner and decision tree structures to find the best combination of hyper-parameters to improve the accuracy of the classifications that have been put in place. In conclusion, the k-fold cross-validation procedure can be run with the best settings to cut down on bias and variation in the result of the model. Finally, the report recommends cybersecurity requirements for ICSs, including as strong passwords, updating patches, and anti-malware protection. The significance of physical protections for ICSs is also discussed. Despite the research is certainly respectable, the paper’s presentation of those findings may lack continuity because it isn’t structured like a story, as the offered language seems to imply in its concluding section.