Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

On Deep Reinforcement Learning Security for Industrial Internet of Things

Published

Author(s)

Xing Liu, Wei Yu, Fan Liang, David W. Griffith, Nada T. Golmie

Abstract

Industrial Internet of Things (IIoT), also known as Industry 4.0, empowers manufacturing and production processes by leveraging automation and Internet of Things (IoT) technologies. In IIoT, the information communication technologies enabled by IoT could greatly improve the efficiency and timeliness of information exchanges between both vertical and horizontal system integrations. Likewise, machine learning algorithms, particularly Deep Reinforcement Learning (DRL), are viable for assisting in automated control of complex IIoT systems. Despite noticeable performance improvements, the security threats brought by massive interconnections in IoT and the vulnerabilities of deep neural networks used in DRL must be thoroughly investigated and mitigated before widespread deployment. Thus, in this paper we first design a DRL-based controller to enable automated control in an IIoT context. We then investigate malicious behaviors of adversaries with two attacks: function-based attacks that can be launched during training phase and performance-based attacks that can be launched after training phase, to study the security impacts of vulnerable DRL-based controllers. From the adversary's perspective, maximum entropy Inverse Reinforcement Learning (IRL) is used to approximate a reward function through observation of system trajectories under the control of trained DRL-based controllers. The approximated reward function is then used to launch attacks by the adversary against the Deep Q Network (DQN)-based controller. Via simulation, we evaluate the impacts of our investigated two attacks, finding that attacks are increasingly successful with increasing accuracy of the control model. Furthermore, we discuss some tradeoffs between control performance and security performance of DRL-based IIoT controllers, and outline several future research directions to secure machine learning use in IIoT systems.
Citation
Computer Communications
Volume
168

Citation

Liu, X. , Yu, W. , Liang, F. , Griffith, D. and Golmie, N. (2021), On Deep Reinforcement Learning Security for Industrial Internet of Things, Computer Communications, [online], https://doi.org/10.1016/j.comcom.2020.12.013 (Accessed May 21, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created February 15, 2021, Updated November 6, 2023