Dissemination Control in Dynamic Data Clustering For Dense IIoT Against False Data Injection Attack

The IoT has made possible the development of increasingly driven services, like industrial IIoT services, that often deal with massive amounts of data. Meantime, as IIoT networks grow, the threats are even greater, and false data injection attacks (FDI) stand out as being one of the most aggressive. The majority of current solutions to handle this attack do not take into account the data validation, especially on the data clustering service. Aiming to advance on the issue, this work introduces CONFINIT, an intrusion detection system for mitigating FDI attacks on the data dissemination service performing in dense IIoT networks. CONFINIT combines watchdog surveillance and collaborative consensus strategies for assertively excluding various FDI attacks. The simulations showed that CONFINIT compared to DDFC increased by up to 35% - 40% the number of clusters without attackers in a gas pressure IIoT environment. CONFINIT achieved attack detection rates of 99%, accuracy of 90 and F1 score of 0.81 in multiple IIoT scenarios, with only up to 3.2% and 3.6% of false negatives and positives rates, respectively. Moreover, under two variants of FDI attacks, called Churn and Sensitive attacks, CONFINIT achieved detection rates of 100%, accuracy of 99 and F1 of 0.93 with less than 2% of false positives and negatives rates.