The Industrial Internet of Things (IIoT) is a physical information system developed based on traditional industrial control networks. As one of the most critical infrastructure systems, IIoT is also a preferred target for adversaries engaged in advanced persistent threats (APTs). To address this issue, we explore a deep-learning-based proactive APT detection scheme in IIoT. In this scheme, considering the characteristics of long attack sequences and long-term continuous APT attacks, our solution adopts a well-known deep learning model, bidirectional encoder representations from transformers (BERT), to detect APT attack sequences. The APT attack sequence is also optimized to ensure the model's long-term sequence judgment effectiveness. The experimental results not only show that the proposed deep learning method has feasibility and effectiveness for APT detection, but also certify that the BERT model has better accuracy and a lower false alarm rate when detecting APT attack sequences than other time series models.

中文翻译：

---

保护关键基础设施：IIoT 中基于深度学习的威胁检测

工业物联网（IIoT）是在传统工业控制网络基础上发展起来的物理信息系统。作为最关键的基础设施系统之一，IIoT 也是从事高级持续威胁 (APT) 的对手的首选目标。为了解决这个问题，我们探索了 IIoT 中基于深度学习的主动 APT 检测方案。在该方案中，考虑到长攻击序列和长期连续 APT 攻击的特点，我们的解决方案采用众所周知的深度学习模型，来自 Transformer 的双向编码器表示（BERT）来检测 APT 攻击序列。APT攻击序列也进行了优化，保证模型的长期序列判断有效性。