ROBUST AND EXPLAINABLE HYBRID DEEP LEARNING MODEL FOR REAL-TIME ZERO-DELAY BOTNET DETECTION IN INDUSTRIAL IOT

Abstract

The commercial net of factors (IIoT) has revolutionized commercial operations by allowing records-driven automation, real-time analytics, and seamless connectivity throughout production, logistics, and crucial infrastructure. however, the proliferation of IIoT devices has appreciably expanded the assault surface, exposing structures to sophisticated botnet attacks, consisting of zero-day threats that take advantage of undisclosed vulnerabilities. traditional deep studying fashions, such as LSTM and DNN, are computationally extensive, lack interpretability, and require centralized records, making them wrong for the disbursed, privacy-sensitive, and resource-confined IIoT environment. This paper proposes a strong and explainable federated studying (FL) model primarily based on LightGBM, a gradient-boosted tree set of rules, for real-time, zero-put off botnet detection in IIoT structures. The model leverages FL to enable privacy-keeping schooling throughout disbursed edge devices, with LightGBM supplying light-weight, green, and interpretable detection. Optimized for edge deployment through model compression and histogram-primarily based techniques, the framework carries anomaly detection to pick out rising threats and employs SHAP (SHapley Additive causes) for obvious decision-making. Evaluated at the BoTNeTIoT-L01 dataset, which captures real-world IIoT site visitors with Mirai and Gafgyt botnet attacks, the model achieves ninety-nine. eight% accuracy, a fake advantageous price (FPR) of zero.12%, and detection latency of 1.eight ms, demonstrating robustness throughout various assault eventualities. Designed to aid commercial 5.zero’s human-gadget collaboration and 6G’s extremely-low-latency necessities, this framework gives a scalable, power-green, and interpretable answer for securing IIoT networks in opposition to evolving cyberthreats