An Intelligent Digital Twin Method Based on Spatio-Temporal Feature Fusion for IoT Attack Behavior Identification

Network attack identification effectively secures Internet of Things (IoT) application scenarios. However, dynamic scene changes, attack feature reliance, high data dimensions, and challenges with spatio-temporal feature fusion frequently pose limitations to attack traffic identification in IoT contexts. Definitive intelligent IoT attack identification enables intelligent algorithms to extract attack features for application scenarios with fixed topological environments but cannot construct the intricate changes of IoT application scenarios. Through the dynamic acquisition, feature awareness, and deep learning, intelligent digital twin-based attack detection can address these issues and enhance attack identification for IoT threats. Thus, this paper proposed an intelligent digital twin method based on spatio-temporal feature fusion for IoT attack behavior identification. Firstly, feature subsets are selected based on information gain to reduce the dimensionality of IoT data with high traffic; Secondly, a parallel spatio-temporal feature extraction model is designed unlike the existing tandem model, which uses a simplified Convolutional Neural Networks (CNN) model to learn the spatial features of the attack, a Bi-directional Long Short-Term Memory (BiLSTM) model to learn the temporal features of the attack, an attention mechanism to fuse the temporal and spatial features, and the (Deep Neural Networks) DNN to learn the combined features; Finally, the virtual instance space and topology of the attack scenario are simulated using digital twin (DT) to build a digital version of the complex system for IoT applications and tested in a simulation environment. Based on experimental results using the UNSW-NB15 and CICIDS2017 datasets, this paper shows that the proposed method can extract spatio-temporal features from network attack traffic and has a 5% improvement in test accuracy.