A Blockchain-Enabled Secure Digital Twin Framework for Early Botnet Detection in IIoT Environment

Resource constraints in the Industrial Internet of Things (IIoT) result in brute-force attacks, transforming them into a botnet to launch Distributed Denial of Service Attacks. The delayed detection of botnet formation presents challenges in controlling the spread of malicious scripts in other devices and increases the probability of a high-volume cyberattack. In this paper, we propose a secure Blockchain-enabled Digital Framework for the early detection of Bot formation in a Smart Factory environment. A Digital Twin (DT) is designed for a group of devices on the edge layer to collect device data and inspect packet headers using Deep Learning for connections with external unique IP addresses with open connections. Data are synchronized between the DT and a Packet Auditor (PA) for detecting corrupt device data transmission. Smart Contracts authenticate the DT and PA, ensuring malicious nodes do not participate in data synchronization. Botnet spread is prevented using DT certificate revocation. A comparative analysis of the proposed framework with existing studies demonstrates that the synchronization of data between the DT and PA ensures data integrity for the Botnet detection model training. Data privacy is maintained by inspecting only Packet headers, thereby not requiring the decryption of encrypted data.