Incident-aware smart prioritization framework for penetration testing and prevention of URL-based cybersecurity attacks in industry 4.0 IoT networks.
Zhanserik Nurlan, Dauren Gabdullayev, Bigul Mukhametzhanova, Nurkhat Zhakiyev, Irawan Sonny, Mohammed Alaa Ala'anzy, Zulfiqar Ahmad, Beibut Amirgaliyev
Abstract
Open AccessIn the era of Industry 4.0, where IoT-enabled smart infrastructures are deeply integrated with digital automation, cybersecurity becomes a critical priority. The ubiquitous use of URLs (Uniform Resource Locators) as gateways to online services has introduced not only convenience but also increased exposure to cyber threats. URL-based cyberattacks pose significant risks to Industrial IoT (IIoT) networks, demanding intelligent and proactive security measures. This paper presents an incident-aware smart prioritization framework specifically designed for penetration testing and prevention of URL-based cybersecurity attacks targeting IoT network hosts in Industry 4.0 environments. The proposed approach begins with penetration testing and vulnerability analysis to identify threats across IIoT network hosts. Based on incident awareness, the framework then prioritizes detected threats and utilizes machine learning models for accurate threat classification and prevention. A dynamic threshold mechanism is introduced to enable real-time prevention, minimizing potential damage or loss. The framework evaluates the performance of three widely used machine learning models, Random Forest, Support Vector Machine (SVM), and XGBoost, for classifying malicious URLs. Experimental results indicate that Random Forest achieves the highest accuracy due to its ensemble learning capabilities. SVM demonstrates strong performance in maintaining a balance between precision and recall, while XGBoost, with its high recall rate, is effective in identifying true threats despite a marginally higher false positive rate. The proposed framework significantly enhances the resilience of Industry 4.0 infrastructures by enabling smarter and more targeted mitigation of URL-based cyber threats.