Related papers: Decentralized Multi-Agent Swarms for Autonomous Grid Security in Industrial IoT: A Consensus-based Approach

Decentralized Multi-Agent Swarms for Autonomous Grid Security in Industrial IoT: A Consensus-based Approach

URL: http://arxiv.org/abs/2601.17303v1
Date: Sat, 24 Jan 2026 04:25:36 GMT
Title: Decentralized Multi-Agent Swarms for Autonomous Grid Security in Industrial IoT: A Consensus-based Approach
Authors: Samaresh Kumar Singh, Joyjit Roy,
Abstract summary: DMAS agents communicate via a lightweight peer-to-peer protocol to cooperatively detect anomalous behavior.<n>Agents vote on the threat level of an identified threat, enabling instant quarantine of a compromised node or nodes.<n> DMAS demonstrated sub-millisecond response times, 97.3% accuracy in detecting malicious activity under high load, and 87% accuracy in detecting zero-day attacks.
Score: 0.0
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: As Industrial Internet of Things (IIoT) environments expand to include tens of thousands of connected devices. The centralization of security monitoring architectures creates serious latency issues that savvy attackers can exploit to compromise an entire manufacturing ecosystem. This paper outlines a new, decentralized multi-agent swarm (DMAS) architecture that includes autonomous artificial intelligence (AI) agents at each edge gateway, functioning as a distributed digital "immune system" for IIoT networks. Instead of using a traditional static firewall approach, the DMAS agents communicate via a lightweight peer-to-peer protocol to cooperatively detect anomalous behavior across the IIoT network without sending data to a cloud infrastructure. The authors also outline a consensus-based threat validation (CVT) process in which agents vote on the threat level of an identified threat, enabling instant quarantine of a compromised node or nodes. The authors conducted experiments on a testbed that simulated an innovative factory environment with 2000 IIoT devices and found that the DMAS demonstrated sub-millisecond response times (average of 0.85ms), 97.3% accuracy in detecting malicious activity under high load, and 87% accuracy in detecting zero-day attacks. All significantly higher than baseline values for both centralized and edge computing. Additionally, the proposed architecture can prevent real-time cascading failures in industrial control systems and reduce network bandwidth use by 89% compared to cloud-based solutions.

Related papers

MI$^2$DAS: A Multi-Layer Intrusion Detection Framework with Incremental Learning for Securing Industrial IoT Networks [47.386868423451595]
MI$2$DAS is a multi-layer intrusion detection framework that integrates anomaly-based hierarchical traffic pooling and open-set recognition.<n>Experiments conducted on the Edge-IIoTset dataset demonstrate strong performance across all layers.<n>These results showcase MI$2$DAS as an effective, scalable and adaptive framework for enhancing IIoT security.
arXiv Detail & Related papers (2026-02-27T09:37:05Z)
Multi-Agent Collaborative Intrusion Detection for Low-Altitude Economy IoT: An LLM-Enhanced Agentic AI Framework [60.72591149679355]
The rapid expansion of low-altitude economy Internet of Things (LAE-IoT) networks has created unprecedented security challenges.<n>Traditional intrusion detection systems fail to tackle the unique characteristics of aerial IoT environments.<n>We introduce a large language model (LLM)-enabled agentic AI framework for enhancing intrusion detection in LAE-IoT networks.
arXiv Detail & Related papers (2026-01-25T12:47:25Z)
Automating Supply Chain Disruption Monitoring via an Agentic AI Approach [49.77982322940809]
We introduce a minimally supervised agentic AI framework that autonomously monitors, analyses, and responds to disruptions across extended supply networks.<n>The system achieves high accuracy across core tasks, with F1 scores between 0.962 and 0.991, and performs full end-to-end analyses in a mean of 3.83 minutes at a cost of $0.0836 per disruption.
arXiv Detail & Related papers (2026-01-14T18:28:31Z)
Multi-Agent-Driven Cognitive Secure Communications in Satellite-Terrestrial Networks [58.70163955407538]
Malicious eavesdroppers pose a serious threat to private information via satellite-terrestrial networks (STNs)<n>We propose a cognitive secure communication framework driven by multiple agents that coordinates spectrum scheduling and protection through real-time sensing.<n>We exploit generative adversarial networks to produce adversarial matrices, and employ learning-aided power control to set real and adversarial signal powers for protection layer.
arXiv Detail & Related papers (2026-01-06T10:30:41Z)
Scalable Hierarchical AI-Blockchain Framework for Real-Time Anomaly Detection in Large-Scale Autonomous Vehicle Networks [0.5505634045241287]
Existing security schemes are unable to provide sub-10 ms anomaly detection and distributed coordination of large-scale networks of vehicles.<n>This paper introduces a three-tier hybrid security architecture HAVEN, which decouples real-time local threat detection and distributed coordination operations.<n>It incorporates a light ensemble anomaly detection model on the edge, Byzantine-fault-tolerant federated learning to aggregate threat intelligence at a regional scale, and selected blockchain mechanisms to ensure critical security coordination.
arXiv Detail & Related papers (2025-11-16T15:30:46Z)
Proactive DDoS Detection and Mitigation in Decentralized Software-Defined Networking via Port-Level Monitoring and Zero-Training Large Language Models [3.6260109722491465]
Software-Defined Networking (cSDN) offers flexible and programmable control of networks but suffers from scalability and reliability issues.<n>Decentralized SDN (dSDN) Distributed alleviates these concerns by distributing control across multiple local controllers.<n>This architecture remains highly vulnerable to Denial-of-Service (DDoS) attacks.<n>We propose a novel detection and mitigation framework tailored for dSDN environments.
arXiv Detail & Related papers (2025-11-01T08:57:29Z)
The Use of the Simplex Architecture to Enhance Safety in Deep-Learning-Powered Autonomous Systems [38.86794557167231]
This paper presents a software architecture for enhancing safety, security, and predictability levels of learning-based autonomous systems.<n>It leverages two isolated execution domains, one dedicated to the execution of neural networks under a rich operating system, which is deemed not trustworthy, and one responsible for running safety-critical functions.
arXiv Detail & Related papers (2025-09-25T11:20:47Z)
A Robust Cross-Domain IDS using BiGRU-LSTM-Attention for Medical and Industrial IoT Security [0.21427777919040417]
This paper introduces a novel transformer-based intrusion detection system IDS, termed BiGAT-ID.<n>BiGAT-ID is a hybrid model that combines bidirectional recurrent gated units BiGRU, long short-term memory LSTM networks, and multi-head attention MHA.<n>The model exhibits exceptional runtime efficiency, with inference times as low as 0.0002 seconds per instance in IoMT and 0.0001 seconds in IIoT scenarios.
arXiv Detail & Related papers (2025-08-17T18:50:23Z)
A Hierarchical IDS for Zero-Day Attack Detection in Internet of Medical Things Networks [1.024113475677323]
We propose a multi level IoMT IDS framework capable of detecting zero day attacks and distinguishing between known and unknown threats.<n>The first layer detects zero-day attacks with high accuracy without needing new datasets, ensuring strong applicability in IoMT environments.
arXiv Detail & Related papers (2025-08-14T05:08:37Z)
Cyber Attacks Detection, Prevention, and Source Localization in Digital Substation Communication using Hybrid Statistical-Deep Learning [39.58317527488534]
This paper proposes a novel method using hybrid statistical-deep learning for the detection, prevention, and source localization of IEC 61850 SV injection attacks.<n>It effectively discards malicious SV frames with minimal processing overhead and latency, maintains robustness against communication network latency variation and time-synchronization issues.<n>Results demonstrate the method's suitability for practical deployment in IEC 61850-compliant digital substations.
arXiv Detail & Related papers (2025-07-01T07:38:22Z)
Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z)
Lightweight Collaborative Anomaly Detection for the IoT using Blockchain [40.52854197326305]
Internet of things (IoT) devices tend to have many vulnerabilities which can be exploited by an attacker. Unsupervised techniques, such as anomaly detection, can be used to secure these devices in a plug-and-protect manner. We present a distributed IoT simulation platform, which consists of 48 Raspberry Pis.
arXiv Detail & Related papers (2020-06-18T14:50:08Z)
Adaptive Anomaly Detection for IoT Data in Hierarchical Edge Computing [71.86955275376604]
We propose an adaptive anomaly detection approach for hierarchical edge computing (HEC) systems to solve this problem. We design an adaptive scheme to select one of the models based on the contextual information extracted from input data, to perform anomaly detection. We evaluate our proposed approach using a real IoT dataset, and demonstrate that it reduces detection delay by 84% while maintaining almost the same accuracy as compared to offloading detection tasks to the cloud.
arXiv Detail & Related papers (2020-01-10T05:29:17Z)

This list is automatically generated from the titles and abstracts of the papers in this site.