Next, the proposed ACDIIOT-BSSA approach achieves feature selection progress utilizing the BSSA algorithm. Mirjalili et al. presented the SSA based on the group behavior of salps in the ocean [ 16 ]. In SSA, the swarm of salps forages and moves in a chain structure, and the leader and follower are two different roles of salps. The individual at the forefront of the sales chain serves as a leader, whereas the others serve as followers. The leaders lead the salp chain direction, whereas the follower follows the preceding leader. Thereby, the leader explores the food source, and follower moves to the leader. This enables the salp chain to have stronger local exploitation and global exploration capabilities. Similar to other swarm‐based techniques, the salp position can be described by a ‐dimensional vector, where is the dimension number of optimization problems. Next, the swarm of salps is described by a x matrix, where is the size of swarm. % − ! 89% − %>" + %?

In Eq. (2), %! is the '( dimension vector of first salp position, viz., leader of salps. denotes the food source position. ! is a crucial parameter. It has the function of balancing exploration and exploitation capability of SSA. " and &, that define the stepsize and movement direction of the leader, correspondingly, are two randomly generated values within [ 0,1 ]. % and % are the upper and the lower boundaries of the '( dimension, correspondingly.

! = 2) (+-,)! (3) Where and are the existing and the maximum iteration count.

A follower is used to update the location using the following equation:

1 %/ = 2 9%/ + %/) !> (4) In Eq. (4), %/ is the '( dimension vector of '( follower salp position.

The SSA was initially introduced to resolve the optimization problems. Meanwhile, FS is a discrete optimization problem, and SSA could not efficiently handle it. To overcome these issues, BSSA was introduced. In BSSA, the component of position vector should be mapped to 0 or 1 after all the iterations. The mapping model of location vector is given below: 1 9%/> =

1 + exp) 0"# %/ = U1 ≥ 9%/> (6) 0 Where %/ is the 1( dimension vector of location representing '( salp; shows the uniformly distributed random number within [ 0,1 ]; sigmoid function is the possibility of choosing a candidate features; %/ indicates the '( vector dimension of '( salp position.

The fitness function (FF) examines the classifier precision and the chosen feature numbers. It maximizes the classification precision and minimizes the chosen feature set sizes. Hence, the subsequent FF is utilized to compute a particular solution, as presented in Eq. (7). # = ∗ + (1 − ) ∗ #_ (7)

Where indicates the classifier error rate utilizing the chosen features. Is computed as the ratio of wrong classified to the number of classifiers produced, represented as a value among 0 and 1. ( Is complementary of the classifier precision), # indicates the amount of chosen features and #_ indicates the entire amount of features in the novel dataset. is utilized to manage the significance of classifier subset length and quality. In our experimentations, the value is 0.9. 3.3.

For attack recognition, the ACDIIOT-BSSA method uses ELM technique. The proposed ELM technique aims to resolve the slower training problems with classical FFNN model [ 17 ]. The slow training problems are tracked back to the iterative training owing to its gradient‐based learning algorithm. Rather than training the network through iterative training, ELM arbitrarily selects the nodes in the HL of single hidden layer feedforward neural network (SHFN) and later defines the output weight through the analysis. Thus, the training time can be considerably decreased while providing better generalizability, though the architecture of NN remains the same.

Consider (/, /), a set of observable samples and the expected output , thus / = [/!, ⋯ , /2]1 ∈ ℝ2 and % = [/!, ⋯ , /3]1 ∈ ℝ3. is the number of the observations, () is the activation function, and ℎ is the amount of hidden nodes.

o% = i ℎ %9% ⋅ % + ℎ/> (8) /5!

In Eq. (8), o% refers to the output of '( nodes at the output layer, = 1, ⋯ , , / = [/!, ⋯ , /2]1 indicates the weight vectors between'( hidden nodes and the input nodes. / = [/!, ⋯ , /6]1 and ℎ/ are the threshold values of '( hidden nodes. The symbol ⋅ denotes the inner product of / and /. The SHFN can calculate the desired output of samples with zero means using = , Where refers to the output matrix of HL.

7

( % = i /5! ℎ %9/ ⋅ % + ℎ/> (9) = i ( i / 9/ ⋅ % + ℎ/> − %)" (10)

%5! /5!

The parameters such as , the vector form of /, , and are updated iteratively to reduce the error from gradient‐based algorithm, () $ = $) ! − (11) Where refers to the learning rate. Usually, Backpropagation is utilized as a learning model thus errors are forwarded back to parameter optimization. If is small, then it takes long time for the learning model to be converged. On the other hand, a large might result in divergence or instability. Other perplexing issues are gradient‐based learning and Local minima. The dissimilarity between backpropagation and ELM algorithms lies mainly in the technique for updating parameters. For ELM, the neuron count in the HL is the primary factor that defines the ELM performance.

Finally, the AOA is deployed as a hyperparameter optimizer for the ELM method. The AOA is a new metaheuristic algorithm based on the statistical properties of the four basic arithmetical operators such as multiplication (), division (), subtraction (), and addition () [18]. The two processes that constitute optimization algorithms in AOA are exploitation and exploration of mathematical modeling of AOA. The hierarchy of arithmetical operations together with the domination from the external to inside. The Math Optimizer Accelerated () operator is a coefficient in the search process.

(89:;) = Min + <9:; ∗ x <':; Where (_) is the function value at '( iterations. 89:; is the existing iteration, ranging from 1 to the maximal value. “” and “” are the minimal and maximal values correspondingly.

The exploration operator of explores the search region randomly on different approaches and areas to search for the best solution according to the () and () search strategies.

(12) Max − Min

z () /%(<':; + 1) = 4 +  (13) () ∗ ∗ 9( − ) ∗ + >, ℎ //(<':; + 1) is the '( solution in '( position at the existing iteration, and () is the '( location in the optimum solution. and are the upper and lower boundaries of the '( position and is a small integer number. The search process can be transformed by where it denotes the existing iteration, refers to the setting of the control parameter set as 0.5.

∗ 9( − ) ∗ + >, 2 < 0.5 (<':;) = 1 − _!/> (14)

In Eq. (14), /':; indicates the existing iteration, (_) shows the maximal iteration number and (Math Optimizer Probability) is a coefficient. (<':;) is the function value at the '( iteration. The delicate parameter is the exploitation accuracy through the iteration at 5.

The () and () search strategies are utilized by the exploitation operators of AOA to exhaustively explore the search area in the dense places and approach to search for the best solution.

_!/> () − ∗ 9( − ) ∗ + >3 < 0.5 , (<':; + 1) = ‚

() + ∗ 9( − ) ∗ + >, ℎ

The fitness selection is the significant feature affecting the presentation of the AOA. The hyper-parameter selection model covers the solution encode method to compute the candidate solution efficiency. In this study, the AOA finds precision as the main criterion to develop the FF which could be expressed as follows.

= max ()

=

+ From the formulation, TP and FP represent true and false positive values respectively. (16) (17) ƒ (15)

In Table 2 and Fig. 2, the overall cyberattack detection results of the ACDIIOT-BSSA model under 70%TRAP and 30%TESP are demonstrated. The table values stated that the ACDIIOTBSSA method can find the samples proficiently. With 70%TRAP, the ACDIIOT-BSSA methodology offers average ? of 95.00%, $ of 82.53%, , of 82.51%, @AB;: of 82.51%, and 6:C@2;: of 82.51%. Followed by, with 30%TESP, the ACDIIOT-BSSA technique provides average ? of 95.56%, $ of 84.47%, , of 84.45%, @AB;: of 84.43%, and 6:C@2;: of 84.45%.

In Fig. 3, the training and validation accuracy outcomes of the ACDIIOT-BSSA approach can be exhibited. The precision values are calculated for 0-25 epoch counts. This figure emphasized that the training and validation accuracy values display reliable trend that indicated the capability of the ACDIIOT-BSSA method with better performance over numerous iterations. In addition, the training accuracy and validation accuracy stay nearer over the epoch count that denoted less minimum overfitting and shows superior performance of the ACDIIOT-BSSA technique, ensuring continuous prediction on hidden instances.

In Fig. 4, the training and validation loss graph of the ACDIIOT-BSSA technique was demonstrated. The loss values are calculated for 0-25 epoch counts. It is depicted that the training and validation accuracy values indicated a reducing trend that announced the capacity of the ACDIIOT-BSSA technique to balance a trade-off between generalization and data fitting. The consistent decrease in loss values also assurances the better performance of the ACDIIOTBSSA approach and tuning of the prediction outcomes on time.

In Table 3 and Fig. 5, an overall comparative analysis of the ACDIIOT-BSSA approach is noticeably portrayed [20] compared with recent techniques [21-22]. The outcomes depicted that the RF, SVM, and KNN techniques have demonstrated ineffectual recognition outcomes with least ? of 80.83%, 73.01%, and 69.33%, respectively. Meanwhile, the DNN methodology has displayed significant performance with ? of 94.67%, $ of 75.81%, , of 73.80%, and @AB;: of 70.08%. In addition, the Inception time technique has successfully performed reasonable results with ? of 94.94%, $ of 70.24%, , of 74.20%, and @AB;: of 68.27%. Lastly, the ACDIIOT-BSSA method exhibits better performance with improved ? of 95.56%, $ of 84.47%, , of 84.45%, and @AB;: of 84.43%. Therefore, the ACDIIOT-BSSA approach was used for superior cyberattack recognition in the IIoT environment.