A Firefly-Based Optimization Algorithm for Secure 5G-IoT Cyber-Physical Systems

Cyber-physical systems (CPS) are widely used for automating tasks enabling even basic hardware to function as smart devices. These devices typically have low power consumption, limited storage capacity, and minimal computational capability. The evolution of electronic systems has led to a new generation that integrates physical structures with computational methods. A computational method consists of a set of instructions that execute various operations on a physical system [1]. It includes network-connected computers that monitor and control different physical processes within a device. This automation reduces human intervention, minimizing errors and enhancing system efficiency. Examples of CPS applications include smart automobiles, smart homes, and intelligent devices. In the context of CPS, the Internet of Things (IoT) is driving advancements across multiple industries, contributing to the development of smart cities and intelligent residences [2].

CPS has become feasible due to internet connectivity and advancements in communication technologies, impacting industries ranging from manufacturing to research and development. While earlier generations of electrical devices featured automated processes, modern CPS systems are more dynamic, goal-oriented, and internet-connected, allowing for continuous interaction with devices from any location [3]. In a smart home system, automated air conditioning units can sense external temperatures and adjust accordingly. These systems can detect human presence, monitor environmental conditions, and analyse data to optimize room temperature settings for user comfort. As a result, CPS enhances decision-making capabilities in simulated data, making the system more adaptive and intelligent [4]. Figure 1 illustrates the components of CPS, detailing their implementation across various applications. The CPS architecture consists of three primary components: Things (Devices and Sensors); Applications & Data Analysis; and Manufacturing & Infrastructure. These components define the structural and functional aspects of CPS, enabling efficient automation and intelligent control across multiple domains [5].

1.png

Figure 1. Components of CPS

Connected objects or artifacts collect information about their environment. Depending on their nature, these objects may operate in either static or dynamic contexts. Static objects do not change their behavior in response to environmental variations; strictly follow predefined instructions. Dynamic objects are designed to adapt to simulated data conditions allowing them to modify their operations accordingly [6]. The two fundamental requirements for these objects are the ability to collect data and transmit it to CPS applications for further processing. Beyond providing processing power and data storage, CPS component enables the integration of various smart processing methods such as databases, cloud storage, and other similar technologies [7]. Analytical and software applications leverage CPS-generated data to support informed decision-making, while also offering users enhanced features, functionalities, and capabilities. One of the most advanced connectivity solutions in this domain is 5G, which aims to achieve ultra-low latency, high reliability, flexibility, and security. In terms of manufacturing efficiency, production system adaptability, and reconfiguration, 5G is expected to drive smart manufacturing facilities and other industrial settings [8].

A key challenge in this transformation is the need for deep integration of Operational Technology (OT) and Information Technology (IT). This makes the transition to Industry 4.0 (I4.0) for a specific business, region, or factory a complex, multidisciplinary task. Numerous frameworks and approaches have been proposed to support transition, primarily by developing roadmaps based on technological readiness and digitization levels [9]. The primary goal of these frameworks is to assist industrial manufacturing companies in assessing their digital maturity levels and guiding their digitalization strategies through structured evaluation stages at each phase of the process. These models emphasize that reliable wireless communication is the key enabler of system interconnectivity ensuring seamless integration of all manufacturing resources [10]. This facilitates the implementation of both OT and advanced IT solutions such as mobile autonomous robots, matrix manufacturing, big data, and Artificial Intelligence (AI). While some frameworks consider communication-specific features, particularly in relation to industrial application requirements, they often lack detailed insights into how specific wireless communication methods perform in particular industrial environments. Wi-Fi remains the dominant connectivity choice in manufacturing settings; the wireless landscape consists of multiple technologies with diverse characteristics, requiring careful selection based on industry-specific demands [11].

Wi-Fi operates on unlicensed frequency bands, where the electromagnetic spectrum is shared with other networks. As a result, its efficiency and reliability can vary significantly depending on the specific environment and application scenario. Under such conditions, high dependability and Quality-of-Service (QoS) requirements may not always be met, as network access for transmissions requires contention-based competition [12]. With the initial commercial 5G networks now deployed for industrial applications is crucial to ensure that the full potential of 5G is properly evaluated and leveraged within manufacturing environments. 5G promises higher reliability and improved efficiency; however, there is a noticeable lack of comprehensive use case analyses, performance evaluations, and recommendations regarding the integration of wireless technologies into various I4.0 processes and broader digital transformation initiatives. To enhance the security of IoT networks against cyberattacks, the development of Intrusion Detection Systems (IDS) as an additional line of defense is essential. Machine learning (ML)-based Intrusion Detection Systems have been widely studied to protect IoT devices from unauthorized access [13]. Several research efforts have explored intrusion detection techniques for security systems, Wireless Sensor Networks (WSNs), ad hoc networks, and cloud-based IoT environments. The unique characteristics of IoT ecosystems present challenges for existing intrusion detection methods make insufficient or inefficient in safeguarding connected devices. Some of these challenges include limited bandwidth, energy constraints, diverse device types, and the pervasive nature of IoT networks [14]. ML has gained prominence for its ability to detect security threats in IoT networks effectively. Existing network monitoring techniques are often unsuitable for WSNs due to their restricted computational and transmission capabilities. ML models for traffic analysis are being extensively researched for WSN-based IDS [15]. As WSNs continue to expand in size and user base generate high-dimensional traffic data making it difficult for existing ML models to perform feature extraction and maintain detection accuracy. These limitations may fail to address the specific security requirements of WSN environments. By leveraging ML-based approaches, computational overhead can be reduced, and a better understanding of traffic anomalies can be achieved ultimately improving IDS accuracy compared to existing methods [16].

1.1 Problem statement

The integration of CPS with 5G-enabled IoT networks has enabled simulated data exchange and low-latency communication across domains such as smart cities, healthcare, and industrial automation. The large-scale deployment of heterogeneous and resource-constrained devices increases exposure to cyber threats, rendering existing static security measures ineffective. Key challenges include secure data transmission, simulated data threat detection, and lack of adaptive security frameworks. To ensure confidentiality, integrity, and availability in these critical infrastructures, there is a pressing need for intelligent, scalable, and energy-efficient security architectures that combine encryption, access control, and AI-driven detection techniques.

1.2 Motivation

CPS plays a vital role in mission-critical applications, where security failures can lead to severe consequences. The convergence of CPS and 5G-IoT enables benefits like massive MTC, URLLC, and advanced data processing but also opens avenues for advanced persistent threats and unauthorized access. The dynamic nature of these systems demands adaptive solutions beyond existing security models. Innovations such as blockchain-based authentication, AI-powered anomaly detection, and quantum-resistant encryption are essential to safeguard sensitive data and maintain trust. Developing such a robust framework is crucial to ensuring reliable, secure, and uninterrupted operation of next-generation intelligent environments.

3.1 Problem formulation for secure CPS in 5G-enabled IoT networks

CPS in 5G-enabled IoT networks face significant security threats due to their distributed nature, heterogeneous devices, and simulated data communication requirements. Existing security mechanisms struggle with high latency, scalability, and dynamic attack surfaces. The problem can be mathematically formulated as follows:

Network model: Let N denote the number of lot devices in the CPS network, where each device ${{D}_{x}}\left( x=1,2,\ldots ,N \right)$ connected via a SG-enabled infrastructure. The communication between devices and edge servers follows:

${{C}_{x,y}}\left( t \right)=B.lo{{g}_{2}}\left( 1+SN{{R}_{x,y}}\left( t \right) \right)$    (1)

where, ${{C}_{x,y}}\left( t \right)$ is the channel capacity between device x and server y at time t.B is the channel bandwidth. $SN{{R}_{x,y}}\left( t \right)$ is the Signal-to-Noise Ratio (SNR) between device x and server y.

Attack model: Security threats in CPS can be classified into confidentiality, integrity, and availability attacks. The probability of a successful attack ${{P}_{\text{attack }\!\!~\!\!\text{ }}}$ can be expressed as:

${{P}_{\text{attack}}}=$$1-\left( 1-{{P}_{intrusion}} \right)\left( 1-{{P}_{data\_tamper}} \right)\left( 1-{{P}_{DDoS}} \right)$    (2)

where, ${{P}_{intrusion}}$ represents the probability of unauthorized access. ${{P}_{data\_tamper}}$ represents the probability of malicious data modification. ${{P}_{DDoS}}$ represents the probability of a Distributed Denial-of-Service (DDoS) attack.

Security Optimization Objective: The security mechanism must optimize detection rate ${{D}_{r}}$ minimize false positives FP, and maintain a low energy consumption E. The objective function is formulated as:

$\max _S\left[\alpha D_r-\beta F P-\gamma E\right]$    (3)

where, S is the security mechanism. $\alpha $, $\beta $, $\gamma \text{ }\!\!~\!\!\text{ }$ are weighting factors for accuracy, false positives, and energy consumption, respectively.

Secure Data Transmission: To ensure secure data transmission, encryption is applied using an optimized cryptographic function ${{E}_{sec}}$:

${{E}_{sec}}=H\left( M \right)\oplus K$    (4)

where, H(M) is the cryptographic hash of message M. K is the secret key. $\oplus \text{ }\!\!~\!\!\text{ }$ represents the XOR operation.

Resource Allocation for Secure CPS: The resource allocation problem for ensuring security while minimizing latency L is formulated as:

$\min _R \sum_{x=1}^N\left(W_x . L_x+\lambda S_x\right)$    (5)

where, ${{W}_{x}}$ is the weight factor for latency-sensitive devices; ${{L}_{x}}$ is the latency for device x, $\lambda $ is the security weight factor; ${{S}_{x}}$ represents the security level of device x.

This formulation provides a foundation for designing robust security mechanisms in 5G-enabled CPS by optimizing detection accuracy, resource utilization, and secure communication while mitigating security risks effectively.

3.2 Dataset description

A variety of variables that record network traffic in simulated data, device behavior, and security-related factors make up the dataset for Secure CPS in 5G-enabled IoT Networking shown in Table 1. It contains device-specific information like Device ID and Device Type provide activity accountability and temporal information (Timestamp) to monitor occurrences. Analysis of interaction effectiveness and the detection of possible cyber threats are aided by network-related characteristics such as network activity, protocol size, procedure, delay, nervousness, and loss of packets. CPU Usage, Memory Usage, and Battery Level offer valuable information on how much computing power IoT devices are used for identifying anomalous activity brought on by hardware malfunctions or cyberattacks. The dataset includes an assault Type to categorize different safety hazards and an Anomaly Flag to indicate if a recorded occurrence is typical or indicative of an assault.

This dataset can be used to train machine learning models for IDS allowing simulated data threat analysis and anomaly detection in 5G-enabled IoT networks shown in Table 2.

Table 1. Dataset description

Table 2. Sample data

3.3 System design

Proposed method is intended to handle the difficulties brought about by the growing intricacy and interdependence of CPS, where existing safety precautions would not be sufficient to handle dynamic and changing security threats. The strategy leverages the FOA to optimize several security factors such as allocation of resources, intrusion prevention, and information encryption across IoT devices in a 5G setting shown in Figure 3. This FOA proposed method convergence rate and resilience to local minima is well-known for its ability to identify optimum solutions in intricate search environments. For large-scale IoT systems wherein safety must be flexible and sensitive to current information patterns and methods of attack, this enhancement is essential. To identify the best configuration for managing resources, internet access, and secure transmission of information, the program continuously modifies the system's settings by mimicking the flashing actions of Firefly. Proposed method can strengthen the adaptability of 5G-enabled CPS against new cyber threats by allowing the network to dynamically detect vulnerabilities improve safety measures, and guarantee safe communication between the physical and cyber elements of IoT networks.

3.png

Figure 3. Proposed architecture

3.4 Pre-processing in secure 5G-enabled IoT communication systems

Pre-processing is an essential step in data analysis, particularly in complex communication systems like secure 5G-enabled IoT networks. In this context, pre-processing ensures that the raw data collected from IoT devices is clean, relevant, and formatted in a way that can be effectively used for security-related tasks such as intrusion detection, resource allocation, and encryption. Pre-processing typically involves several steps, including data cleaning, normalization, feature extraction, and dimensionality reduction.

Data cleaning: It involves handling missing, noisy, or inconsistent data. This is crucial in ensuring that any further analysis or optimization does not rely on incomplete or corrupted data. In 5G IoT systems, missing values in the collected sensor data can be filled using techniques like interpolation or imputation.

Data cleaning (imputation): Let ${{i}_{x}}$ represent the raw data vector, and $i_{x}^{\text{cleaned }\!\!~\!\!\text{ }}~$ the cleaned data after handling missing values:

$\begin{aligned} & i_x^{\text {cleaned }} =\left\{\begin{array}{l}i_x \quad \text { if } i_x \text { is available } \\ \frac{\sum_{y=1}^n i_y}{n} \text { if } i_x \text { is missing, replace with average value of the dataset }\end{array}\right.\end{aligned}$    (6)

where, n is the number of available data points in the dataset.

Normalization: In 5G IoT networks, loT device data such as signal strength, bandwidth usage, and power consumption may have varying scales.

${{i}_{norm}}=\frac{{{i}_{x}}-\text{min}\left( i \right)}{\max \left( i \right)-\text{min}\left( i \right)}$    (7)

where, ${{i}_{x}}~$ is the raw value of the feature, min(i) and max(i) are the minimum and maximum values of the feature in the dataset.

Feature extraction: In secure 5G IoT communication, features related to network traffic, packet size, and transmission power might be relevant for intrusion detection or resource allocation. Principal Component Analysis (PCA) is used to extract the most important features by reducing the dimensionality of the data while retaining most of the variance. PCA transforms the data into principal components by solving the eigenvalue problem:

${{I}_{new}}=IW$    (8)

where, I is the original dataset; W is the matrix of eigenvectors (principal components); ${{I}_{new}}$ is the transformed data with reduced dimensions.

Dimensionality reduction: In secure 5G IoT systems, dimensionality reduction can help in improving the efficiency of security algorithms, particularly for simulated data IDS and resource allocation.

$C=\underset{x,y}{\mathop \sum }\,\left( {{P}_{xy}}log\frac{{{P}_{xy}}}{{{q}_{xy}}} \right)$    (9)

where, ${{P}_{xy}}$ is the probability distribution of pairs of points in the high-dimensional space. ${{q}_{xy}}$ is the probability distribution of pairs of points in the low-dimensional space (after dimensionality reduction), C is the Kullback-Leibler divergence, which is minimized to reduce dimensionality.

Data transformation: Data transformation techniques, such as Fourier Transform or Wavelet Transform, are sometimes applied to communication signals to convert data from time-domain to frequency-domain. This helps in detecting anomalies or irregular patterns, especially in network traffic data. The DFT of a signal i(t) can be expressed as:

$I(f)=\sum_{n=0}^{N-1} i(n) e^{-y 2 \pi f n / N}$    (10)

where, $I\left( f \right)$ is the frequency-domain representation of the signal, $i\left( n \right)$ is the signal in the time domain; Secure SG IoT data for analysis and optimization. By applying data cleaning, normalization, feature extraction, dimensionality reduction, and transformation techniques, the raw data can be transformed into a more useful format, leading to enhanced performance of security algorithms such as intrusion detection, resource allocation, and encryption.

Cybersecurity professionals constantly face new attacks that exploit software vulnerabilities. Building collective resilience against IoT privacy and security concerns requires effective information sharing to fully realize the potential of IoT. This study highlights key issues and vulnerabilities in sectors such as healthcare and transportation, emphasizing the need for robust IoT cybersecurity implementation strategies in smart cities shown in Figure 4.

4.png

Figure 4. Smart cities infrastructure risk parameters

5.png

Figure 5. Network model of FOA with WSN-IoT

The proposed FOA iteratively applies to guide fireflies within the search space toward better solutions. Regardless of the type of optimization problem, the algorithm effectively balances attraction toward brighter solutions with random search enabling fireflies to explore the search space efficiently and converge toward optimal or near-optimal conditions. This combination of exploration and attraction allows FOA to solve complex optimization problems and identify effective solutions across various real-world applications. Figure 5 illustrates the FOA network framework using WSN-IoT. The Firefly Algorithm assessor performs several tasks, including constructing feature subsets from fireflies’ binary solutions, training neural network models to detect intrusions in the WSN-IoT framework using these subsets, evaluating performance metrics such as precision or AUC to measure model efficiency assigning fitness values based on these metrics to guide optimization and iteratively adjusting firefly movement. This analysis process steers the algorithm toward feature subsets that enhance IDS accuracy and improve WSN-IoT security.

Position update (movement of fireflies): Each firefly moves towards a brighter firefly (one with a better objective value). The movement is influenced by two factors:  Attraction to brighter fireflies (better solutions) and Random motion.

The position of the xth firefly is updated using the Eq. (11).

${{i}_{x}}\left( t+1 \right)={{i}_{x}}\left( t \right)+\beta .{{e}^{-\gamma {{r}^{2}}}}.\left( {{i}_{y}}\left( t \right)-{{i}_{x}}\left( t \right) \right)+\alpha .{{\epsilon }_{x}}\left( t \right)$    (11)

where, ${{i}_{x}}\left( t \right)$ is the position of the xth firefly at time t; ${{i}_{y}}\left( t \right)$ is the position of the yth firefly (a brighter firefly). $\beta $ is the attractiveness of firefly x towards firefly y is typically a function of the brightness and distance. $\gamma $ is the absorption coefficient (controls how quickly the light intensity diminishes with distance). r is the distance between fireflies x and y, given by $r=\left| \left| {{i}_{x}}-{{i}_{y}} \right| \right|.$ $\text{ }\!\!~\!\!\text{ }\alpha$ is the randomization parameter (used to introduce randomness in the movement). ${{\epsilon }_{x}}$(t) is a random vector, typically drawn from a uniform distribution, to provide randomness to the movement.

Brightness calculation (objective function): The brightness of a firefly is determined by the value of the objective function $f\left( {{i}_{x}} \right)$ and the firefly with a lower (or higher, depending on the problem) objective function value is considered brighter. In the case of optimization problems, the brightness ${{X}_{x}}$ of the xth firefly is defined as:

${{X}_{x}}=f\left( {{i}_{x}} \right)$    (12)

where, $f\left( {{i}_{x}} \right)$ is the objective function or fitness value of the xth firefly.

Attractiveness function: The attractiveness of a firefly is inversely related to the distance between two fireflies. This relationship is commonly modelled using an exponential function:

$\beta \left( r \right)={{\beta }_{0}}{{e}^{-\gamma {{r}^{2}}}}$    (13)

where, ${{\beta }_{0}}$ is the attractiveness at the origin (when r = 0), $\gamma $ is the absorption coefficient controls the rate of decrease of attractiveness with distance. r is the distance between the two fireflies.

Distance between fireflies: The distance between two fireflies in the search space is typically calculated using the Euclidean distance:

$r=\left\|i_x-i_y\right\|=\sqrt{\sum_{k=1}^d\left(i_{x, k}-i_{y, k}\right)^2}$     (14)

where, ${{i}_{x}}$ and ${{i}_{y}}$ are the positions of two fireflies x and y. d is the dimension of the problem (number of variables). ${{i}_{x,k}}$ and ${{i}_{y,k}}$ are the k-th coordinates of fireflies x and y.

Randomization: The random movement of fireflies adds diversity to the population and helps in avoiding premature convergence. The randomization is modeled as:

${{i}_{x}}\left( t+1 \right)={{i}_{x}}\left( t \right)+\alpha .{{\epsilon }_{x}}\left( t \right)$    (15)

where, a is the randomization parameter and ${{\epsilon }_{x}}\left( t \right)$ is a random vector, typically uniformly distributed in the range [-1, 1].

FOA is a population-based optimization technique inspired by nature can be used for solving complex optimization problems. The algorithm's behaviour is governed by attraction towards brighter fireflies and random movements.

Figure 6 illustrates how multimedia information from sensor node N1 is sent to sensor node N5 which is chosen using the FOA method (i.e., the proposed FRO method chooses "N5" as the resource-optimized sensor node out of sensor nodes N2, N3, and N5). Until the mixed-media information arrives successfully at the target node "N12" this procedure is continued. As can be seen in Figure 6, the resource-optimized route paths N1, N5, F8, and N12 have been chosen. As a result, proposed FOA approach attain greater throughput. The FOA for secure CPS in 5G-enabled IoT networks algorithm is as follows.

6.png

Figure 6. Resource optimized route path using FOA algorithm

In 5G-enabled IoT systems, the FOA is intended to enhance the safety, detection of intrusions, and optimization of resources of CPS. By adding adaptive mobility, dynamic light level updates, and an improved mutation process to avoid local optima capture, it outperforms the existing Firefly Algorithm (FA). Notations used in proposed algorithm is shown in Table 3.

Table 3. Notations

Step 1: Initialization

Step 1.1: Initialize the firefly population $F=\left\{ {{I}_{1}},{{I}_{2}},\ldots ,{{I}_{N}} \right\}$ randomly in the security parameter space.

Step 1.2: Assign light intensity ${{X}_{x}}$ for each firefly based on its fitness:

${{X}_{x}}=\text{Fitness}\left( {{\text{I}}_{x}} \right)$    (16)

where the multi-objective fitness function is:

$Fitness\left( {{\text{I}}_{x}} \right)={{w}_{1}}S+{{w}_{2}}\left( 1/R \right)+{{w}_{3}}\left( 1/L \right)$    (17)

Ensuring higher security score S. improved resource efficiency R. and lower latency L.

Step 2: Firefly movement (attraction-based optimization)

Each firefly moves toward a brighter firefly ${{I}_{y}}$ using:

${{I}_{x}}={{I}_{x}}+\beta {{e}^{-\gamma d_{xy}^{2}}}\left( {{I}_{y}}-{{I}_{x}} \right)+\alpha \left( rand-0.5 \right)$    (18)

where, $\beta ={{\beta }_{0}}{{e}^{-\gamma d_{xy}^{2}}}$ is the attractiveness function that decreases with distance; ${{d}_{xy}}={{I}_{x}}-{{I}_{y}}_{2}$ the Euclidean distance between fireflies; $\alpha \left( rand-0.5 \right)$ introduces randomness for exploration.

Step 3: Adaptive mutation for exploration

To prevent premature convergence, apply an adaptive mutation:

$I_{x}^{new}={{I}_{x}}+\mu \left( rand-0.5 \right)$    (19)

where mutation rate $\mu $ is dynamically adjusted:

$\mu ={{\mu }_{max}}\times \left( 1-\frac{t}{T} \right)$    (20)

where, ${{\mu }_{max}}$ is the initial mutation rate; t is the current iteration; T is the maximum number of iterations. This strategy reduces mutation over time, ensuring better convergence.

Step 4: Update light intensity (fitness re-evaluation)

Step 4.1: Compute new security configurations and update fitness:

$X_{x}^{new}=Fitness\left( I_{x}^{new} \right)$    (21)

Step 4.2: Replace weaker fireflies if $I_{x}^{new}>{{X}_{x}}$.

Step 5: Termination criteria

Repeat Steps 2-4 until:

The maximum number of iterations T is reached.

The fitness value converges to an optimal solution.

Step 6: Deploy optimized security parameters

Use the best firefly configuration X teat in the CPS-IoT system for simulated data security adaptation.

By expanding on the existing Firefly Algorithm (FA), the FOA improves the safety and efficiency of resources in CPS within 5G-enabled IoT networks. Existing approaches find it difficult to handle the safety risks, resource limitations, and requirements for simulated data adaptability that CPS encounters in these settings. To avoid early convergence and optimal local capture, FOA dynamically improves security settings using a flexible mutation system, increased attraction functioning, and an adaptable mobility approach. A multi-objective function that balances latency reduction, effectiveness of resources, and detection of intrusion precision determines the fitness of each firefly, thereby representing a possible safety setup. Fireflies use an adaptive attraction function that takes safety efficacy and range into account as they migrate toward better solutions. The optimal firefly arrangement is implemented in the 5G-enabled CPS-IoT system for simulated data safety enhancement after the fitness values are repeatedly updated. FOA is ideally suited for extensive IoT and CPS deployments because it increases safety resiliency, lowers computing overhead, and guarantees scalability and effective safety adaptability.