Incident-aware smart prioritization framework for penetration testing and prevention of URL-based cybersecurity attacks in industry 4.0 IoT networks

Nurlan Z. Gabdullayev D. Mukhametzhanova B. Zhakiyev N. Sonny I. Ala’anzy M.A. Ahmad Z. Amirgaliyev B.
December 2025 Nature Research

Scientific Reports
2025 #15 Issue 1

In the era of Industry 4.0, where IoT-enabled smart infrastructures are deeply integrated with digital automation, cybersecurity becomes a critical priority. The ubiquitous use of URLs (Uniform Resource Locators) as gateways to online services has introduced not only convenience but also increased exposure to cyber threats. URL-based cyberattacks pose significant risks to Industrial IoT (IIoT) networks, demanding intelligent and proactive security measures. This paper presents an incident-aware smart prioritization framework specifically designed for penetration testing and prevention of URL-based cybersecurity attacks targeting IoT network hosts in Industry 4.0 environments. The proposed approach begins with penetration testing and vulnerability analysis to identify threats across IIoT network hosts. Based on incident awareness, the framework then prioritizes detected threats and utilizes machine learning models for accurate threat classification and prevention. A dynamic threshold mechanism is introduced to enable real-time prevention, minimizing potential damage or loss. The framework evaluates the performance of three widely used machine learning models, Random Forest, Support Vector Machine (SVM), and XGBoost, for classifying malicious URLs. Experimental results indicate that Random Forest achieves the highest accuracy due to its ensemble learning capabilities. SVM demonstrates strong performance in maintaining a balance between precision and recall, while XGBoost, with its high recall rate, is effective in identifying true threats despite a marginally higher false positive rate. The proposed framework significantly enhances the resilience of Industry 4.0 infrastructures by enabling smarter and more targeted mitigation of URL-based cyber threats.

Artificial intelligence , Cybersecurity , Data analysis , Detection , Industrial internet of things , Industry 4.0 , Penetration testing , Prevention , Prioritization , Threats

Text of the article Перейти на текст статьи

Department of Computer Science, SDU University, Kaskelen, 040900, Kazakhstan
School of Digital Technologies, Narxoz University, Almaty, 050035, Kazakhstan
Al-Farabi Kazakh National University (KazNU named after al Farabi), Almaty, Kazakhstan
L. N. Gumilyov Eurasian National University, Astana, 010005, Kazakhstan
Astana IT University, Astana, Kazakhstan
Petroleum Engineering Department, Nazarbayev University, Astana, Kazakhstan
Department of Computer Science and Information Technology, Hazara University, Mansehra, 21300, Pakistan

Department of Computer Science
School of Digital Technologies
Al-Farabi Kazakh National University (KazNU named after al Farabi)
L. N. Gumilyov Eurasian National University
Astana IT University
Petroleum Engineering Department
Department of Computer Science and Information Technology

10 лет помогаем публиковать статьи Международный издатель

Книга Публикация научной статьи Волощук 2026 Book Publication of a scientific article 2026