IDEAS home Printed from https://ideas.repec.org/a/gam/jmathe/v10y2022i22p4373-d978689.html
   My bibliography  Save this article

Deep Learning-Based Cyber–Physical Feature Fusion for Anomaly Detection in Industrial Control Systems

Author

Listed:
  • Yan Du

    (Department of Network Engineering, Chengdu University of Information Technology, Chengdu 610225, China)

  • Yuanyuan Huang

    (Department of Network Engineering, Chengdu University of Information Technology, Chengdu 610225, China)

  • Guogen Wan

    (Department of Network Engineering, Chengdu University of Information Technology, Chengdu 610225, China)

  • Peilin He

    (Department of Informatics and Networked Systems, University of Pittsburgh, Pittsburgh, PA 15260, USA)

Abstract

In this paper, we propose an unsupervised anomaly detection method based on the Autoencoder with Long Short-Term Memory (LSTM-Autoencoder) network and Generative Adversarial Network (GAN) to detect anomalies in industrial control system (ICS) using cyber–physical fusion features. This method improves the recall of anomaly detection and overcomes the challenges of unbalanced datasets and insufficient labeled samples in ICS. As a first step, additional network features are extracted and fused with physical features to create a cyber–physical dataset. Following this, the model is trained using normal data to ensure that it can properly reconstruct the normal data. In the testing phase, samples with unknown labels are used as inputs to the model. The model will output an anomaly score for each sample, and whether a sample is anomalous depends on whether the anomaly score exceeds the threshold. Whether using supervised or unsupervised algorithms, experimentation has shown that (1) cyber–physical fusion features can significantly improve the performance of anomaly detection algorithms; (2) the proposed method outperforms several other unsupervised anomaly detection methods in terms of accuracy, recall, and F1 score; (3) the proposed method can detect the majority of anomalous events with a low false negative rate.

Suggested Citation

  • Yan Du & Yuanyuan Huang & Guogen Wan & Peilin He, 2022. "Deep Learning-Based Cyber–Physical Feature Fusion for Anomaly Detection in Industrial Control Systems," Mathematics, MDPI, vol. 10(22), pages 1-20, November.
    • Handle: RePEc:gam:jmathe:v:10:y:2022:i:22:p:4373-:d:978689
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2227-7390/10/22/4373/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/2227-7390/10/22/4373/
    Download Restriction: no
    ---><---

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jmathe:v:10:y:2022:i:22:p:4373-:d:978689. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.