Anomaly Detection for Industrial Control Systems Using Sequence-to-Sequence Neural Networks
This addresses security monitoring for industrial control systems, but it is incremental as it adapts existing neural network methods to a specific domain.
The study tackled anomaly detection in industrial control systems by applying sequence-to-sequence neural networks to time-series operational data, achieving detection of 29 out of 36 attacks and 25 out of 53 attack points.
This study proposes an anomaly detection method for operational data of industrial control systems (ICSs). Sequence-to-sequence neural networks were applied to train and predict ICS operational data and interpret their time-series characteristic. The proposed method requires only a normal dataset to understand ICS's normal state and detect outliers. This method was evaluated with SWaT (secure water treatment) dataset, and 29 out of 36 attacks were detected. The reported method also detects the attack points, and 25 out of 53 points were detected. This study provides a detailed analysis of false positives and false negatives of the experimental results.