Abstract
Industrial Control Systems (ICS) are evolving into smart environments with increased interconnectivity by being connected to the Internet. These changes increase the likelihood of security vulnerabilities and accidents. As the risk of cyberattacks on ICS has increased, various anomaly detection studies are being conducted to detect abnormal situations in industrial processes. However, anomaly detection in ICS suffers from numerous false alarms. When false alarms occur, multiple sensors need to be checked, which is impractical. In this study, when an anomaly is detected, sensors displaying abnormal behavior are visually presented through XAI-based analysis to support quick practical actions and operations. Anomaly Detection has designed and applied better anomaly detection technology than the first prize at HAICon2020, an ICS security threat detection AI contest hosted by the National Security Research Institute last year, and explains the anomalies detected in its model. To the best of our knowledge, our work is at the forefront of explainable anomaly detection research in ICS. Therefore, it is expected to increase the utilization of anomaly detection technology in ICS.
Highlights
An industrial control system (ICS) is a system that monitors and controls the state of geographically dispersed remote facilities for major national infrastructure providers, such as energy, gas, water, and traffic, in real time
If the anomaly score is higher than the threshold, it is predicted as an anomaly
WORK Industrial control systems have migrated from independent network infrastructures and have adopted information technology (IT) and Operational Technology (OT) technologies that are accessible through the Internet
Summary
An industrial control system (ICS) is a system that monitors and controls the state of geographically dispersed remote facilities for major national infrastructure providers, such as energy, gas, water, and traffic, in real time. The arrival of new technologies like Virtualization, Cloud Computing, Software Defined Networks, Big Data Analytics, IoT, Machine Learning, and Artificial Intelligence have led to immense improvement in industrial productivity and system functions. These changes increase the likelihood of cybersecurity vulnerabilities and incidents [1], [2]. A type of IDS, is a critical data analysis task that detects anomalies or abnormalities in a given dataset It is an interesting area of data mining research that involves identifying rare patterns that deviate from normal behavior. This costs a considerable amount of time and money. (3) Unknown anomalies: Various types of anomalies may occur rather than just a few known fixed forms
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have