Federated-SRUs: A Federated-Simple-Recurrent-Units-Based IDS for Accurate Detection of Cyber Attacks Against IoT-Augmented Industrial Control Systems

Abstract

The security of Industrial Control Systems (ICS) against cyber-attacks is essential in modern era since ICSs are vital constituent of modern societies and smart cities. However, the augmentation of legacy ICS networks with smart computing and networking technologies (such as, IoT) have intensely enlarged the surface of attacks against these critical infrastructures. This augmentation makes these networks more vulnerable to cyber-attacks and despite the current security solutions, attackers still find ways to proliferate these networks. Intrusion Detection System (IDS) is one of the key security aspect to prevent these networks from contemporary cyber-attacks. Therefore, this paper proposes a new IDS model named Federated-SRUs (simple recurrent units) for the security of IoT-based ICSs. Specifically, the Federated-SRUs IDS model uses an improved simple recurrent units architecture to reduce computational cost and alleviate the gradient vanishing issue in recurrent networks. Then, it performs data aggregation through several communication rounds in federated architecture which allows multiple ICS networks and stakeholders to build a comprehensive IDS model in a privacy-preserving manner. The performance of Federated-SRUs IDS model is validated through experiments using real-world gas pipeline-based ICS network data, which indicates that it is able to accurately detect intrusions in real-time without compromising privacy and security. Experiments also verify that the Federated-SRUs model outperforms existing state-of-the-art approaches and thus can serve as a viable IDS method in IoT-based ICS networks.