Abstract
The massive use of information technology has brought certain security risks to the industrial production process. In recent years, cyber-physical attacks against industrial control systems have occurred frequently. Anomaly detection technology is an essential technical means to ensure the safety of industrial control systems. Considering the shortcomings of traditional methods and to facilitate the timely analysis and location of anomalies, this study proposes a solution based on the deep learning method for industrial traffic anomaly detection and attack classification. We use a convolutional neural network deep learning representation model as the detection model. The original one-dimensional data are mapped using the feature mapping method to make them suitable for model processing. The deep learning method can automatically extract critical features and achieve accurate attack classification. We performed a model evaluation using real network attack data from a supervisory control and data acquisition (SCADA) system. The experimental results showed that the proposed method met the anomaly detection and attack classification needs of a SCADA system. The proposed method also promotes the application of deep learning methods in industrial anomaly detection.
Highlights
Industrial control systems (ICSs) play an important role in critical infrastructure sectors such as railway, petrochemical, and electricity
We propose a feature mapping method based on the Mahalanobis distance that transforms one-dimensional data into a two-dimensional matrix that can be used as convolutional neural network (CNN) input. e Mahalanobis distance takes into account the relationship between features, and there is a certain correlation between the features in an ICS
A proportion integrals differential (PID) controller was used to maintain the stability of the air pressure in the pipeline. e natural gas pipeline data set had a total of 27 features grouped into two classes: network traffic features and payload content features
Summary
Industrial control systems (ICSs) play an important role in critical infrastructure sectors such as railway, petrochemical, and electricity. The application of information technology has signi cantly improved production e ciency, it has resulted in many cyber-attacks to ICSs that may cause damage to the national infrastructure and bring about major economic losses [1]. In 2014, hackers attacked the ICSs in the energy eld of Europe and the United States using the Havex malicious software to speci cally target supervisory control and data acquisition (SCADA) systems [4]. In addition to these well-known industrial security incidents, hundreds of attacks against ICSs appear every year. There are fewer attacks on industrial systems than on the Internet, the damage caused by cyber-physical attacks cannot be ignored
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
