DAICS: A Deep Learning Solution for Anomaly Detection in Industrial Control Systems
Maged Abdelaty, Roberto Doriguzzi-Corin, Domenico Siracusa
TL;DR
DAICS is a deep learning framework designed for anomaly detection in industrial control systems that adapts to evolving system behaviors, reducing false alarms and maintaining high detection accuracy without human intervention.
Contribution
The paper introduces DAICS, a modular deep learning approach with a 2-branch neural network and automatic threshold tuning for effective anomaly detection in dynamic ICS environments.
Findings
Higher detection rate and accuracy compared to existing methods
Increased robustness to additive noise
Effective adaptation to system behavior changes with minimal data
Abstract
Deep Learning is emerging as an effective technique to detect sophisticated cyber-attacks targeting Industrial Control Systems (ICSs). The conventional approach to detection in literature is to learn the "normal" behaviour of the system, to be then able to label noteworthy deviations from it as anomalies. However, during operations, ICSs inevitably and continuously evolve their behaviour, due to e.g., replacement of devices, workflow modifications, or other reasons. As a consequence, the accuracy of the anomaly detection process may be dramatically affected with a considerable amount of false alarms being generated. This paper presents DAICS, a novel deep learning framework with a modular design to fit in large ICSs. The key component of the framework is a 2-branch neural network that learns the changes in the ICS behaviour with a small number of data samples and a few gradient updates.…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.