Attack Pattern Mining to Discover Hidden Threats to Industrial Control Systems

Muhammad Azmi Umer; Chuadhry Mujeeb Ahmed; Aditya Mathur; Muhammad Taha Jilani

arXiv:2508.04561·cs.CR·August 7, 2025

Attack Pattern Mining to Discover Hidden Threats to Industrial Control Systems

Muhammad Azmi Umer, Chuadhry Mujeeb Ahmed, Aditya Mathur, Muhammad Taha Jilani

PDF

TL;DR

This paper presents a data-driven method for generating and validating a large set of attack patterns to improve security assessment of Industrial Control Systems, demonstrated through a case study on a water treatment plant.

Contribution

It introduces a novel technique to generate extensive attack patterns from real operational data for ICS security analysis.

Findings

01

Generated over 100,000 attack patterns from real data

02

Validated attack patterns through a detailed case study

03

Enhanced understanding of potential threats in ICS environments

Abstract

This work focuses on validation of attack pattern mining in the context of Industrial Control System (ICS) security. A comprehensive security assessment of an ICS requires generating a large and variety of attack patterns. For this purpose we have proposed a data driven technique to generate attack patterns for an ICS. The proposed technique has been used to generate over 100,000 attack patterns from data gathered from an operational water treatment plant. In this work we present a detailed case study to validate the attack patterns.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.