Lightweight Long Short-Term Memory Variational Auto-Encoder for Multivariate Time Series Anomaly Detection in Industrial Control Systems

Lightweight Long Short-Term Memory Variational Auto-Encoder for Multivariate Time Series Anomaly Detection in Industrial Control Systems

Heterogeneous cyberattacks against industrial control systems (ICSs) have had a strong impact on the physical world in recent decades. Connecting devices to the internet enables new attack surfaces for attackers. The intrusion of ICSs, such as the manipulation of industrial sensory or actuator data,...

Full description

Bibliographic Details
Main Authors: Damer, N. (Author), Fährmann, D. (Author), Kirchbuchner, F. (Author), Kuijper, A. (Author)
Format: Article
Language:English
Published: MDPI 2022
Subjects:
anomaly detection
Anomaly detection
Auto encoders
Brain
Cyber security
Cyber-attacks
Encoder architecture
Industrial control systems
Long short-term memory
Multivariate time series
pattern recognition
Pattern recognition
Physical world
security
Security
System behaviors
Water supply systems
Water treatment
Online Access:View Fulltext in Publisher
LEADER 02734nam a2200397Ia 4500
001 0.3390-s22082886
008 220421s2022 CNT 000 0 und d
020 |a 14248220 (ISSN) 
245 1 0 |a Lightweight Long Short-Term Memory Variational Auto-Encoder for Multivariate Time Series Anomaly Detection in Industrial Control Systems 
260 0 |b MDPI  |c 2022 
856 |z View Fulltext in Publisher  |u https://doi.org/10.3390/s22082886 
520 3 |a Heterogeneous cyberattacks against industrial control systems (ICSs) have had a strong impact on the physical world in recent decades. Connecting devices to the internet enables new attack surfaces for attackers. The intrusion of ICSs, such as the manipulation of industrial sensory or actuator data, can be the cause for anomalous ICS behaviors. This poses a threat to the infrastructure that is critical for the operation of a modern city. Nowadays, the best techniques for detecting anomalies in ICSs are based on machine learning and, more recently, deep learning. Cybersecurity in ICSs is still an emerging field, and industrial datasets that can be used to develop anomaly detection techniques are rare. In this paper, we propose an unsupervised deep learning methodology for anomaly detection in ICSs, specifically, a lightweight long short-term memory variational auto-encoder (LW-LSTM-VAE) architecture. We successfully demonstrate our solution under two ICS applications, namely, water purification and water distribution plants. Our proposed method proves to be efficient in detecting anomalies in these applications and improves upon reconstruction-based anomaly detection methods presented in previous work. For example, we successfully detected 82.16% of the anomalies in the scenario of the widely used Secure Water Treatment (SWaT) benchmark. The deep learning architecture we propose has the added advantage of being extremely lightweight. © 2022 by the authors. Licensee MDPI, Basel, Switzerland. 
650 0 4 |a anomaly detection 
650 0 4 |a Anomaly detection 
650 0 4 |a Anomaly detection 
650 0 4 |a Auto encoders 
650 0 4 |a Brain 
650 0 4 |a Cyber security 
650 0 4 |a Cyber-attacks 
650 0 4 |a Encoder architecture 
650 0 4 |a Industrial control systems 
650 0 4 |a Long short-term memory 
650 0 4 |a Multivariate time series 
650 0 4 |a pattern recognition 
650 0 4 |a Pattern recognition 
650 0 4 |a Physical world 
650 0 4 |a security 
650 0 4 |a Security 
650 0 4 |a System behaviors 
650 0 4 |a Water supply systems 
650 0 4 |a Water treatment 
700 1 0 |a Damer, N.  |e author 
700 1 0 |a Fährmann, D.  |e author 
700 1 0 |a Kirchbuchner, F.  |e author 
700 1 0 |a Kuijper, A.  |e author 
773 |t Sensors 

Similar Items