Abstract Anomaly detection in industrial control and cyber-physical systems has gained much attention over the past years due to increasing modernisation exposure of environments. Current dangers connected industry include theft intellectual property, denial service, or compromise cloud components; all which might result a cyber-attack across operational network. However, most scientific work employs device logs, necessitate substantial understanding preprocessing before they can be used anomaly detection. In this paper, we propose network intrusion system (NIDS) architecture based on deep autoencoder trained flow data, advantage not requiring prior knowledge topology its underlying architecture. Experimental results show that proposed model detect anomalies, caused by distributed service attacks, providing high rate low false alarms, outperforming state-of-the-art baseline an unsupervised learning environment. Furthermore, abnormal behaviour legitimate devices after attack. We also demonstrate suitability NIDS real plant from alimentary sector, analysing positive viability data generation, filtering procedure for near time scenario. The suggested is low-cost solution uses only fifteen network-based features, requires minimal processing, operates mode, straightforward deploy real-world scenarios.

Load

Load