Loading [MathJax]/extensions/MathZoom.js
Detecting Anomalies in Industrial Control Systems with LSTM Neural Networks and UEBA | IEEE Conference Publication | IEEE Xplore
Subscribe
ADVANCED SEARCH
Conferences >2023 JNIC Cybersecurity Confe...

Detecting Anomalies in Industrial Control Systems with LSTM Neural Networks and UEBA

PDF
Camilo Piñón-Blanco; Fabián Otero-Vázquez; Ines Ortega-Fernandez; Marta Sestelo
All Authors

Abstract:

The increasing adoption of the Industrial Internet of Things and integration of operational technology with information technology networks have made industrial control s...Show More

Metadata

Abstract:

The increasing adoption of the Industrial Internet of Things and integration of operational technology with information technology networks have made industrial control systems (ICS) more vulnerable to cyber-attacks, which can cause severe consequences such as disruption of critical infrastructure, loss of data, and significant financial losses. To enhance the security and resilience of these systems, anomaly detection in ICS has gained significant attention in recent years. This paper introduces ongoing research focused on using Long Short-Term Memory (LSTM) neural networks for forecasting and subsequent anomaly detection over device logs. This approach involves User and Entity Behaviour Analytics (UEBA) to analyze and define entities of interest from a real industrial plant and extract a baseline behaviour model through features that are fed into the LSTM model for predicting future events and detecting anomalies. The proposed solution has the potential to provide real-time detection of cyber and physical threats, thereby enhancing the security and resilience of industrial control systems.
Published in: 2023 JNIC Cybersecurity Conference (JNIC)
Date of Conference: 21-23 June 2023
Date Added to IEEE Xplore: 07 August 2023
ISBN Information:
DOI: 10.23919/JNIC58574.2023.10205609
Conference Location: Vigo, Spain

Funding Agency:

No metrics found for this document.
Contents

I. Introduction

In the past decade, there has been a significant increase in security and safety incidents in industrial environments and critical infrastructure. Some of these incidents have led to devastating consequences, such as the Stuxnet (2010) [1] computer worm’s takeover of several Programmable Logic Controller (PLCs), resulting in the destruction of centrifuge tubes at a uranium enrichment plant in Iran. Malware attacks like BlackEnergy (2015) [2] and Industroyer (2016) [3] on Ukrainian power grids caused outages that affected thousands of users. These events highlight the vulnerability of critical infrastructures to cyber-attacks, as well as the need for effective means of detecting spurious behaviour that may represent the first signs of a threat.

Usage
Select a Year
2025

View as

Total usage sinceAug 2023:296
05101520JanFebMarAprMayJunJulAugSepOctNovDec9160000000000
Year Total:25
Data is updated monthly. Usage includes PDF downloads and HTML views.
Citations
2
Crossref®
Search for
Citations in
Google Scholar®
Contact IEEE to Subscribe
More Like This
Prediction Method of Real-time System Task Flow of Aviation Equipment Based on Wavelet Neural Network

2022 IEEE 10th Joint International Information Technology and Artificial Intelligence Conference (ITAIC)

Published: 2022

A real-time system based on a neural network model to control hexacopter trajectories

2014 International Symposium on Power Electronics, Electrical Drives, Automation and Motion

Published: 2014

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.