Detecting Cyberattacks in Industrial Control Systems Using Convolutional Neural Networks

Moshe Kravchik, Asaf Shabtai

Research output: Working paper/PreprintPreprint

81 Downloads (Pure)


This paper presents a study on detecting cyberattacks on industrial control systems (ICS) using unsupervised deep neural networks, specifically, convolutional neural networks. The study was performed on a SecureWater Treatment testbed (SWaT) dataset, which represents a scaled-down version of a real-world industrial water treatment plant. e suggest a method for anomaly detection based on measuring the statistical deviation of the predicted value from the observed value.We applied the proposed method by using a variety of deep neural networks architectures including different variants of convolutional and recurrent networks. The test dataset from SWaT included 36 different cyberattacks. The proposed method successfully detects the vast majority of the attacks with a low false positive rate thus improving on previous works based on this data set. The results of the study show that 1D convolutional networks can be successfully applied to anomaly detection in industrial control systems and outperform more complex recurrent networks while being much smaller and faster to train.
Original languageEnglish GB
StatePublished - 1 Jun 2018


  • Computer Science - Cryptography and Security
  • Computer Science - Machine Learning


Dive into the research topics of 'Detecting Cyberattacks in Industrial Control Systems Using Convolutional Neural Networks'. Together they form a unique fingerprint.

Cite this