| Unsupervised Deep Autoencoder for Multivariate Cyber-Attack Detection in Industrial Cyber-Physical Systems |
| Paper ID : 1096-ICEEM2025 (R1) |
| Authors |
|
Mohamed Salah Elhabasha * Faculty of Electronic Engineering, Menoufia University, Egypt |
| Abstract |
| Cyber-attacks on Operational Technology (OT) environments have emerged as a pressing concern due to the increasing deployment of Cyber–Physical Systems (CPSs) in critical infrastructure. These systems, widely used in sectors such as oil and gas, smart grids, and water treatment, are becoming more vulnerable to sophisticated cyber threats. Ensuring accurate and timely detection of such attacks is essential for preserving system integrity, reducing operational disruptions, and safeguarding human and environmental well-being. This paper proposes an unsupervised multivariate attack detection approach for CPSs using an Autoencoder-based deep learning model. The method requires no labeled data, making it highly applicable in real-world industrial environments where annotated datasets are scarce. To evaluate the effectiveness of the approach, we conduct extensive experiments on the Secure Water Treatment (SWaT) testbed—developed by iTrust at the Singapore University of Technology and Design—a fully operational, scaled-down water treatment facility designed for cybersecurity research. We further investigate the role of adaptive threshold tuning algorithms in enhancing detection performance. Results demonstrate improved accuracy and robustness in identifying cyber-attacks under complex operational conditions. |
| Keywords |
| Cybersecurity, Operational Technology, Industrial Cyber-Physical Systems, Autoencoders |
| Status: Accepted |