Adaptive Anomaly Detection System Based on Machine Learning Algorithms in an Industrial Control Environment

Abstract Technology has become an integral part of contemporary society. The current transition from an industrial society to an information society is accompanied by the implementation of new technologies in every part of human activity. Increasing pressure to apply ICT in critical infrastructure resulted in the creation of new vulnerabilities. Traditional safety approaches are ineffective in a considerable number of cases. Therefore, machine learning another evolutionary step that provides robust solutions for extensive and sophisticated systems. The article focuses on cybersecurity research for industrial control systems that are widely used in the field of critical information infrastructure. Moreover, cybernetic protection for industrial control systems is one of the most important security types for a modern state. We present an adaptive solution for defense against cyber-attacks, which also consider the specifics of the industrial control systems environment. Moreover, the experiments are based on four machine learning algorithms (artificial neural network, recurrent neural network LSTM, isolation forest, and algorithm OCSVM). The proposed anomaly detection system utilizes multiple techniques and processes as preprocessing techniques, optimization techniques, and processes required for result interpretation. These procedures allow the creation of an adaptable and robust system that meets the need for industrial control systems.