Abstract
The Internet of Things (IoT) has revolutionized the functionality and efficiency of distributed cyber-physical systems, such as city-wide water treatment systems. However, the increased connectivity also exposes these systems to cybersecurity threats. This research presents a novel approach for securing the Secure Water Treatment (SWaT) dataset using a 1D Convolutional Neural Network (CNN) model enhanced with a Gated Recurrent Unit (GRU). The proposed method outperforms existing methods by achieving 99.68% accuracy and an F1 score of 98.69%. Additionally, the paper explores dimensionality reduction methods, including Autoencoders, Generalized Eigenvalue Decomposition (GED), and Principal Component Analysis (PCA). The research findings highlight the importance of balancing dimensionality reduction with the need for accurate intrusion detection. It is found that PCA provided better performance compared to the other techniques, as reducing the input dimension by 90.2% resulted in only a 2.8% and 2.6% decrease in the accuracy and F1 score, respectively. This study contributes to the field by addressing the critical need for robust cybersecurity measures in IoT-enabled water treatment systems, while also considering the practical trade-off between dimensionality reduction and intrusion detection accuracy.
Similar content being viewed by others
References
Abrams M, Weiss J (2008) Malicious control system cyber security attack case study-maroochy water services. The MITRE Corporation, McLean
David K (2013) The real story of stuxnet. IEEE Spect 50(3):48–53
Case DU (2016) Analysis of the cyber attack on the Ukrainian power grid. Electr Inform Shar Anal Center 388:1–29
Kovacs E (2023) Industrial systems at risk of wannacry ransomware attacks, https://www.securityweek.com/industrial-systems-risk-wannacry-ansomware-attacks, accessed: 2023-01-11
Electric S (2023) Important security notification security notification-wannacry ransomware attack, https://www.se.com/ww/en/download/document/SEVD-2017-135-01/, accessed: 2023-06-02
Di Pinto A, Dragoni Y, Carcano A (2018) Triton: the first ICS cyber attack on safety instrument systems. In: Proc. Black Hat USA, Vol. 2018, pp 1–26
Kovacs E (2023) Triton is the world’s most murderous malware, and it’s spreading - MIT technology review, https://www.technologyreview.com/2019/03/05/103328/cybersecurity-critical-infrastructure-triton-malware, accessed: 2023-06-02
Adepu S, Mathur A (2018) Distributed attack detection in a water treatment plant: method and case study. IEEE Trans Dependable Secure Comput 18(1):86–99
Das TK, Adepu S, Zhou J (2020) Anomaly detection in industrial control systems using logical analysis of data. Comput Secur 96:101935
Gold D (2023) Is signature- and rule-based intrusion detection sufficient?, https://www.csoonline.com/article/3181279/is-478signature- and-rule-based-intrusion-detection-sufficient.html, accessed: 2023-02-28
Al-Dhaheri M, Zhang P, Mikhaylenko D (2022) Detection of cyber attacks on a water treatment process. IFAC-PapersOnLine 55(6):667–672
Boateng EA, Bruce J, Talbert DA (2022) Anomaly detection for a water treatment system based on one-class neural network. IEEE Access 10:115179–115191
Kravchik M, Shabtai A (2018) Detecting cyber attacks in industrial control systems using convolutional neural networks. In: Proceedings of the 2018 workshop on cyber-physical systems security and privacy, pp 72–83
Xie X, Wang B, Wan T, Tang W (2020) Multivariate abnormal detection for industrial control systems using 1D CNN and GRU. IEEE Access 8:88348–88359
Goh J, Adepu S, Tan M, Lee ZS (2017) Anomaly detection in cyber physical systems using recurrent neural networks, In: 2017 IEEE 18th international symposium on high assurance systems engineering (HASE). IEEE 140–145
Zhou L, Zeng Q, Li B (2022) Hybrid anomaly detection via multihead dynamic graph attention networks for multivariate time series. IEEE Access 10:40967–40978
Nedeljkovic D, Jakovljevic Z (2022) CNN based method for the development of cyber-attacks detection algorithms in industrial control systems. Comput Secur 114:102585
Sung DCL, MR GR, Mathur AP (2022) Design-knowledge in learning plant dynamics for detecting process anomalies in water treatment plants
Li Z, Duan M, Xiao B, Yang S (2022) A novel anomaly detection method for digital twin data using deconvolution operation with attention mechanism, IEEE Trans Indust Inform
Alimi OA, Ouahada K, Abu-Mahfouz AM, Rimer S, Alimi KOA (2022) Supervised learning based intrusion detection for scada systems. In: 2022 IEEE Nigeria 4th International Conference on Disruptive Technologies for Sustainable Development (NIGERCON), IEEE, pp 1–5
Krithivasan K, Pravinraj VSSS (2020) Detection of cyberattacks in industrial control systems using enhanced principal component analysis and hypergraph-based convolution neural network (epca-hg-cnn). IEEE Trans Indust Appl 56(4):4394–4404
Elnour M, Meskin N, Khan K, Jain R (2020) A dual-isolation-forests-based attack detection framework for industrial control systems. IEEE Access 8:36639–36651
Yazdinejad A, Kazemi M, Parizi RM, Dehghantanha A, Karimipour H (2023) An ensemble deep learning model for cyber threat hunting in industrial internet of things. Digital Commun Netw 9(1):101–110
iTrust Laboratory, Secure water treatment (swat), https://itrust.sutd.edu.sg/itrust-labs_datasets/#SWaT, accessed: 2023-01-11
Kravchik M, Shabtai A (2019) Efficient cyber attacks detection in industrial control systems using lightweight neural networks. arXiv preprint arXiv:1907.01216
Macas M, Wu C (2019) An unsupervised framework for anomaly detection in a water treatment system. In: (2019) 18th IEEE International Conference on Machine Learning and Applications (ICMLA). IEEE, pp 1298–1305
Author information
Authors and Affiliations
Contributions
All authors wrote the main manuscript text and reviewed the manuscript. All authors contributed equally to this work.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare no competing interests.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Bozdal, M., Ileri, K. & Ozkahraman, A. Comparative analysis of dimensionality reduction techniques for cybersecurity in the SWaT dataset. J Supercomput 80, 1059–1079 (2024). https://doi.org/10.1007/s11227-023-05511-w
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-023-05511-w