Skip to main content
SpringerLink
Log in

Comparative analysis of dimensionality reduction techniques for cybersecurity in the SWaT dataset

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

The Internet of Things (IoT) has revolutionized the functionality and efficiency of distributed cyber-physical systems, such as city-wide water treatment systems. However, the increased connectivity also exposes these systems to cybersecurity threats. This research presents a novel approach for securing the Secure Water Treatment (SWaT) dataset using a 1D Convolutional Neural Network (CNN) model enhanced with a Gated Recurrent Unit (GRU). The proposed method outperforms existing methods by achieving 99.68% accuracy and an F1 score of 98.69%. Additionally, the paper explores dimensionality reduction methods, including Autoencoders, Generalized Eigenvalue Decomposition (GED), and Principal Component Analysis (PCA). The research findings highlight the importance of balancing dimensionality reduction with the need for accurate intrusion detection. It is found that PCA provided better performance compared to the other techniques, as reducing the input dimension by 90.2% resulted in only a 2.8% and 2.6% decrease in the accuracy and F1 score, respectively. This study contributes to the field by addressing the critical need for robust cybersecurity measures in IoT-enabled water treatment systems, while also considering the practical trade-off between dimensionality reduction and intrusion detection accuracy.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Abrams M, Weiss J (2008) Malicious control system cyber security attack case study-maroochy water services. The MITRE Corporation, McLean

    Google Scholar 

  2. David K (2013) The real story of stuxnet. IEEE Spect 50(3):48–53

    Article  Google Scholar 

  3. Case DU (2016) Analysis of the cyber attack on the Ukrainian power grid. Electr Inform Shar Anal Center 388:1–29

    Google Scholar 

  4. Kovacs E (2023) Industrial systems at risk of wannacry ransomware attacks, https://www.securityweek.com/industrial-systems-risk-wannacry-ansomware-attacks, accessed: 2023-01-11

  5. Electric S (2023) Important security notification security notification-wannacry ransomware attack, https://www.se.com/ww/en/download/document/SEVD-2017-135-01/, accessed: 2023-06-02

  6. Di Pinto A, Dragoni Y, Carcano A (2018) Triton: the first ICS cyber attack on safety instrument systems. In: Proc. Black Hat USA, Vol. 2018, pp 1–26

  7. Kovacs E (2023) Triton is the world’s most murderous malware, and it’s spreading - MIT technology review, https://www.technologyreview.com/2019/03/05/103328/cybersecurity-critical-infrastructure-triton-malware, accessed: 2023-06-02

  8. Adepu S, Mathur A (2018) Distributed attack detection in a water treatment plant: method and case study. IEEE Trans Dependable Secure Comput 18(1):86–99

    Article  Google Scholar 

  9. Das TK, Adepu S, Zhou J (2020) Anomaly detection in industrial control systems using logical analysis of data. Comput Secur 96:101935

    Article  Google Scholar 

  10. Gold D (2023) Is signature- and rule-based intrusion detection sufficient?, https://www.csoonline.com/article/3181279/is-478signature- and-rule-based-intrusion-detection-sufficient.html, accessed: 2023-02-28

  11. Al-Dhaheri M, Zhang P, Mikhaylenko D (2022) Detection of cyber attacks on a water treatment process. IFAC-PapersOnLine 55(6):667–672

    Article  Google Scholar 

  12. Boateng EA, Bruce J, Talbert DA (2022) Anomaly detection for a water treatment system based on one-class neural network. IEEE Access 10:115179–115191

    Article  Google Scholar 

  13. Kravchik M, Shabtai A (2018) Detecting cyber attacks in industrial control systems using convolutional neural networks. In: Proceedings of the 2018 workshop on cyber-physical systems security and privacy, pp 72–83

  14. Xie X, Wang B, Wan T, Tang W (2020) Multivariate abnormal detection for industrial control systems using 1D CNN and GRU. IEEE Access 8:88348–88359

    Article  Google Scholar 

  15. Goh J, Adepu S, Tan M, Lee ZS (2017) Anomaly detection in cyber physical systems using recurrent neural networks, In: 2017 IEEE 18th international symposium on high assurance systems engineering (HASE). IEEE 140–145

  16. Zhou L, Zeng Q, Li B (2022) Hybrid anomaly detection via multihead dynamic graph attention networks for multivariate time series. IEEE Access 10:40967–40978

    Article  Google Scholar 

  17. Nedeljkovic D, Jakovljevic Z (2022) CNN based method for the development of cyber-attacks detection algorithms in industrial control systems. Comput Secur 114:102585

    Article  Google Scholar 

  18. Sung DCL, MR GR, Mathur AP (2022) Design-knowledge in learning plant dynamics for detecting process anomalies in water treatment plants

  19. Li Z, Duan M, Xiao B, Yang S (2022) A novel anomaly detection method for digital twin data using deconvolution operation with attention mechanism, IEEE Trans Indust Inform

  20. Alimi OA, Ouahada K, Abu-Mahfouz AM, Rimer S, Alimi KOA (2022) Supervised learning based intrusion detection for scada systems. In: 2022 IEEE Nigeria 4th International Conference on Disruptive Technologies for Sustainable Development (NIGERCON), IEEE, pp 1–5

  21. Krithivasan K, Pravinraj VSSS (2020) Detection of cyberattacks in industrial control systems using enhanced principal component analysis and hypergraph-based convolution neural network (epca-hg-cnn). IEEE Trans Indust Appl 56(4):4394–4404

    Article  Google Scholar 

  22. Elnour M, Meskin N, Khan K, Jain R (2020) A dual-isolation-forests-based attack detection framework for industrial control systems. IEEE Access 8:36639–36651

    Article  Google Scholar 

  23. Yazdinejad A, Kazemi M, Parizi RM, Dehghantanha A, Karimipour H (2023) An ensemble deep learning model for cyber threat hunting in industrial internet of things. Digital Commun Netw 9(1):101–110

    Article  Google Scholar 

  24. iTrust Laboratory, Secure water treatment (swat), https://itrust.sutd.edu.sg/itrust-labs_datasets/#SWaT, accessed: 2023-01-11

  25. Kravchik M, Shabtai A (2019) Efficient cyber attacks detection in industrial control systems using lightweight neural networks. arXiv preprint arXiv:1907.01216

  26. Macas M, Wu C (2019) An unsupervised framework for anomaly detection in a water treatment system. In: (2019) 18th IEEE International Conference on Machine Learning and Applications (ICMLA). IEEE, pp 1298–1305

Download references

Author information

Authors and Affiliations

  1. Electrical and Electronics Engineering Department, Abdullah Gul University, Kayseri, Turkey

    Mehmet Bozdal

  2. Electrical and Electronics Engineering Department, Bandirma Onyedi Eylul University, Balikesir, Turkey

    Kadir Ileri

  3. Electronics and Communication Engineering Department, Istanbul Technical University, Istanbul, Turkey

    Ali Ozkahraman

Authors
  1. Mehmet Bozdal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kadir Ileri
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ali Ozkahraman
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All authors wrote the main manuscript text and reviewed the manuscript. All authors contributed equally to this work.

Corresponding author

Correspondence to Kadir Ileri.

Ethics declarations

Conflict of interest

The authors declare no competing interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bozdal, M., Ileri, K. & Ozkahraman, A. Comparative analysis of dimensionality reduction techniques for cybersecurity in the SWaT dataset. J Supercomput 80, 1059–1079 (2024). https://doi.org/10.1007/s11227-023-05511-w

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-023-05511-w

Keywords

Search

Navigation