Analyzing anomalies in industrial networks: A data-driven approach to enhance security in manufacturing processes

článek v časopise ve Web of Science, Jimp

angličtina

Industrial networks are adapted to their specific requirements, especially in terms of industrial processes. To ensure sufficient security in these networks, it is necessary to set and use security policies that complement government regulations, recommendations, and relevant security standards. This paper aims to provide an in-depth analysis of the anomalies occurring within the networks and propose a structure for collecting valuable data from the experimental site based on dividing anomalies into three main categories: security, operational, and service anomalies (and regular traffic recognition). We present a proof-of-concept solution/design aggregating data in industrial networks for advanced anomaly classification. Multiple data sources such as industrial communication, sensor data (additional sensors controlling device behavior), and HW status data are used as data sources. A total of three scenarios (using a physical testbed) were implemented, where we achieved an accuracy of 0.8541/0.9972 in advanced anomaly classification.

Neural networks (NN); Anomaly; Anomaly classification; Sensory data; Cybersecurity; Industrial Control System (ICS); Operational Technology (OT)

KUCHAŘ, K.; FUJDIAK, R.

28. 2. 2025

0167-4048

COMPUTERS & SECURITY

153

June 2025

Spojené království Velké Británie a Severního Irska

1

15

15

https://www.sciencedirect.com/science/article/pii/S0167404825000847?utm_campaign=STMJ_219742_AUTH_SERV_PA&utm_medium=email&utm_acid=277298152&SIS_ID=&dgcid=STMJ_219742_AUTH_SERV_PA&CMX_ID=&utm_in=DM547969&utm_source=AC_