Description
The detrimental effect of cyber attacks on health, economy, and environment reached a new level with the development and expansion of industrial control systems. Anomaly detection became one of the vital components in such systems to prevent harm. Although signature-based anomaly detectors have managed to mitigate the risk to some extent, they remain susceptible to zero-day attacks. To overcome this, various machine learning- based anomaly detectors have been introduced. However, the lack of labeled training data creates challenges for predictive machine learning models. In this thesis, two state-of-the-art GAN-based anomaly detectors, TadGAN and MADGAN, are used as a starting point to implement a new multivariate reconstruction-based anomaly detector. In addition, the window size and various data preprocessing steps are analyzed and tested with the aforesaid anomaly detector. The tests are conducted with the SWaT dataset which is collected from a complex six-stage secure water treatment system. The results are examined and compared with two other multivariate reconstruction- based anomaly detectors, MADGAN and GAN-AD, as the benchmark.
|