Description
The detrimental effect of cyber attacks on health, economy, and environment reached a
new level with the development and expansion of industrial control systems. Anomaly
detection became one of the vital components in such systems to prevent harm. Although
signature-based anomaly detectors have managed to mitigate the risk to some extent,
they remain susceptible to zero-day attacks. To overcome this, various machine learning-
based anomaly detectors have been introduced. However, the lack of labeled training
data creates challenges for predictive machine learning models.
In this thesis, two state-of-the-art GAN-based anomaly detectors, TadGAN and MADGAN,
are used as a starting point to implement a new multivariate reconstruction-based anomaly
detector. In addition, the window size and various data preprocessing steps are
analyzed and tested with the aforesaid anomaly detector. The tests are conducted with
the SWaT dataset which is collected from a complex six-stage secure water treatment
system. The results are examined and compared with two other multivariate reconstruction-
based anomaly detectors, MADGAN and GAN-AD, as the benchmark.
|
