An Efficient Anomaly Detection Method for Industrial Control Systems: Deep Convolutional Autoencoding Transformer Network

Abstract

Industrial control systems (ICSs), as critical national infrastructures, are increasingly susceptible to sophisticated security threats. To address this challenge, our study introduces the CAE-T, a deep convolutional autoencoding transformer network designed for efficient anomaly detection and real-time fault monitoring in ICS. The CAE-T utilizes unsupervised deep learning, employing a convolutional autoencoder for spatial feature extraction from multidimensional time-series data, and combines this with a transformer architecture to capture long-term temporal dependencies. The design of the model facilitates rapid training and inference, while its dual-component approach, utilizing an optimization function based on support vector data description (SVDD), enhances detection accuracy. This integration synergistically combines spatiotemporal feature extraction, significantly improving the robustness and precision of anomaly detection in ICS environments. The CAE-T model demonstrated notable performance enhancements across three industrial control system datasets. Notably, the CAE-T model achieved approximately a 70.8% increase in F1 score and a 9.2% rise in AUC on the WADI dataset. On the SWaT dataset, the model showed improvements of approximately 2.8% in F1 score and 5% in AUC. The power system dataset saw more modest gains, with an approximately 0.1% uptick in F1 score and a 1% increase in AUC. These improvements validate the CAE-T model’s efficacy and robustness in anomaly detection across various scenarios.