Deep Learning Anomaly Classification Using Multi-Attention Residual Blocks for Industrial Control Systems

Jehn Ruey Jiang, Yan Ting Lin

Research output: Contribution to journalArticlepeer-review

3 Scopus citations

Abstract

This paper proposes a novel method monitoring network packets to classify anomalies in industrial control systems (ICSs). The proposed method combines different mechanisms. It is flow-based as it obtains new features through aggregating packets of the same flow. It then builds a deep neural network (DNN) with multi-attention blocks for spotting core features, and with residual blocks for avoiding the gradient vanishing problem. The DNN is trained with the Ranger (RAdam + Lookahead) optimizer to prevent the training from being stuck in local minima, and with the focal loss to address the data imbalance problem. The Electra Modbus dataset is used to evaluate the performance impacts of different mechanisms on the proposed method. The proposed method is compared with related methods in terms of the precision, recall, and F1-score to show its superiority.

Original languageEnglish
Article number9084
JournalSensors (Switzerland)
Volume22
Issue number23
DOIs
StatePublished - Dec 2022

Keywords

  • anomaly classification
  • anomaly detection
  • deep learning
  • deep neural network
  • industrial control system
  • multi-attention block
  • residual block

Fingerprint

Dive into the research topics of 'Deep Learning Anomaly Classification Using Multi-Attention Residual Blocks for Industrial Control Systems'. Together they form a unique fingerprint.

Cite this