Anomaly-Based Intrusion Detection in IIoT Networks Using Transformer Models

Abstract

With the increase of device connectivity in Industry 4.0, securing industrial networks to defend them against cyberattacks has become a primary concern. Motivated by the huge data generated by devices in industrial environments, artificial intelligence has emerged as a promising complement to traditional cybersecurity. In order to gain insight about the possibility of cyberattacks, we propose a novel methodology to analyze industrial network traffic in real time exploiting the sequence modelling capabilities of the transformer architecture, widely used by the GPT model family for sequential language generation. We demonstrate that our method provides state-of-the art performance with promising explainability potential.