Securing Critical Infrastructure: A Denoising Data-Driven Approach for Intrusion Detection in ICS Network

The centralized and vulnerable nature of the industrial control system (ICS) communication network makes it an attractive target for malicious actors aiming to infiltrate and exploit vulnerabilities. These threat actors seek to cause disruptions, compromise sensitive data, and potentially sabotage critical industrial processes. Existing methods for threat detection assume an ideal scenario where there exists no noise/disturbance to threat detection and classification, neglecting to account for the inherent noise and complexity present in real-world industrial processing environments. In reality, the deployment of these models may introduce performance degradation leading to sub-optimal model performance. In response to the identified issue, this study presents a security framework that proactively addresses the challenges posed by noise and provides a robust mechanism for detecting malicious activities from routine industrial network operations. The proposed framework can be deployed at the supervision network segment of ICS to analyze incoming network traffic signals, to effectively distinguish an attack from normal operation amdist noise. Our proposed approach undergoes experimental simulations to validate its effectiveness, and is compared with state-of-the-art based on key performance metrics. Simulation results show that our approach is robust in reconstructing noisy traffic signals with a minimal mean square error of 0.12 and an overall accuracy of 99.6%, outperforming existing methods.