Document Type : Research Article


1 Information Systems and Security Lab, Department of Electrical Engineering, Sharif University of Technology, Tehran, Iran

2 Electronics Research Institute, Sharif University of Technology, Tehran, Iran


Industrial control systems are widely used in industrial sectors and critical infrastructures to monitor and control industrial processes. Recently, the security of industrial control systems has attracted a lot of attention, because these systems are now increasingly interacting with the Internet. Classic systems are suffering from many security problems and with the expansion
of Internet connectivity, they are now exposed to new types of threats and cyber-attacks. Addressing this, intrusion detection technology is one of the most important security solutions that is used in industrial control systems to identify
potential attacks and malicious activities. In this paper, we propose Stacked Autoencoder-Deep Neural Network (SAE-DNN), as a semi-supervised Intrusion Detection System (IDS) with appropriate performance and applicability on a wide range of Cyber-Physical Systems (CPSs). The proposed approach comprises a stacked autoencoder, a deep learning-based feature extractor, helping us with a low dimension and low noise representation of data. In addition, our system includes a deep neural network (DNN)-based classifier, which is used to detect anomalies with a high detection rate and low false positive rate in a real-time process. The SAE-DNN’s performance is evaluated on the WADI dataset, which is a real testbed for a water distribution system. The results indicate the superior performance of our approach over existing supervised and unsupervised methods while using a few percentages of labeled data.


[1] V. R. P. G. M. A. M. Sridhar Adepu, ”Investigation of Cyber Attacks on a Water Distribution System,” International Conference on Applied Cryptography and Network Security, Springer, p. pp 274–291, 2020.
[2] S. M. Adepu, ”Introducing Cyber Security at the Design Stage of Public Infrastructures: A Procedure and Case Study,” Complex Systems Design & Management Asia. Advances in Intelligent Systems and Computing, pp. pp 75-94, 2016.
[3] V. R. P. Ahmed Chuadhry Mujeeb and A. P.Mathur, “Wadi: A water distribution testbed for research in the design of secure cyber physical systems,” in In Proceedings of the 3rd International Workshop on Cyber-Physical Systems for Smart Water Networks. ACM, 2017, pp. 25–28.
[4] Y. M. W. A. M. B. C. P. Hakan Kayan, ”AnoML- IoT: An End to End Re-configurable Multiprotocol Anomaly Detection Pipeline for Internet of Things,” Internet of Things; Engineering Cyber Physical Human Systems, vol. 16, 2021.
[5] D. C. L. S. ,. B. J. J. G. S.-K. N. Dan Li, ”MADGAN: Multivariate Anomaly Detection for Time Series Data with Generative Adversarial Networks,” Springer, p. pp 703–716, 2019.
[6] G. K. D. R. C. A. G. S. D. M. C. Z. Paulo Freitas de Araujo-Filho, ”Intrusion Detection for CyberPhysical Systems using Generative Adversarial Networks in Fog Environment,” IEEE Internet of Things Journal, pp. 6247 - 6256, 2020.
[7] J. W. S. Z. XUEQIN ZHANG, ”Dual Generative Adversarial Networks Based Unknown Encryption Ransomware Attack Detection,” IEEE Access, pp. 2169-3536, 2021.
[8] M.ELNOUR, N.MESKIN , KH.KHAN, AND R.JAIN, “A Dual-Isolation-Forests-Based Attack Detection Framework for Industrial Control Systems”, IEEE Access. 2020.
[9] A.Alsaedi, M.Redowan, Z.Tari and N.Moustafa, “USMD: Unsupervised Misbehaviour Detection for Multi-Sensor Data”, IEEE Transactions on Dependable and Secure Computing · January 2022.
[10] M.Shahid, C.Ahmed, V.Palleti and J.Zhou, “Curse of System Complexity and Virtue of Operational Invariants: Machine Learning based System Modeling and Attack Detection in CPS”, IEEE Conference on Dependable and Secure Computing (DSC) (pp. 1-8). IEEE.2022.
[11] F. F. R. S. Paola Perrone, ”Machine Learning for Threat Recognition in Critical Cyber-Physical Systems,” IEEE International Conference on Cyber Security and Resilience IEEE , 2021.
[12] L. M. D. M. S. A. R. Z. M. G. Tuan A Tang, ”Deep Learning Approach for Network Intrusion Detection in Software Defined Networking,” International Conference on Wireless Networks and Mobile Communications (WINCOM), 2016.
[13] S. Flores, ”Variational Autoencoders are Beautiful,” 15 April 2019. [Online]. Available: