Abstract
Industrial control systems (ICS) are crucial for automating and optimizing industrial operations but are increasingly vulnerable to cyberattacks due to their interconnected nature. High-dimensional ICS datasets pose challenges for effective anomaly detection and classification. This study aims to enhance ICS security by improving attack detection through an optimized feature selection framework that balances dimensionality reduction and classification accuracy. The study utilizes the HAI dataset, comprising 54,000 time series records with 225 features representing normal and anomalous ICS behaviors. A hybrid feature selection approach integrating wrapper and filter methods was employed. Initially, a Genetic Algorithm (GA) identified 118 relevant features. Further refinement was conducted using filter-based methods—Symmetrical Uncertainty (SU), Information Gain (IG), and Gain Ratio (GR)—leading to a final subset of 104 optimal features. These features were used to train classification models (Naive Bayes (NB), Random Forest (RF), and Support Vector Machine (SVM)) with a 70:30 train-test split and tenfold cross-validation. The proposed feature selection method significantly improved classification accuracy, achieving 98.86% (NB), 99.91% (RF), and 97.97% (SVM). Compared to the full dataset (225 features), which yielded 97.51%, 99.93%, and 96.17%, respectively, our optimized feature subset maintained or enhanced classification performance while reducing computational complexity. This research demonstrates the effectiveness of a hybrid feature selection approach in improving ICS anomaly detection. By reducing feature dimensionality without compromising accuracy, the proposed method enhances ICS security, offering a scalable and efficient solution for real-time attack detection.
You have requested "on-the-fly" machine translation of selected content from our databases. This functionality is provided solely for your convenience and is in no way intended to replace human translation. Show full disclaimer
Neither ProQuest nor its licensors make any representations or warranties with respect to the translations. The translations are automatically generated "AS IS" and "AS AVAILABLE" and are not retained in our systems. PROQUEST AND ITS LICENSORS SPECIFICALLY DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES FOR AVAILABILITY, ACCURACY, TIMELINESS, COMPLETENESS, NON-INFRINGMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Your use of the translations is subject to all use restrictions contained in your Electronic Products License Agreement and by using the translation functionality you agree to forgo any and all claims against ProQuest or its licensors for your use of the translation functionality and any output derived there from. Hide full disclaimer
Details
1 Symbiosis Institute of Technology, Symbiosis International (Deemed University), Pune, India (GRID:grid.444681.b) (ISNI:0000 0004 0503 4808)
2 K. K.Wagh Institute of Engineering Education and Research, Department of Information Technology, Nashik, India (GRID:grid.517889.a)
3 Koneru Lakshmaiah Education Foundation, Department of Computer Science and Engineering, Hyderabad, India (GRID:grid.449504.8) (ISNI:0000 0004 1766 2457)
4 Symbiosis Institute of Technology, Symbiosis International (Deemed University), Department of Electronics and Telecommunication Engineering, Pune, India (GRID:grid.444681.b) (ISNI:0000 0004 0503 4808)
5 D Y Patil College of Engineering, Department of Computer Engineering, Pune, India (GRID:grid.32056.32) (ISNI:0000 0001 2190 9326)
6 Pravara Rural Engineering College, Department of Computer Engineering, Loni, India (GRID:grid.32056.32) (ISNI:0000 0001 2190 9326)