Feature extraction for anomaly detection in industrial control systems

The threat landscape for industrial systems is in rapid evolution, with cyber-attacks becoming increasingly sophisticated, targeted, and motivated. This situation should raise many concerns because of the growing interconnection of industrial control systems with the Internet, as well as the proliferation of cyberphysical systems and the Industrial Internet of Things. In these scenarios, an accurate detection of attacks is of utmost importance. The swiftness with which the environment of security risks in IoT and industrial systems is a cause for concern, given the rising complexity, specificity, and determination of cyber-attacks. This issue becomes particularly problematic due to the expanding integration of industrial control systems with the Internet and the widespread adoption of cyber-physical systems. In this work, we introduce a novel methodology for improving the Feature Extraction process. The solution shows versatility, operating not only as a standalone tool for identifying network attacks but, more significantly, as a valuable tool for pre-processing raw packet data tailored for integration with artificial intelligence models. The proposed solution was developed with an emphasis on addressing the specific cybersecurity needs of the industrial sector. This approach is driven by the imperative requirements of the industrial landscape, where safeguarding critical systems against cyber threats is of paramount importance. Furthermore, our system was tested on an industrial dataset that demonstrates the applicability and efficacy of our solution within the peculiar context