Multimodal Game-Theoretic Cyber-Attack Projection in Industrial Control Systems

Abstract

Securing Industrial Control Systems (ICS) can be challenging, as solutions developed for general Information Technology (IT) systems may be less effective in an ICS setting. Moreover, most available cybersecurity solutions in ICS are only focused on the classic problem of detecting cyber-attacks and anomalies. However, these solutions cannot provide extended information to security experts to stop the attack or the source of the abnormality. Thus, this paper propose a cutting-edge multimodal data-driven strategy by integrating Deep Reinforcement Learning (DRL) and Deep Neural Networks (DNNs). In contrast to conventional cybersecurity approaches primarily centered on detecting cyber-attacks and anomalies, the proposed method delves into analyzing the behavioral patterns of attackers within an ICS environment. Leveraging reinforcement learning, the approach anticipates the subsequent actions of potential threats. This wealth of additional information empowers security experts to proactively stay ahead of evolving risks, facilitating preemptive measures to thwart impending attacks. The effectiveness and scalability of this multimodal data-driven approach are demonstrated through evaluation on water treatment systems, showcasing its ability to accurately predict and prevent cyber-attacks within the ICS environment.