Advanced Intrusion Detection Combining Signature-Based and Behavior-Based Detection Methods

Recently, devices in real-time systems, such as residential facilities, vehicles, factories, and social infrastructure, have been increasingly connected to communication networks. Although these provide administrative convenience enable the development of more sophisticated control critical cybersecurity concerns challenges remain. In this paper, we propose a hybrid anomaly detection method that combines statistical filtering composite autoencoder effectively detect anomalous behaviors possibly caused by malicious activity order mitigate risk cyberattacks. We used SWaT dataset, which was collected from real water treatment system, conduct case study cyberattacks on industrial systems validate performance proposed approach. then evaluated dataset with two time window settings for autoencoder. According experimental results, improved precision, recall, F1-score up 0.008, 0.067, 0.039, respectively, compared an autoencoder-only Moreover, computational cost terms execution time. The reduced 8.03% Through show detected anomalies than approach it also operated significantly faster.