A Robust IDS-Driven Approach to Secure Industrial Control Systems from Emerging Cyber-Physical Attacks

D Nagabhushanam; K Veerasekhar Achari; P Kranthi Kumar; S Abrar Ali; R Manoj Kumar Reddy

doi:10.5281/zenodo.18756378

Authors

D Nagabhushanam Department of CSE (IoT and Cyber Security including Block Chain Technology), Annamacharya Institute of Technology & Sciences (Autonomous), Tirupati, A.P, India.
K Veerasekhar Achari Department of CSE (IoT and Cyber Security including Block Chain Technology), Annamacharya Institute of Technology & Sciences (Autonomous), Tirupati, A.P, India.
P Kranthi Kumar Department of CSE (IoT and Cyber Security including Block Chain Technology), Annamacharya Institute of Technology & Sciences (Autonomous), Tirupati, A.P, India.
S Abrar Ali Department of CSE (IoT and Cyber Security including Block Chain Technology), Annamacharya Institute of Technology & Sciences (Autonomous), Tirupati, A.P, India.
R Manoj Kumar Reddy Department of CSE (IoT and Cyber Security including Block Chain Technology), Annamacharya Institute of Technology & Sciences (Autonomous), Tirupati, A.P, India.

DOI:

https://doi.org/10.5281/zenodo.18756378

Keywords:

Industrial Control System, LightGBM, Isolation Forest, Cyber Physical Threat, Machine Learning, Django Framework.

Abstract

CPS are critical for the operation of many infrastructures, such as ICS, energy, and transportation. However, increasingly interconnecting cyber with physical elements opens the floor for complicated cyber-physical attacks targeting severe operational disruption. This paper proposes an efficient approach, basically IDS-driven, for securing ICS against such advanced threats. A lightweight hybrid IDS is proposed for the efficient detection of known attacks as well as unknown zero-day attacks using supervised and unsupervised training models, respectively. The suggested IDS incorporates the LightGBM and Isolation Forest models for signature-based detection and anomaly-based detection, respectively. This will ensure that the threat detection is comprehensive in dynamic industrial environments with timely identification and response against both traditional and evolving cyber-physical threats. In our experimental results, the proposed H-IDS was evaluated using the NSL-KDD dataset and outperformed the traditional approaches in terms of accuracy, precision, and recall. Moreover, it will bring benefits like reduced false positive rates, speed, and resiliency. Some possible improvements that can be made in the future are also discussed in the paper, such as incorporating edge computing with federated learning, which can enhance capabilities for the proposed system in real-time environments.

References

Chowdhury, R. H., & Mostafa, B. (2025). Cyber-physical systems for critical infrastructure protection: Developing advanced systems to secure energy grids, transportation networks, and water systems from cyber threats. Journal of Computer Science and Electrical Engineering, 7(1), 16–26.

Pandey, R. K., & Das, T. K. (2025). Anomaly detection in cyber-physical systems using actuator state transition model. International Journal of Information Technology, 17(3), 1509–1521.

Jin, J., Pang, Z., Kua, J., Zhu, Q., Johansson, K. H., Marchenko, N., & Cavalcanti, D. (2025). Cloud-fog automation: The new paradigm towards autonomous industrial cyber-physical systems. IEEE Journal on Selected Areas in Communications.

Almedires, M. A., Elkhalil, A., & Amin, M. (2025). Adversarial attack detection in industrial control systems using LSTM-based intrusion detection and black-box defense strategies. Journal of Cyber Security and Risk Auditing, 2025(3), 4–22.

Nittala, E. P. (2025). Mitigating cyber-physical attacks in ERP-controlled infrastructures through AI-based intrusion response systems. International Journal of AI, Big Data and Computational Management Studies, 6(1), 151–160.

Patel, C. D., Aggarwal, M., & Chaubey, N. K. (2025). Enhancing cyber-physical systems security through advanced defense mechanisms. In Advancing cyber security through quantum cryptography (pp. 307–342). IGI Global.

Mahmud, R., Jin, J., Kua, J., Afrin, M., Mistry, S., & Krishna, A. (2025). Trusted microservice orchestration for secure edge computing in industrial cyber-physical systems. IEEE Network.

Bhardwaj, A., Bharany, S., Rehman, A. U., Tejani, G. G., & Hussen, S. (2025). Securing cyber-physical robotic systems for enhanced data security and real-time threat mitigation. EURASIP Journal on Information Security, 2025(1), 1.

Xu, L., Yang, Z., Zhao, D., Yu, F., Zhou, Y., & Zhang, H. (2025). G-VAE: Variational autoencoder-based adversarial attacks and defenses in industrial control systems. Computers & Electrical Engineering, 124, 110290.

Gaggero, G. B., Armellin, A., Portomauro, G., & Marchese, M. (2024). Industrial control system-anomaly detection dataset (ICS-ADD) for cyber-physical security monitoring in smart industry environments. IEEE Access, 12, 64140–64149.

Ahmed, S. T., Akshaya, K. R., Vattikuti, H., Preetham, L. S. P., & Dutta, R. K. (2025, September). Dynamic Traffic Status Classification and Monitoring in Indian Metro Cities Using Edge-AI Computation. In 2025 International Conference on Vehicular Technology and Transportation Systems (ICVTTS) (pp. 1-6). IEEE.

Girija, S. H., Khanum, H., Sinchana, B., Ahmed, S. T., & Rashmi, C. (2025, August). Dynamic Network Traffic Anomaly Detection Using Machine Learning. In 2025 International Conference on Artificial Intelligence and Machine Vision (AIMV) (pp. 1-6). IEEE.

Alex, S., Shashank, J. T., & Ahmed, S. T. (2025, July). Machine Learning Based Network Traffic Analyser for Malicious and Benign Traffic Detection. In 2025 International Conference on Computing Technologies & Data Communication (ICCTDC) (pp. 1-6). IEEE.

Ambika, B. J., Guptha, N. S., & Siddiqha, S. A. (2023). Anaemia Estimation for Patients Using Lasso And Ridge Regression Algorithms. Milestone Transactions on Medical Technometrics, 1(2), 53-63.