An AutoML-based security defender for industrial control systems

Securing Industrial Control Systems (ICS) against cyber threats is crucial for maintaining operational reliability and safety in critical infrastructure. Traditional Machine Learning (ML) approaches in ICS development require substantial domain expertise, posing challenges for non-experts. To address this gap, we propose and evaluate ICS-defender, a defense mechanism to enhance ICS security through Automated Machine Learning (AutoML) techniques. Our approach leverages sophisticated feature engineering and AutoML to automate model selection, training, aggregation, and optimization, thereby reducing the dependency on specialized knowledge. We evaluate ICS-defender against state-of-the-art AutoML frameworks using diverse datasets from power systems and electric vehicle chargers. Experimental results consistently demonstrate that ICS-defender outperforms existing frameworks in terms of accuracy and robustness, achieving average accuracies of 93.75%, 94.34%, and 87.12% for power systems attacks datasets and 94.23% for the electric vehicle charging station attacks dataset, surpassing baseline algorithms. This research contributes to advancing secure and resilient ICS, offering significant implications for broader applications and future enhancements in industrial cybersecurity.