Abstract
With the deep integration of industrial control networks and information technology, the problems of high-dimensional data redundancy, multi-stage attack concealment and class imbalance lead to the inefficiency of traditional intrusion detection methods. To this end, the new frameworks of Stacked Sparse Principal Component Analysis (SSPCA) and Step-by-Step Industrial Control Intrusion Detection (SSICID) are proposed. The SSPCA reduced the dimensionality of high-dimensional industrial control network traffic data to 12 dimensions by sparse constraint and principal component stacking strategy, which improved the accuracy by 62.5% compared with traditional Principal Component Analysis (PCA). The SSICID used a layered detection architecture to achieve 98.8% detection accuracy, 97.0% recall, and 0.3 second CPU response time on ICS-CERT datasets, which was 4.5% more accurate and 40% faster than the existing optimal model. The proposed model provides an efficient solution for the real-time monitoring of complex attacks in industrial control networks and has important practical significance for ensuring the security of critical infrastructure.
References
Zhang M, Li G, Xu L, Bai J, Xu M, Gu G, Wu J. Control plane reflection attacks and defenses in software-defined networks. IEEE/ACM Transactions on Networking, 2020, 29(2): 623–636.
Rajesh Kanna P, Santhi P. Exploring the landscape of network security: a comparative analysis of attack detection strategies. Journal of Ambient Intelligence and Humanized Computing, 2024, 15(8), 3211–3228.
Koay A M Y, Ko R K L, Hettema H, Radke K. Machine learning in industrial control system (ICS) security: current landscape, opportunities and challenges. Journal of Intelligent Information Systems, 2023, 60(2): 377–405.
Udas P B, Karim M E, Roy K S. SPIDER: A shallow PCA based network intrusion detection system with enhanced recurrent neural networks. Journal of King Saud University-Computer and Information Sciences, 2022, 34(10), 10246–10272.
Saminu S, Xu G, Zhang S, Kader IAE, Aliyu HA, Jabire AH, Ahmed YK, Adamu MJ. Applications of Artificial Intelligence in Automatic Detection of Epileptic Seizures Using EEG Signals: A Review. Artificial Intelligence and Applications, 2023,1(1): 11–25.
Zhu, Z. and Zhou, L. 2025. Application of Complex Network Attack and Defense Time Game Model in Network Security Defense Decision. Journal of Cyber Security and Mobility. 14, 02 (Jun. 2025), 311–338. DOI: https://doi.org/10.13052/jcsm2245-1439.1423.
Abid A, Jemili F, Korbaa O. Real-time data fusion for intrusion detection in industrial control systems based on cloud computing and big data techniques. Cluster Computing, 2024, 27(2): 2217–2238.
Ahakonye L A C, Nwakanma C I, Lee J M, Kim D S. Agnostic CH-DT technique for SCADA network high-dimensional data-aware intrusion detection system. IEEE Internet of Things Journal, 2023, 10(12): 10344–10356.
Wang W, Wang Z, Zhou Z, Deng H, Zhao W, Wang C, Guo Y. Anomaly detection of industrial control systems based on transfer learning. Tsinghua Science and Technology, 2021, 26(6): 821–832.
Kravchik M, Shabtai A. Efficient cyber attack detection in industrial control systems using lightweight neural networks and pca. IEEE transactions on dependable and secure computing, 2021, 19(4): 2179–2197.
Ahmed A A, Hasan M K, Alqahtani A, Islam S, Pandey B, Rzayeva L, et al. Deep Learning Based Side-Channel Attack Detection for Mobile Devices Security in 5G Networks. Tsinghua Science and Technology, 2025, 30(3):1012–1026.
Mimura M, Kurashina K. Practical evasion attack against neural network-based macro-malware detection method. Cluster Computing, 2025, 28(2):1–16.
Desai A A, Patil P B. Detection of primary user emulation attack using the share and hunt optimisation based deep CNN classifier. International Journal of Autonomous and Adaptive Communications Systems, 2025, 18(1):23–44.
Gu H, Lai Y, Wang Y, Liu J, Sun M, Mao B. DEIDS: a novel intrusion detection system for industrial control systems. Neural Computing and Applications, 2022, 34(12): 9793–9811.
Zhang B, Shi Y, Zhao J, Wang T, Wang K. A Novel Deep Learning Representation for Industrial Control System Data. Intelligent Automation & Soft Computing, 2023, 36(3): 2703–2717.
Han X, Peng J, Cui A, Zhao F, Li K. A General Null Space Property for Sparse Principal Component Analysis. Circuits, Systems, and Signal Processing, 2022, 41(8): 4570–4580.
Kwon O R, Lu Z, Zou H. Exactly Uncorrelated Sparse Principal Component Analysis. Journal of Computational and Graphical Statistics, 2024, 33(1): 231–241.
Süzen A A. Developing a multi-level intrusion detection system using hybrid-DBN. Journal of Ambient Intelligence and Humanized Computing, 2021, 12(2): 1913–1923.
Cao J, He H, Zhang Y, Zhao W, Yan Z, Zhu H. Crack detection in ultrahigh-performance concrete using robust principal component analysis and characteristic evaluation in the frequency domain. Structural Health Monitoring, 2024, 23(2): 1013–1024.
Fang K, Ren R, Zhang Q, Ma S. iSFun: an R package for integrative dimension reduction analysis. Bioinformatics, 2022, 38(11): 3134–3135.
Singh D, Biswal A K, Samanta D, Singh D, Lee H N. Juice jacking: Security issues and improvements in USB technology. Sustainability, 2022, 14(2), 939.
Beattie J R, Esmonde-White F W L. Exploration of principal component analysis: deriving principal component analysis visually using spectra. Applied Spectroscopy, 2021, 75(4): 361–375.
Craig H. Principal components analysis in stylometry. Digital Scholarship in the Humanities, 2024, 39(1): 97–108.
Yang H, Zhang Z, Xie L, Zhang L. Network security situation assessment with network attack behavior classification. International Journal of Intelligent Systems, 2022, 37(10): 6909–6927.
Dai Q, Zhang B, Xu K, Dong S. An Erebus Attack Detection Method Oriented to Blockchain Network Layer. Computers, Materials & Continua, 2023, 75(3): 5395–5431.
Al-Hawawreh M, Sitnikova E, Aboutorab N. X-IIoTID: A connectivity-agnostic and device-agnostic intrusion data set for industrial Internet of Things. IEEE Internet of Things Journal, 2021, 9(5): 3962–3977.
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Copyright (c) 2026 Journal of Cyber Security and Mobility