Towards Intelligent Cybersecurity in SCADA and DCS Environments: Anomaly Detection Using Multimodal Deep Learning and Explainable AI

Samuel Abiodun Oyedotun; Godfrey Perfectson Oise; Chukwuma Emmanuel Ozobialu

doi:10.70882/josrar.2025.v2i3.76

Authors

Samuel Abiodun Oyedotun Department of Computing, Wellspring University, Edo State Author
Godfrey Perfectson Oise Wellspring University Author https://orcid.org/0009-0006-4393-7874
Chukwuma Emmanuel Ozobialu Igbinedion University Okada, Edo State Author

DOI:

https://doi.org/10.70882/josrar.2025.v2i3.76

Keywords:

Anomaly Detection, Cybersecurity, Intrusion Detection System (IDS), Multimodal Deep Learning, Real-time Monitoring

Abstract

Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) and Distributed Control Systems (DCS), are increasingly becoming targets of sophisticated cyber threats. This heightened vulnerability is primarily driven by the convergence of Information Technology (IT) and Operational Technology (OT), as well as the rapid adoption of Industry 4. 4.0 technologies. Traditional intrusion detection systems (IDS) often fall short in addressing the unique characteristics of ICS environments, which include strict real- time operational constraints, the use of legacy systems, and the presence of heterogeneous data sources.To overcome these limitations, this paper presents a novel multimodal deep learning framework for robust anomaly detection in ICS networks. The proposed model integrates Convolutional Neural Networks (CNNs), Long Short- Term Memory (LSTM) networks, and Autoencoders to effectively capture spatial, temporal, and nonlinear features from ICS traffic. The framework is trained and evaluated using the HAI Security Dataset, a realistic ICS dataset that includes various attack scenarios. The hybrid model demonstrates strong performance, achieving an accuracy of 92%, an Area Under the Curve (AUC) of 0. 97, and a perfect recall score in detecting cyberattacks, indicating its potential effectiveness in real- world applications.To improve the transparency and trustworthiness of the detection outcomes, the framework incorporates explainable AI (XAI) techniques, including SHAP (Shapley Additive exPlanations) and LIME (Local Interpretable Model- agnostic Explanations). These tools provide insights into model decisions and help operators understand the reasoning behind anomaly classifications. The paper discusses practical deployment challenges such as scalability, latency, and integration with existing ICS architectures. It also explores promising future research directions, including the application of federated learning for decentralized data privacy, digital twin technology for dynamic system modeling, and the development of resilient models tailored for real-time industrial cybersecurity operations.

Author Biography

Godfrey Perfectson Oise, Wellspring University

Lecture II in the Department of Computing

References

Abdelaty, M., Doriguzzi-Corin, R., & Siracusa, D. (2020). AADS: A Noise-Robust Anomaly Detection Framework for Industrial Control Systems. In J. Zhou, X. Luo, Q. Shen, & Z. Xu (Eds.), Information and Communications Security (Vol. 11999, pp. 53–70). Springer International Publishing. https://doi.org/10.1007/978-3-030-41579-2_4

Abdi, N., Albaseer, A., & Abdallah, M. (2024). The Role of Deep Learning in Advancing Proactive Cybersecurity Measures for Smart Grid Networks: A Survey. IEEE Internet of Things Journal, 11(9), 16398–16421. https://doi.org/10.1109/JIOT.2024.3354045

Abdullahi, M., Alhussian, H., Aziz, N., Abdulkadir, S. J., Alwadain, A., Muazu, A. A., & Bala, A. (2024). Comparison and Investigation of AI-Based Approaches for Cyberattack Detection in Cyber-Physical Systems. IEEE Access, 12, 31988–32004. https://doi.org/10.1109/ACCESS.2024.3370436

Alimi, O. A., Ouahada, K., Abu-Mahfouz, A. M., Rimer, S., & Alimi, K. O. A. (2021). A Review of Research Works on Supervised Learning Algorithms for SCADA Intrusion Detection and Classification. Sustainability, 13(17), 9597. https://doi.org/10.3390/su13179597

Alladi, T., Chamola, V., & Zeadally, S. (2020). Industrial Control Systems: Cyberattack trends and countermeasures. Computer Communications, 155, 1–8. https://doi.org/10.1016/j.comcom.2020.03.007

Anandita Iyer, A., & Umadevi, K. S. (2023). Role of AI and Its Impact on the Development of Cyber Security Applications. In V. Sarveshwaran, J. I.-Z. Chen, & D. Pelusi (Eds.), Artificial Intelligence and Cyber Security in Industry 4.0 (pp. 23–46). Springer Nature Singapore. https://doi.org/10.1007/978-981-99-2115-7_2

Bakker, C., Vasisht, S., Huang, S., & Vrabie, D. L. (2023). Sensor and Actuator Attacks on Hierarchical Control Systems with Domain-Aware Operator Theory*. 2023 Resilience Week (RWS), 1–8. https://doi.org/10.1109/RWS58133.2023.10284668

Balla, A., Habaebi, M. H., Islam, Md. R., & Mubarak, S. (2022). Applications of deep learning algorithms for Supervisory Control and Data Acquisition intrusion detection system. Cleaner Engineering and Technology, 9, 100532. https://doi.org/10.1016/j.clet.2022.100532

Ben Fredj, O., Mihoub, A., Krichen, M., Cheikhrouhou, O., & Derhab, A. (2020). CyberSecurity Attack Prediction: A Deep Learning Approach. 13th International Conference on Security of Information and Networks, 1–6. https://doi.org/10.1145/3433174.3433614

Berardehi, Z. R., Yin, J., & Taheri, M. (2024). Stabilization of Phasor Measurement Sensor-Based Markovian Jump CPSs Through Soft Actor–Critic. IEEE Sensors Journal, 24(22), 37800–37808. https://doi.org/10.1109/JSEN.2024.3468210

Bindra, S. S., & Aggarwal, A. (2024). Deep Learning-based Enhanced Security in Cyber- Physical Systems: A Multi-Attack Perspective. 2024 International Conference on Computational Intelligence and Computing Applications (ICCICA), 347–352. https://doi.org/10.1109/ICCICA60014.2024.10584861

Devi, V. K., Asha, S., Umamaheswari, E., & Bacanin, N. (2023). A Comprehensive Review on Various Artificial Intelligence-Based Techniques and Approaches for Cyber Security. In J. Choudrie, P. N. Mahalle, T. Perumal, & A. Joshi (Eds.), ICT for Intelligent Systems (Vol. 361, pp. 303–314). Springer Nature Singapore. https://doi.org/10.1007/978-981-99-3982-4_26

Ganesh, P., Lou, X., Chen, Y., Tan, R., Yau, D. K. Y., Chen, D., & Winslett, M. (2021). Learning-Based Simultaneous Detection and Characterization of Time Delay Attack in Cyber-Physical Systems. IEEE Transactions on Smart Grid, 12(4), 3581–3593. https://doi.org/10.1109/TSG.2021.3058682

Gao, J., Gan, L., Buschendorf, F., Zhang, L., Liu, H., Li, P., Dong, X., & Lu, T. (2021). Omni SCADA Intrusion Detection Using Deep Learning Algorithms. IEEE Internet of Things Journal, 8(2), 951–961. https://doi.org/10.1109/JIOT.2020.3009180

Graph–Based Anomaly Detection Using Fuzzy Clustering. (2020). In Ç. Ateş, S. Özdel, & E. Anarım, Advances in Intelligent Systems and Computing (pp. 338–345). Springer International Publishing. https://doi.org/10.1007/978-3-030-23756-1_42

Khan, I. A., Keshk, M., Pi, D., Khan, N., Hussain, Y., & Soliman, H. (2022). Enhancing IIoT networks protection: A robust security model for attack detection in Internet Industrial Control Systems. Ad Hoc Networks, 134, 102930. https://doi.org/10.1016/j.adhoc.2022.102930

Koay, A. M. Y., Ko, R. K. L., Hettema, H., & Radke, K. (2023). Machine learning in industrial control system (ICS) security: Current landscape, opportunities and challenges. Journal of Intelligent Information Systems, 60(2), 377–405. https://doi.org/10.1007/s10844-022-00753-1

Lin, G., Wen, S., Han, Q.-L., Zhang, J., & Xiang, Y. (2020). Software Vulnerability Detection Using Deep Neural Networks: A Survey. Proceedings of the IEEE, 108(10), 1825–1848. https://doi.org/10.1109/JPROC.2020.2993293

Meydani, A., Shahinzadeh, H., Ramezani, A., Nafisi, H., & Gharehpetian, G. B. (2024). A Review and Analysis of Attack and Countermeasure Approaches for Enhancing Smart Grid Cybersecurity. 2024 28th International Electrical Power Distribution Conference (EPDC), 1–19. https://doi.org/10.1109/EPDC62178.2024.10571761

Nosova, S., Norkina, A., & Morozov, N. (2024). Strategies for Business Cybersecurity Using AI Technologies. In A. V. Samsonovich & T. Liu (Eds.), Biologically Inspired Cognitive Architectures 2023 (Vol. 1130, pp. 635–642). Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-50381-8_67

Oise, G. (2023). A Web Base E-Waste Management and Data Security System. RADINKA JOURNAL OF SCIENCE AND SYSTEMATIC LITERATURE REVIEW, 1(1), 49–55. https://doi.org/10.56778/rjslr.v1i1.113

Oise, G., & Konyeha, S. (2024). E-WASTE MANAGEMENT THROUGH DEEP LEARNING: A SEQUENTIAL NEURAL NETWORK APPROACH. FUDMA JOURNAL OF SCIENCES, 8(3), 17–24. https://doi.org/10.33003/fjs-2024-0804-2579

Oise, G. P., & Akpowehbve, O. J. (2024). Systematic Literature Review on Machine Learning Deep Learning and IOT-based Model for E-Waste Management. International Transactions on Electrical Engineering and Computer Science, 3(3), 154–162. https://doi.org/10.62760/iteecs.3.3.2024.94

Oise, G. P., Nwabuokei, O. C., Akpowehbve, O. J., Eyitemi, B. A., & Unuigbokhai, N. B. (2025). TOWARDS SMARTER CYBER DEFENSE: LEVERAGING DEEP LEARNING FOR THREAT IDENTIFICATION AND PREVENTION. FUDMA JOURNAL OF SCIENCES, 9(3), 122–128. https://doi.org/10.33003/fjs-2025-0903-3264

Oyedotun, S. A., Oise, G. P., Akilo, B. E., Nwabuokei, O. C., Ejenarhome, P. O., Fole, M., & Onwuzo, C. J. (2025). The Role of Internal Audit in Fraud Detection and Prevention: A Multi-Contextual Review and Research Agenda. Journal of Science Research and Reviews, 2(2), 76–85. https://doi.org/10.70882/josrar.2025.v2i2.51

Pan, K., Wang, Z., Dong, J., Palensky, P., & Xu, W. (2025). Real-Time Estimation and Defense of PV Inverter Sensor Attacks With Hardware Implementation. IEEE Transactions on Industrial Electronics, 72(3), 3228–3232. https://doi.org/10.1109/TIE.2024.3436516

Varma, A. J., Taleb, N., Said, R. A., Ghazal, T. M., Ahmad, M., Alzoubi, H. M., & Alshurideh, M. (2023). A Roadmap for SMEs to Adopt an AI Based Cyber Threat Intelligence. In M. Alshurideh, B. H. Al Kurdi, R. Masa’deh, H. M. Alzoubi, & S. Salloum (Eds.), The Effect of Information Technology on Business and Marketing Intelligence Systems (Vol. 1056, pp. 1903–1926). Springer International Publishing. https://doi.org/10.1007/978-3-031-12382-5_105

Xiahou, K., Xu, X., Huang, D., Du, W., & Li, M. (2024). Sliding-Mode Perturbation Observer-Based Delay-Independent Active Mitigation for AGC Systems Against False Data Injection and Random Time-Delay Attacks. IEEE Transactions on Industrial Cyber-Physical Systems, 2, 446–458. https://doi.org/10.1109/TICPS.2024.3436188

Xiong, D., Zhang, D., Zhao, X., & Zhao, Y. (2021). Deep Learning for EMG-based Human-Machine Interaction: A Review. IEEE/CAA Journal of Automatica Sinica, 8(3), 512–533. https://doi.org/10.1109/JAS.2021.1003865

Yang, K., Li, Q., Li, T., Wang, H., & Sun, L. (2025). Detecting Time-Delay Attacks in Industrial Control Systems Through State-Aware Inference. IEEE Internet of Things Journal, 12(6), 7195–7208. https://doi.org/10.1109/JIOT.2024.3496896

Zhang, J., Pan, L., Han, Q.-L., Chen, C., Wen, S., & Xiang, Y. (2022). Deep Learning Based Attack Detection for Cyber-Physical System Cybersecurity: A Survey. IEEE/CAA Journal of Automatica Sinica, 9(3), 377–391. https://doi.org/10.1109/JAS.2021.1004261

Towards Intelligent Cybersecurity in SCADA and DCS Environments: Anomaly Detection Using Multimodal Deep Learning and Explainable AI

Authors

DOI:

Keywords:

Abstract

Author Biography

References

Downloads

Published

Issue

Section

License

How to Cite

Latest publications

Language

Information

Make a Submission