Abstract:
The increasing integration of digital technologies into critical infrastructure systems has
exposed them to a heightened risk of cyber threats. These malicious attacks can have farreaching consequences, including unauthorized physical access to equipment that may evade
detection by conventional monitoring systems. Previous research has focused primarily on
detecting cyber-attacks within the realm of information science communication networks,
leaving a significant knowledge gap in identifying attacks that evade network defenses. This
study addresses this gap by investigating vibration patterns that signal system breaches, even
when sensor readings appear normal, as exemplified by high-profile attacks like Stuxnet and
APT, which manipulated data to conceal physical damage. Our proposed approach bolsters
resilience by detecting anomalies in vibration patterns using a statistical threshold calculation
methodology that combines the strengths of LSTM and Random Forest algorithms. This hybrid
approach leverages features extracted from LSTM (mean mean squared error, standard
deviation, and maximum mean squared error) and feeds them into a Random Forest model,
enabling informed decisions on trained data to predict patterns and differentiate between
normal operation, cyber-attacks, and equipment malfunctions. We selected LSTM-RF model
for their exceptional performance in identifying subtle and complex patterns in sequential timeseries vibration data. The Random Forest component rapidly identifies immediate threats, such
as unusual frequency spikes and harmonics, while LSTM networks excel at uncovering longterm patterns, including gradual shifts in baseline and anomalous noise patterns, by capturing
temporal dependencies in the data. To simulate cyber-attacks, Gaussian noise is intentionally
introduced into the acquired vibration data, enhancing the robustness of our approach.
