Medoid Prototype Alignment for Cross-Plant ICS Attack Detection
A new framework uses medoid prototypes to detect unknown attacks across different industrial plants. The method compresses heterogeneous ICS traffic into a comparable space and extracts robust prototypes summarizing local operations. A prototype-calibrated transfer objective aligns target and source prototypes while preserving discrimination. This reduces noisy cross-domain matching and improves transfer stability. The approach addresses site-dependent traffic, scarce labels, and unseen attacks after deployment.
Key facts
- Framework aligns medoid prototypes for cross-plant unknown attack detection
- Compresses heterogeneous ICS traffic into comparable representation space
- Extracts robust medoid prototypes summarizing local operational structure
- Prototype-calibrated transfer objective aligns target with source prototypes
- Preserves source-domain discrimination and encourages confident target predictions
- Reduces noisy cross-domain matching
- Improves transfer stability under heterogeneous industrial conditions
- Addresses site-dependent traffic, scarce labels, and unseen attacks
Entities
—