Search papers, labs, and topics across Lattice.
This paper introduces IstGPT, an innovative anomaly detection tool that utilizes large language models (LLMs) and graph learning to enhance real-time protection against industrial control system (ICS) attacks. By leveraging multi-modal industrial knowledge and employing multi-stage prompt engineering, IstGPT constructs detailed sensor-actuator dependency graphs, which are then refined through LLM-Optimation for improved accuracy and coherence. The tool outperforms 12 existing baselines across nine datasets, achieving superior F1-scores and a new time-aware metric, eTaF1, demonstrating its effectiveness in real-world industrial applications.
IstGPT outperforms traditional anomaly detection methods by leveraging LLMs to model complex dependencies in industrial systems, achieving unprecedented accuracy in real-time threat detection.
Industrial Internet systems face increasing threats from sophisticated industrial control system (ICS) attacks, resulting in critical safety incidents. However, existing tools exhibit limited effectiveness in real-time anomaly detection due to the complex dependencies among sensors and actuators. To tackle this, we present IstGPT, the first industrial anomaly detection tool based on LLMs and graph learning to provide real-time protection against a wide range of ICS attacks. IstGPT achieves fine-grained and precise modeling on spatial-temporal dependencies in industrial cyber-physical systems. It first leverages industrial multi-modal knowledge, including operational data, technical documents, and system diagrams, to extract sensor-actuator dependency graphs via multi-stage prompt engineering. Then, LLM-Optimation iteratively refines the graph based on node accuracy, edge consistency, and logical coherence. Finally, IstGPT integrated improved graph neural networks with an encoder-decoder architecture to detect anomalies via reconstruction errors. We evaluate IstGPT against 12 state-of-the-art baselines on 9 datasets, including 2 public, 6 simulated, and a real-world robotic arm dataset. IstGPT achieves the best F1-scores and eTaF1 (a newer time-aware metric) across nine datasets. We further discuss the feasibility of deploying IstGPT in real-world industrial scenarios.
