The article addresses the problem of ensuring cybersecurity within Smart Manufacturing ecosystems, focusing on the detection and localization of lateral movement by adversaries in service-oriented networks. In the context of production process digitalization and the extensive deployment of IoT and OT devices, one of the most critical challenges is the covert propagation of compromise between services, which complicates timely incident response and increases the risk of large-scale breaches. The subject of this research is the development of a mathematically grounded model for detecting and mitigating lateral movement with minimal impact on business processes, maintaining an optimal balance between security and operational efficiency. The methodological framework is based on representing the Smart Manufacturing infrastructure as a dynamic graph, where nodes correspond to devices and services, and edges represent data flows. The analysis employs graph-based machine learning methods, namely GraphSAGE and Graph Attention Networks (GAT) with temporal feature encoding, which allows capturing both structural and dynamic properties of network traffic. Additionally, an optimization-based micro-segmentation model is formulated to determine whether to block or maintain connections, minimizing the risk of attacks while considering the cost of false disconnections of critical services. The scientific contribution of this research lies in the integration of graph neural networks (GNNs) with optimization methods to design a comprehensive cybersecurity architecture for Smart Manufacturing. This architecture combines real-time traffic analytics, flexible network segmentation, and adaptive risk management. The proposed approach opens up new perspectives for developing automated cyber-defense systems in industrial environments characterized by high requirements for reliability and business process continuity.
Modern manufacturing systems are undergoing a transformation based on the transition from traditional hierarchical automation to a new paradigm built on distributed services and Cyber
Systems (CPPS). This evolution has become possible due to the implementation of intelligent devices available as services within networks, the expansion of realtime analytics capabilities, the adoption of cloud technologies for virtualizing production functions, and the increase in embedded intelligence at all levels of control.
The service-oriented approach opens new horizons for creating flexible, scalable, and fully integrated manufacturing ecosystems. At the same time, it introduces a series of new security challenges, as critical production functions are now executed within a complex distributed environment where physical devices, software services, and network infrastructures interact. In particular, time- and safety-critical functions must remain at the shop-floor level, while others may be virtualized and moved to cloud or hybrid environments.
Thus, the new paradigm of smart manufacturing transforms the classical “automation pyramid”
into a dynamic, service-oriented, and interconnected system. This provides prerequisites for
improved efficiency and adaptability of enterprises but simultaneously raises questions of
reliability, data protection, and cyber-resilience. The further development of this field will depend
on the creation of new standards, risk management approaches, and integrated security
mechanisms within cyber-production environments [
Despite the high potential of the service-oriented paradigm, the transition from traditional automation hierarchies to distributed Cyber-Physical Production Systems is accompanied by the emergence of new vulnerabilities and threats. Classical industrial control systems were isolated and operated in relatively closed environments, limiting opportunities for external interference. In contrast, modern CPPS integrate physical devices, software components, cloud services, and network infrastructure into a single ecosystem where each layer interacts with others.
This generates several key problems:
Expansion of the attack surface. The number of entry points increases due to the use of IoT devices, virtualized services, and cloud technologies.
Real-time threats. Any interference with time-critical functions (e.g., control of technological processes at the shop-floor level) may lead to accidents or production downtime.
Vulnerability to network attacks. CPPS widely employ standard communication protocols, making them susceptible to DoS attacks, data manipulation, or unauthorized access.
Data trust issues. Distribution and reliance on external services complicate control over the integrity and authenticity of data used for decision-making.
Lack of mature standards. Existing industrial standards do not fully address the security requirements specific to service-oriented production ecosystems.
Within distributed services and Cyber-Physical Production Systems, a particular danger arises from hidden lateral channels (lateral movement), through which an attacker can move between different services and system components after an initial intrusion. Unlike classical industrial systems, where the compromise of one segment did not necessarily enable broader control, the high interconnectedness of service-oriented architectures introduces additional risks. Once the attacker gains access to one module or IoT device, they can move stealthily through the network, exploiting internal communication channels to reach more privileged or critical resources.
The relevance of protection against lateral movement lies in the fact that such attacks are extremely difficult to detect: they may remain unnoticed for a long time because inter-service traffic appears legitimate, and the attacker’s actions mimic normal business processes. In the CPPS context, this enables covert data collection, process sabotage, intellectual property theft, or gradual preparation for large-scale cyberattacks. Especially dangerous is that lateral movement allows adversaries to reach subsystems responsible for time- and safety-critical functions, potentially leading to physical consequences – from production line shutdowns to equipment damage or threats to personnel safety.
Given this, protection against hidden lateral channels in CPPS is one of the key tasks of modern industrial cybersecurity. It requires the deployment of multi-layered access control mechanisms, service behavior monitoring systems, and anomaly detection tools for internal network traffic, combined with Zero Trust architecture principles. Only a comprehensive approach can counter lateral-movement threats and ensure the resilience of smart manufacturing systems against modern cyberattacks.
Article [
The review systematizes CPS models based on their architecture (time-driven and event-driven) and identifies the main attack vectors that threaten availability, integrity, and confidentiality. The authors highlight current challenges such as scalability of solutions, adaptability of security systems, and the ability to function in dynamic environments. CPS protection must consider both cyber and physical levels since attacks can simultaneously affect both.
Particular attention is devoted to attack detection methods using machine learning (ML) and neural networks (NNs). Modern ML solutions can analyze system behavior in real time, detect hidden anomalies, and adapt to emerging threats. The authors propose combining ML algorithms with physical process models to improve detection accuracy and system resilience.
The strengths of the article include its systematic approach to attack classification, comprehensive description of attacker behavior and defense methods, and identification of open challenges and promising research directions. However, its limitations include the absence of detailed experimental models, practical implementation examples of ML solutions in real environments, and insufficient consideration of CPS resource constraints or socio-technical aspects.
In article [
Neural networks are used for traffic behavior analysis and anomaly detection in system components. The use of deep networks allows identifying complex attack patterns difficult to detect using classical approaches. ML is employed to train models on historical CPS data, enabling the prediction and identification of deviations from normal behavior.
The authors highlight several advantages: higher detection accuracy due to adaptive models, the ability to learn from new data, and the capacity to adapt in dynamic environments. Integrating sensor, network, and controller data in real time allows modeling system behavior as a unified whole.
However, the article also notes limitations. Deep neural networks require significant computational resources, which may be infeasible for embedded CPS devices. Models trained on limited or laboratory data may lose accuracy under real-world conditions. Moreover, explainability remains a challenge – interpreting deep model decisions within complex CPS environments is nontrivial.
The authors also emphasize the problem of model generalization: a model trained in one environment may not perform effectively in another with different hardware or network topology. Additionally, adaptive attacks can disguise malicious actions as legitimate traffic, bypassing NNbased detection.
The article underscores the importance of hybrid approaches that combine classical security controls (e.g., authentication, encryption) with ML/NN-based techniques to enhance CPS security. The authors recommend integrating behavioral models with physical process models to improve resilience against attacks.
Article [
The review shows that many approaches employ supervised, unsupervised, and reinforcement learning. Classical anomaly detection methods (threshold- or rule-based) are criticized for their limited adaptability to new attack types. The study demonstrates that adaptive models can evolve – by updating models, altering data processing, or combining both (hybrid approaches).
However, most studies focus on only one component (either data processing or model adaptation), ignoring their interaction. The authors emphasize that CPS are an integration of cyber (networks, software) and physical (sensors, actuators) components with feedback loops. Such systems operate under strict timing and resource constraints and depend on continuous physical processes. Because of the tight coupling between cyber and physical domains, attacks can have dual effects on both.
Many methods employ stream data processing, incremental learning, or concept drift-resistant models. Adaptation mechanisms often rely on online learning, retraining, or hybrid strategies. Yet, adaptation is usually limited to either data processing or model modification – rarely both simultaneously.
The article presents a taxonomy of AAD methods for CPS, including categories such as attack type, application domain, learning paradigm, data-processing strategy, and algorithmic approach. It also provides analytics on datasets, algorithms, and application domains (ICS, IoT, smart grid, etc.).
The review concludes that current solutions often remain partially adaptive – focusing on either data or model changes – and calls for comprehensive, real-world systems combining rapid data handling, adaptability, explainability, and robustness.
Article [
The authors show that APTs can move laterally across network segments, exploiting vulnerabilities in control systems and devices. The reviewed works leverage ML/AI-based approaches for event correlation, anomaly detection, clustering, and attack scenario reconstruction. Some studies apply event classification and correlation algorithms, while others use behavioral and temporal dependency models.
One of the key contributions is the classification of APT detection approaches into four categories:
Similarity-based methods Causal correlation-based methods
Structural methods Case-based methods
This classification provides an analytical foundation for comparing approaches by functional category and strengths.
The main strength of this review lies in its systematic methodology (PRISMA), well-defined selection criteria, and qualitative assessment of sources. Consequently, the paper offers a structured overview that reveals trends, weaknesses, and development directions in APT research.
Additionally, it highlights the importance of integrating behavioral attack models with network vulnerability assessments to enhance early-stage APT target detection. The authors propose a method combining vulnerability scores and probabilistic metrics to predict potential attack paths. 3 3.1
In the classical model of industrial automation, the so-called “automation pyramid” is widely used to define a hierarchical management structure. At its lowest level (Level 0) are physical processessensors, actuators, robotic lines, and other equipment directly responsible for performing manufacturing operations. Above this is the local control level (Level 1), which includes Programmable Logic Controllers (PLC), Computer Numerical Control (CNC) systems, and other devices that monitor machine states and coordinate their operation. The supervisory and monitoring level (Level 2) encompasses SCADA systems and Human–Machine Interfaces (HMI) that collect data, visualize processes, and provide real-time operational control of production lines. The next layer is the MES (Manufacturing Execution Systems) level, which integrates production planning, quality control, change management, and product traceability, effectively linking the shop floor with the business level. Finally, at the top of the pyramid lies ERP (Enterprise Resource Planning), responsible for enterprise resource management, logistics, finance, and supply chain coordination.
The transition toward CPPS and Service-Oriented Architecture (SOA) leads to the transformation of this hierarchy. Classical functions do not disappear but rather evolve – becoming virtualized and exposed as network-accessible services. At the shop-floor level, new capabilities emerge such as Smart Sensors-as-a-Service, condition monitoring services, and secure local control in real time. At the supervisory level, monitoring, predictive maintenance, and energy management services become available. MES functions are implemented as services for production scheduling, quality control, and product tracking, while ERP transforms into services for resource management, supply chain coordination, and customer order management.
A new additional horizontal layer is formed across the entire system – comprising cybersecurity services, data analytics, digital twins, and cloud engineering. This layer provides end-to-end integration and adaptability for all CPPS components, but it also introduces new risks associated with the growing number of interaction points between services.
As a result, the classical automation pyramid is gradually evolving into a flexible, distributed,
and service-oriented system, where functions are no longer rigidly tied to specific hierarchical
levels but can be scaled and migrated into cloud or hybrid environments (Fig. 1). This
transformation opens up new opportunities for integration and operational efficiency, while
simultaneously introducing new security challenges. In particular, distributed service
environments are increasingly susceptible to hidden lateral channels (lateral movement), through
which adversaries can move between services and gain unauthorized access to critical functions
[
Enterprice resource planning level
Plant management
level Process control level Control (PLC) level
Field level
Realtime
critical
The modern dynamics of cyber threat evolution demonstrate that, with the transition to
serviceoriented manufacturing systems, not only does the attack surface expand, but the complexity of
compromise scenarios also increases. Cyber-Physical Production Systems – integrating physical
devices, software services, cloud technologies, and network infrastructures – form a unique
environment where traditional Operational Technology (OT) components coexist with modern
Information Technology (IT) solutions [
The most common and relevant threats remain attacks on data and control signal integrity,
leading to the distortion of production parameters and malfunctioning of equipment [
Analyzing the threat landscape of 2020–2025 reveals a clear shift in attacker tactics toward
subtle, multi-stage operations. This marks a change in balance between “noisy” attacks (mass
exploits, broad scans) and “targeted intrusions”, which mimic legitimate activity [
Simultaneously, there is a sustained rise in the impact of ransomware on industrial and
manufacturing sectors. According to specialized OT-security reports, the number of incidents
affecting industrial enterprises continued to grow during 2022–2024, with 2023 showing a
significant spike in both the number of attacks and their regional concentration in North America
and Europe [
Mandiant (M-Trends) confirms that modern targeted campaigns are becoming increasingly
sophisticated. Key trends observed in 2020–2023 include the rising role of Initial Access Brokers
(IABs), the persistence of dwell time (the duration an adversary remains undetected within a
network), and the fact that a large proportion of incidents are identified not through external
monitoring, but via internal signals and post-incident investigations [
Lateral movement in cyberspace is one of the most significant tactics employed by adversaries to
achieve persistent control over digital environments. In the context of modern industrial
transformation and the adoption of Smart Manufacturing, this tactic gains special importance, as it
combines technical intrusion mechanisms with the ability to influence cyber-physical systems that
form the core of production processes [
In CPS lateral movement acquires a multidimensional nature, since an adversary can affect not
only information flows but also control processes of physical objects [
In Smart Manufacturing, the risk level of lateral movement is elevated because it occurs within
highly integrated environments where information and production processes are tightly coupled.
When digital data circulating in cyberspace directly influences the control of physical components,
even subtle intruder movement across the network can set the stage for large-scale operational
disruptions [
Historical and recent incidents illustrate the devastating impact of lateral movement in
industrial contexts. A classical case is Stuxnet (2010) – technical analysis by Symantec revealed that
after the initial infection of workstations, the malware gradually propagated, gaining access to
PLCs and modifying their logic to cause physical damage to equipment – a scenario in which
stealthy, staged progression was the key to success [
These conclusions are confirmed by reports of specialized organizations and analytical
companies and require CPPS operators to move from purely perimeter-based measures to
comprehensive strategies that include anomaly detection inside the system, segmentation and Zero
Trust principles, service behavior monitoring, and identity protection [
Statistical data show that about 30–40% of successful attacks on industrial systems involve
lateral movement [
Trend / attack class Essence of the trend (2020–2025) Sources
Use of stolen Significant increase as an initial [
legitimate accounts
Ransomware Growth in incidents with [
shutdowns, manual switching)
Lateral movement / Widely used for privilege escalation [
infrastructure
Dwell time and In some campaigns, the adversary’s [
remains prolonged
Combinations Ransomware increasingly applied [
Lateral movement in the cyberspace of modern Smart Manufacturing ecosystems emerges as a key factor in the escalation of cyber threats. It reflects a fundamental vulnerability of interconnected cyber-physical systems, where an attacker is capable of gradually transforming a localized intrusion into global interference with the production process. The scientific understanding of this phenomenon is a necessary prerequisite for developing effective cybersecurity mechanisms that combine traditional detection methods with new approaches to modeling the security of integrated digital–physical environments. Its timely detection requires the combination of classical Indicators of Compromise (IOCs) with behavioral analysis specific to industrial environments (Table 3).
The detection of lateral movement in CPPS is a complex and multi-layered task, particularly relevant under current conditions of industrial digital transformation. Unlike traditional hierarchical systems, where the isolation of technological segments limited the attackers’ movement, the service-oriented architecture of CPPS creates numerous access points and interaction channels that can be exploited for stealthy horizontal movement within the infrastructure.
A multi-layered strategy for detecting lateral movement in CPPS is a necessary condition for ensuring the cyber resilience of industrial systems. It combines identity monitoring, network interaction analysis, endpoint behavior tracking, and deception-based mechanisms, forming a comprehensive barrier against one of the most dangerous and, at the same time, the most covert tactics of modern cyber threats. This makes the given area one of the key priorities in the development of next-generation industrial cybersecurity systems.
of Detection and monitoring methods
Level
servers
Additional countermeasures (Deception)
(time/geolocation) Reuse of credentials Emergence of new privileged accounts Use of compromised VPN tokens Increase in inter-segment traffic Unusual commands in Modbus/OPC UA/DNP3 Use of non-standard ports Anomalous tunnels or proxy connections Creation of new services/processes Execution of PowerShell/WMI scripts Unusual file transfers between nodes Signs of privilege escalation (e.g., Mimikatz) Abnormal activity in “traps” (honeypots) Access to decoy services or “bait” assets
– User and Entity Behavior Analytics) SIEM monitoring with log correlation MFA-based analysis of suspicious logins NDR (Network Detection & Response) Anomaly analysis in industrial protocols Microsegmentation and Zero Trust Network Access
Host-based intrusion detection (HIDS) Event correlation in SIEM platforms
(honeypots/honeytokens) Correlation of decoy events with real network activity 3.4
This research objective is to construct a model for detecting anomalous movements (lateral movement) between services that do not conform to normal traffic patterns.
Subject of the study is the development of a mathematically grounded system for the detection and localization of lateral movement in service-oriented Smart Manufacturing networks, as well as the design of optimal procedures for rapid traffic restriction that respect availability and real-time latency requirements. The focus is on ensuring resilience to sophisticated attacks, in which an adversary gradually moves between services using covert interaction channels.
Following tasks are addressed: development of an anomaly detector on a dynamic graph of service interactions, accounting for spatial and temporal characteristics of traffic; construction of a formalized decision-making model for fast micro-segmentation with minimal impact on critical business processes; 3 empirical evaluation of the proposed approaches through simulations and red-team testing.
The methodological basis of the study focuses on the use of graph learning models with temporal features.
The system is represented as a dynamic directed graph, where nodes correspond to services or devices, and edges represent data flows within defined time windows:
G (¿ V ¿,¿ E¿¿,,¿ X ¿,¿T ¿) – the set of nodes corresponding to services, devices, or
E VV¿¿ – the set of edges describing network connections between nodes; – the matrix of node features (e.g., traffic statistics, authentication logs, where
V ¿ {¿ v1¿,¿ v2¿,¿…¿,¿ vn¿} components of the production system;
X
R n¿×d CPU/network load levels, etc.);
T {¿ t1¿,¿t2¿,¿¿…¿,¿tm¿} interactions. (1) (2) – the time intervals of observation reflecting the dynamics of system
For each node and edge, a feature vector is defined, including indicators such as transmission speed, average packet size, inter-packet intervals, payload entropy, the number of failed authentication attempts, and device role.
For each node Vv¿i a representation vector is constructed by aggregating information from , its neighbors in the graph: h(vk) ¿ (¿ W (k)¿∙¿ A G G(k)¿(¿ {¿ h(uk−1σ,)¿,¿∀ ¿u¿¿¿ N ¿(¿ v ¿)¿}¿)¿) where h(k ) – vector representation of node v at layer k,
v
– the set of neighbors of node v, A G G(k) – aggregation function (e.g., mean, max-pooling, or LSTM), W (k ) – parameter matrix at layer k, σ – nonlinear activation function (e.g., ReLU).
To build the detector, a hybrid graph neural model was employed, combining the GraphSAGE (Sample and Aggregate) and Graph Attention Network (GAT) approaches with an additional temporal feature component. This approach makes it possible not only to detect anomalies at the level of connection topology, but also to account for the temporal sequence of interactions between network nodes. The resulting model produces, for each node v at layer t a scalar anomaly score
GraphSAGE provides local feature aggregation of nodes based on their neighbors in the graph, reducing computational complexity when working with large-scale IoT networks. In turn, GAT applies an attention mechanism, assigning higher weights to neighboring nodes whose interactions are more informative or anomalous in the temporal context. The combination of these two approaches enables the model to adaptively distinguish both static and dynamic features of network traffic.
A normalized timestamp (measured in seconds or minutes) is used, along with learnable frequencies ω and phase shifts ϕ .
i i
The time encoding method integrates temporal dependencies into the process of forming node and edge feature representations. This allows the model to capture not only structural, but also dynamic properties of interactions within the network. Based on these encoded temporal features, the initial vector representations are formed as follows:
¿) (¿e¿t(u0¿v) ) (¿ z v ¿(¿ Mt¿()L¿h¿¿t(,Pv¿0)¿noτd¿e(¿ t ¿)¿) (¿ xu v ¿(¿Mt ¿L)¿P¿e¿dτg e¿(¿ t ¿ )¿ ) , where || – concatenation.
GraphSAGE for node v aggregates the representations of its neighbors them with the local representation.
The attention coefficients for each incoming edge are calculated as:
α(ulv) (¿ t ¿) e x p ( L e a k uy'∈∑RNv(et )LeUx p(a((Ll)Te[aWk(ly¿) hR(vl)e(tL)∥UW( a(el()le)T(ul[v) …(t )]∥))W (nl) h(ul)(t )])) , where WW,,(((nelll ))) – projection matrices, a(l) – attention vector.
W
To detect complex dependencies between system components and to more accurately identify potential anomalies, information aggregation from neighboring nodes is applied. This allows each node to take into account the state and behavior of other related elements in the network: m(vl) ( ¿ t ¿ )
¿ u∈ ∑Nv (t ) α (ulv) ( t )( h(ul)( t )∥e(ulv) ( t )) .
To ensure the formation of a more informative representation of each network element, the GraphSAGE update mechanism is used. This enables combining a node’s own features with the aggregated information obtained from its neighbors:
(h¿(v¿lt+¿1)) (¿ W (alg) g¿[ ¿ h(vl)¿(¿ t ¿σ)¿¿¿ m(vl)¿(¿ t ¿)¿ ]¿) where α - nonlinear activation function, , h(vl) – final embedding of node v. (¿ t ¿) To account for temporal dynamics, a time-aware aggregator is introduced: h¿(vk,)t
G
R ( ¿ h(vk,)t −1U¿ , ¿ h(vk,)t ¿ ) where h(vk,)t – current representation of the node, , h(vk,)t−1 – historical representation of the node, (6) (7) (8) (10)
GRU – Gated Recurrent Unit, which captures temporal dependencies across sequential network states.
The model computes the probability estimate that a node is involved in a cyberattack — interpreted as its risk score:
( ¿ W 0myoa¿¿xfstvh(vk,)t ¿ ), (9) – the probability that node participates in an anomalous (lateral movement) where y connection.
v where y v ¿ {¿ 0,1 ¿ }
To measure the discrepancy between the predicted probabilities and the true event classes, a cross-entropy loss function is used:
L ¿ , −¿ ∑ y v l o g ( y v )
v∈V – is the label indicating a normal (0) or anomalous (1) state.
The training of the anomaly detection model – combining GraphSAGE, GAT, and temporal encoding – can be conducted in both:
Supervised mode – using labeled attack data, enabling the model to learn explicit indicators of lateral movement and compromise; Self-supervised mode – employing contrastive learning or auto-reconstruction, where the system autonomously identifies deviations in the structure or temporal dynamics of network interactions.
This dual training approach enhances the robustness of the model to previously unseen attack patterns, improving its adaptability to evolving cyber threats in Smart Manufacturing environments.
After training the graph-based anomaly detection model, the next step is not only to identify anomalies but also to ensure an optimal system response. This is achieved through a risk assessment and decision-making stage – involving isolation or micro-segmentation of the network – formulated as a Linear Programming (LP) or Integer Linear Programming (ILP) problem. In this framework, the model’s outputs – i.e., the probabilities of anomalous behavior for nodes or edges – are treated as risk weights for each connection. The system determines which links should be restricted or blocked in order to minimize the propagation of threats, while preserving the functionality of critical industrial services.
This can be expressed as the optimization of a risk function under constraints reflecting system availability, bandwidth, and organizational security policy. ILP enables identifying the minimal set of connections that must be temporarily disconnected to localize an attack without disrupting essential production processes. Thus, following anomaly detection, the system enforces a response policy (block/limit specific connections).
The optimization problem is formulated over binary variables yi j indicating whether a (¿ t ¿) connection (i, j) at time should be kept active or blocked.
Then ILP optimization problem is solved for the variable yi j. The aim is to minimize the total risk subject to availability and latency constraints: m i n
y (i ∑,j) r i j (t ) yi j + γ ∑ (i , j) ci j (1− yi j ) , subject to where block=0, ci j
y¿i j {¿ 0,1 ¿ }
B∑y¿imji ijn ∀i, (i ∑,j) li j yi j≤¿ ¿ Lma x, (12) – decision variable indicating allow/block for connection (i, j), keep=1, (11) (13) where ρi j – is the historical importance/criticality of the flow (business-critical), α [ ¿ 0¿,1¿ ]
The objective function minimizes the aggregate risk while additionally accounting for the cost of blocking associated with its impact on production processes. The additional constraints ri j – risk score (a combination of node scores and edge features),
– blocking cost (impact on production), Bm i n – minimum number of links required to ensure availability for node i,
i li j – expected latency along the selected route, Lm a x
– maximum allowable latency.
Risk can be composed as: ( ¿r¿ti ¿j )
α + ¿s(i(¿t1)ρ+¿2∙∙i −sj j¿( tα)¿ ) guarantee the minimum required level of connectivity to keep the system operational and adherence to latency limits.
The goal of verification is to evaluate the effectiveness of the proposed approach (the lateral movement detector combined with micro-segmentation policy) in the following tasks: detecting anomalies in the dynamic graph of service interactions (detector); reducing the scale of compromise in lateral movement scenarios (reaction/containment); assessing operational metrics such as Time-To-Detect (TTD), Time-To-Contain (TTC), and the trade-off between security and system availability.
Verification is performed through a series of experiments based on the structures and features of the IoT-23 dataset. Lateral movement scenarios are emulated as chains of compromises of length 3–6 nodes with varying attack intensity, including both “slow and stealthy” and “fast burst-type” attacks. Additionally, red-team tests are conducted to reproduce multiple intrusion vectors: singlechain attacks, multi-entry compromises, low-traffic infiltration, and burst-type assaults.
In the conducted experiment, the effectiveness of the model for detecting and containing lateral movement within a Smart Manufacturing environment was evaluated. The assessment of effectiveness is based on a set of metrics. To evaluate classification quality, the ROC-AUC metric is used, while the operational performance of the system is measured by Time-To-Detect (TTD) and Time-To-Contain (TTC), which capture, respectively, the time to the first detector trigger and the time from detection to complete containment of the attack. Additionally, the average number of nodes compromised before isolation and the impact on business processes in the case of false blocking are measured.
The second column detected_fraction indicates the proportion of cases where the GraphSAGE/GAT model successfully detected lateral movement before full node compromise.
The third column avg_TTD_s (Time-To-Detect) characterizes the average time required by the system to detect anomalous activity within the network.
The fourth column avg_TTC_s (Time-To-Contain) shows the average time to isolate compromised nodes after the threat has been detected.
The fifth column avg_compromised_nodes represents the average number of nodes that were compromised before the complete containment of the attack.
The simulation results demonstrated that even under conditions of high traffic classification accuracy, ensured by the use of GraphSAGE/GAT with temporal features, the practical effectiveness of protection largely depends on the speed of enforcing security policies. The greater the enforcement delay, the more noticeable the increase in the average containment time, which, in turn, allows the attacker to propagate the intrusion to additional nodes. This is confirmed by the observed dependency: the average number of compromised devices nearly doubles as the delay increases from fractions of a second to ten seconds.
At the same time, a gradual decrease in the fraction of successfully detected attacks is observed, indicating a degradation of the detector’s performance when the response mechanisms act with delay. The TTD indicators remain relatively stable at short intervals; however, with an increase in enforcement delay, a tendency toward their deterioration becomes evident. This indicates that detection models, even with high ROC-AUC values, cannot fully compensate for the negative impact of network infrastructure latency.
Thus, it has been experimentally confirmed that the TTD and TTC metrics should be considered in conjunction with the characteristics of policy enforcement mechanisms. Combining the analysis of ROC-AUC, detection dynamics, and containment impact provides a holistic understanding of the cyber-resilience of the manufacturing network, where not only algorithmic accuracy but also the responsiveness of the security system serves as a critical factor.
Within this study, a cybersecurity model for the Smart Manufacturing Ecosystem was developed, combining deep graph learning methods (GraphSAGE, GAT) with temporal encodings and optimization-based microsegmentation mechanisms using Linear and Integer Linear Programming (LP/ILP). The proposed approach enables highly accurate anomaly detection and intelligent decision-making for real-time threat containment.
Modeling performed on the IoT-23 dataset confirmed the effectiveness of the developed system: ROC-AUC values above 0.9 indicate high classification accuracy, while the average TTD and TTC metrics demonstrate the model’s ability to promptly respond to potential attacks. The analysis of the relationship between policy enforcement delay and node compromise levels revealed that even minor response latency can lead to a significant increase in the number of infected elements.
The GraphSAGE component ensures information aggregation from neighboring nodes and scalability to large industrial networks, while the GAT attention mechanism allows weighting the contribution of each connection within the overall topology. The integration of temporal features enhances the model’s ability to distinguish between short-term and long-term anomalies, and the application of LP/ILP optimization minimizes the risk of attack propagation without disrupting critical processes.
The obtained results confirm the feasibility of combining graph-based machine learning with optimization techniques in industrial security applications. The proposed model can serve as a foundation for an adaptive cybersecurity platform capable of dynamically restructuring the network topology in response to detected threats.
Future research should focus on several development directions. First, Federated Learning will allow training models without transferring confidential data between plants or production units, maintaining global security coherence. Second, Explainable AI (XAI) techniques are promising for interpreting model decisions and increasing operator trust in automated system responses. Third, it is essential to investigate energy-efficient architectures for deployment at edge and fog computing nodes, where computational resources are limited.
Thus, the developed model not only demonstrates high efficiency in detecting and containing attacks, but also provides a methodological foundation for building self-learning and explainable cybersecurity systems for the Industrial Internet of Things – systems capable of adapting to evolving threats and ensuring the resilience of manufacturing networks against complex multivector attacks.
During the preparation of this work, the authors used ChatGPT to: translate certain text fragments into English, perform grammar and spelling checks, and paraphrase or reword content. After using these tools, the authors carefully reviewed and edited the content as needed and take full responsibility for the publication’s content.