Machine learning-based early incident detection system in a bakery plant’s industrial network: a cognitive model for counteracting hybrid threats

Amirkhanova G.A. Prokopovych-Tkachenko D.I. Adilzhanova S.A. Zubchenko N. Bektemir L.E.
2026 Frontiers Media SA

Frontiers in Computer Science
2026 #8

Introduction: In the context of growing cyber risks to critical industries, including bakery complexes, this paper proposes a cognitive architecture for early incident detection in the operational technology (OT) network. Methods: The architecture integrates User and Entity Behavior Analytics (UEBA), a Security Information and Event Management (SIEM) system, and Zero Trust principles, focusing on hybrid threats: from external attacks on industrial controllers, such as programmable logic controllers (PLCs) to internal operator errors. At the analytics layer, two complementary deep learning pipelines are used: a convolutional neural network (CNN) + long short-term memory (LSTM) (CNN + LSTM) model for detecting low-level network patterns (Byte2Image) and an autoencoder (AE) combined with LSTM (AE + LSTM model) for predicting time-series data and identifying anomalies in equipment telemetry. An adaptive threshold decision procedure is introduced for the first time, optimizing both accuracy and computational resources on edge nodes. The architecture complies with the IEC 62443 and ISO/IEC 27019 standards. Results and discussion: High performance metrics, specifically Precision, were demonstrated in the bakery plant’s digital twin scenarios. Copyright

anomaly detection , CNN-LSTM , deep learning , digital twin , industrial control systems (ICS) , User and Entity Behavior Analytics (UEBA) , zero trust

Text of the article Перейти на текст статьи

Department of Artificial Intelligence and Big Data, Faculty of Information Technology, Al-Farabi Kazakh National University, Almaty, Kazakhstan
Department of Cybersecurity and Information Technologies, University of Customs and Finance, Dnipro, Ukraine
Department of Cybersecurity and Cryptology, Faculty of Information Technology, Al-Farabi Kazakh National University, Almaty, Kazakhstan

Department of Artificial Intelligence and Big Data
Department of Cybersecurity and Information Technologies
Department of Cybersecurity and Cryptology

10 лет помогаем публиковать статьи Международный издатель

Книга Публикация научной статьи Волощук 2026 Book Publication of a scientific article 2026