Deep generative models are promising in detecting novel cyber-physical attacks, mitigating the vulnerability of Cyber-physical systems (CPSs) without relying on labeled information. Nonetheless, these generative models face challenges in identifying attack behaviors that closely resemble normal data, or deviate from the normal data distribution but are in close proximity to the manifold of the normal cluster in latent space. To tackle this problem, this article proposes a novel unsupervised dual variational generative adversarial model named MST-DVGAN, to perform anomaly detection in multivariate time series data for CPS security. The central concept is to enhance the model's discriminative capability by widening the distinction between reconstructed abnormal samples and their normal counterparts. Specifically, we propose an augmented module by imposing contrastive constraints on the reconstruction process to obtain a more compact embedding. Then, by exploiting the distribution property and modeling the normal patterns of multivariate time series, a variational autoencoder is introduced to force the generative adversarial network (GAN) to generate diverse samples. Furthermore, two augmented loss functions are designed to extract essential characteristics in a self-supervised manner through mutual guidance between the augmented samples and original samples. Finally, a specific feature center loss is introduced for the generator network to enhance its stability. Empirical experiments are conducted on three public datasets, namely SWAT, WADI and NSL_KDD. Comparing with the state-of-the-art methods, the evaluation results show that the proposed MTS-DVGAN is more stable and can achieve consistent performance improvement.

翻译：深度生成模型在检测新型信息物理攻击方面展现出潜力，能够在不依赖标签信息的情况下缓解信息物理系统（CPS）的脆弱性。然而，这些生成模型在识别与正常数据高度相似的攻击行为，或虽偏离正常数据分布但隐空间中与正常簇流形接近的攻击行为时面临挑战。为解决此问题，本文提出一种名为MST-DVGAN的新型无监督双变分生成对抗模型，用于对CPS安全性中的多变量时间序列数据进行异常检测。其核心思想是通过扩大重构异常样本与正常样本之间的差异来增强模型的判别能力。具体而言，我们通过在对重构过程施加对比约束以获得更紧凑的嵌入表示，从而提出一种增强模块。接着，通过利用分布特性并建模多变量时间序列的正常模式，引入变分自编码器迫使生成对抗网络（GAN）生成多样化样本。此外，设计了两种增强损失函数，通过增强样本与原始样本之间的相互引导，以自监督方式提取关键特征。最后，为提升生成网络稳定性，引入特定特征中心损失。在SWAT、WADI和NSL_KDD三个公开数据集上开展实证实验。与最新方法的比较结果表明，所提出的MTS-DVGAN更稳定，且能实现一致的性能提升。