近年來關鍵基礎設施安全防護的議題逐漸受到重視，因國家關鍵基礎設施是否能正常運作將會影響到眾多層面，如社會功能的運作及國家的經濟發展等，甚至有可能導致人民的傷亡。因此，與關鍵基礎設施及其工業控制系統相關的安全事件也備受關注。如果可以即時檢測出這些系統中非常態的現象，就能即早作出警示以提醒操作人員進行因應措施，進而避免不必要的危害發生。而近年來因為機器學習的應用逐漸成熟，目前已經有許多研究透過機器學習的異常檢測方法，來對工業控制系統進行安全防護及預警。目前針對工業控制系統進行的異常檢測研究，大部分是針對單一種會造成危害的原因進行偵測，如針對網路攻擊、或是針對設備故障等。如果能從各個面向實施異常檢測，就能更完善的對系統進行保護。故本研究建立一水壩營運操作非常態警示系統，對各種類型的非常態操作進行檢測及預警，以實現更全面的保護功能。並透過可視化分析方法，彌補了非監督式學習中常有的檢測結果缺乏解釋性之問題。且實際對歷史資料進行預測，透過實驗驗證了本系統對於各種非常態事件檢測之有效性。

In recent years, the issue of critical infrastructure security protection has gradually received attention, because whether the country's critical infrastructure can operate normally will affect many levels. As a result, security incidents related to critical infrastructure and its industrial control systems are also of concern. If non-normal phenomena in these systems can be detected immediately, early warnings can be issued to remind operators to take countermeasures, thereby avoiding unnecessary hazards. In recent years, due to the gradual maturity of the application of machine learning, there have been many researches on implementing anomaly detection methods through machine learning to provide security protection and early warning for industrial control systems. Most of the current anomaly detection research on industrial control systems is to detect a single cause that can cause harm, such as network attacks or equipment failures. If anomaly detection can be implemented for each aspect, the system can be better protected. Therefore, this study establishes a non-normal warning system for dam operation to detect and warn of various types of non-normal operations, so as to achieve a more comprehensive protection function. Through the visual analysis method, this study makes up for the lack of interpretability of the detection results often found in unsupervised learning. This study uses historical data to make predictions and verifies the effectiveness of this system in detecting various non-normal events through experiments.

[1]蕭博陽, "武界壩異常放水釀4死 值班員過失致死判1年8月," 2021. [Online]. Available: https://www.cna.com.tw/news/firstnews/202111150069.aspx. [Accessed 18 Nov. 2021].
[2]Robert McMillan, "Insider charged with hacking California canal system," 2007. [Online]. Available: https://www.computerworld.com/article/2540235/insider-charged-with-hacking-california-canal-system.html. [Accessed 20 Mar. 2022].
[3]CYBERSEC 2021 臺灣資安大會, "ShareTech 完整IT、OT與內網解決方案," 2021. [Online]. Available: https://cyber.ithome.com.tw/2021/insight-page/3. [Accessed 20 Mar. 2022].
[4]Katie Collins, "Ukraine blackout is a cyberattack milestone," 2016. [Online]. Available: https://www.cnet.com/news/privacy/cyberattack-causes-widespread-power-blackout-in-ukraine/. [Accessed 22 Mar. 2022].
[5]Alex Marquardt, Eric Levenson, Amir Tal, "Florida water treatment facility hack used a dormant remote access software, sheriff says," 2021. [Online]. Available: https://edition.cnn.com/2021/02/10/us/florida-water-poison-cyber/index.html. [Accessed 16 Feb. 2022].
[6]Pierre Duffaut, "The traps behind the failure of Malpasset arch dam, France, in 1959," Journal of Rock Mechanics and Geotechnical Engineering, vol. 5, no. 5, pp. 335 - 341, 2013.
[7]Sergei K. Alabugin, Alexander N. Sokolov, "Applying of Generative Adversarial Networks for Anomaly Detection in Industrial Control Systems," 2020 Global Smart Industry Conference (GloSIC), Chelyabinsk, Russia, 17-19 Nov., 2020.
[8]Yu Qin, YuanSheng Lou, "Hydrological Time Series Anomaly Pattern Detection based on Isolation Forest," 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC), Chengdu, China, 15-17 Mar., 2019.
[9]黃彥棻, "【臺灣資安大會直擊】更完整資安戰略即將揭曉！國安會諮詢委員李德財預告，臺灣第一份「資安即國安」戰略報告書5月出爐," 2018. [Online]. Available: https://www.ithome.com.tw/news/121793. [Accessed 29 May 2021].
[10]Chen Fradkin, "CLAROTY BIANNUAL ICS RISK & VULNERABILITY REPORT: 2H 2020," Claroty, New York City, USA, 2021.
[11]Amin Hassanzadeh, Amin Rasekh, Stefano Galelli, Mohsen Aghashahi, Riccardo Taormina, Avi Ostfeld, Katherine Banks, "A Review of Cybersecurity Incidents in the Water Sector," Journal of Environmental Engineering, vol. 146, no. 5, 2020.
[12]Gary Hughes, "The cyberspace invaders," 2003. [Online]. Available: https://www.theage.com.au/national/the-cyberspace-invaders-20030622-gdvx44.html. [Accessed 12 Jun. 2021].
[13]Jill Slay, Michael Miller, "Lessons Learned from the Maroochy Water Breach," International Conference on Critical Infrastructure Protection, Springer, Boston, Mas-sachusetts, 19-21 Mar., 2007.
[14]Miriam Jones, "Report: Hacking Lands Florida Wastewater Official in Hot Water," 2012. [Online]. Available: https://www.govtech.com/public-safety/report-hacking-lands-florida-wastewater-official-in-hot-water.html. [Accessed 10 Jun. 2021].
[15]Andrew Cuomo, "Statement from Governor Andrew M. Cuomo on Cyber Attack Charges Announced By U.S. Attorney General Loretta Lynch and FBI Director James Comey Involving the Bowman Avenue Dam in Westchester County," 2016. [Online]. Available: https://www.dfs.ny.gov/reports_and_publications/press_releases/pr1603242. [Accessed 10 Jun. 2021].
[16]Hemsley, Kevin E., E. Fisher, Dr. Ronald, "History of Industrial Control System Cyber Incidents," OSTI.GOV title logo, United States, 2018.
[17]Robert McMillan, "Hackers break into water system network," 2006. [Online]. Available: https://www.computerworld.com/article/2547938/hackers-break-into-water-system-network.html. [Accessed 10 Jun. 2021].
[18]Ellen Nakashima, "Water-pump failure in Illinois wasn’t cyberattack after all," 2011. [Online]. Available: https://www.washingtonpost.com/world/national-security/water-pump-failure-in-illinois-wasnt-cyberattack-after-all/2011/11/25/gIQACgTewN_story.html. [Accessed 11 Jun. 2021].
[19]BBC NEWS, "人與自然：盤點現代史上三大水壩滑坡崩潰事件," 2020. [Online]. Available: https://www.bbc.com/zhongwen/trad/world-53518188. [Accessed 11 Jun. 2021].
[20]Trend Micro, "Industrial Control System," 2022. [Online]. Available: https://www.trendmicro.com/vinfo/us/security/definition/industrial-control-system/. [Accessed 30 Jun. 2022].
[21]Chunjie Zhou, Shuang Huang, Naixue Xiong, Shuang-Hua Yang, Huiyun Li, Yuanqing Qin, Xuan Li, "Design and Analysis of Multimodel-Based Anomaly Intrusion Detection Systems in Industrial Process Automation," IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 45, no. 10, pp. 1345 - 1360, 2015.
[22]In-Soo Jung, Mario Berges, James H. Garrett Jr., BarnabasPoczos, "Exploration and evaluation of AR, MPCA and KL anomaly detection techniques to embankment dam piezometer data," Advanced Engineering Informatics, vol. 29, no. 4, pp. 902 - 917, 2015.
[23]David J. Hill, Barbara S. Minsker, Eyal Amir, "Real-time Bayesian Anomaly Detection for Environmental Sensor Data," Proc. 32nd Congress of the International Association of Hydraulic Engineering and Research, Venice, Italy, 1-6 Jul., 2007.
[24]Wendy D. Fisher, Tracy K. Camp, Valeria V. Krzhizhanovskaya, "Anomaly detection in earth dam and levee passive seismic data using support vector machines and automatic feature selection," Journal of Computational Science, vol. 20, pp. 143 - 153, 2017.
[25]Aurea Soriano-Vargas, Rafael Werneck, Renato Moura, Pedro Mendes Júnior, Raphael Prates, Manuel Castro, Maiara Gonçalves, Manzur Hossain, Marcelo Zampieri, Alexandre Ferreira, Alessandra Davólio, Bernd Hamann, Denis José Schiozer, Anderson Rocha, "A visual analytics approach to anomaly detection in hydrocarbon reservoir time series data," Journal of Petroleum Science and Engineering, vol. 206, p. 108988, 2021.
[26]Ian J. Goodfellow, Jean Pouget-Abadie, Mehdi Mirza, Bing Xu, David Warde-Farley, Sherjil Ozair, Aaron Courville, Yoshua Bengio, "Generative Adversarial Nets," Advances in Neural Information Processing Systems 27 (NIPS 2014), Montreal, Canada 8-13 Dec. , 2014.
[27]Phillip Isola, Jun-Yan Zhu, Tinghui Zhou, Alexei A. Efros, "Image-to-Image Translation with Conditional Adversarial Networks," 2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Honolulu, HI, USA, 21-26 Jul., 2017.
[28]Xudong Mao, Qing Li, Haoran Xie, Raymond Y.K. Lau, Zhen Wang, Stephen Paul Smolley, "Least Squares Generative Adversarial Networks," 2017 IEEE International Conference on Computer Vision (ICCV), Venice, Italy, 22-29 Oct., 2017.
[29]Yeji Choi, Hyunki Lim, Heeseung Choi, Ig-Jae Kim, "GAN-Based Anomaly Detection and Localization of Multivariate Time Series Data for Power Plant," 2020 IEEE International Conference on Big Data and Smart Computing (BigComp), Busan, South Korea, 19-22 Feb., 2020.
[30]TensorFlow, "TensorFlow," [Online]. Available: https://www.tensorflow.org/. [Accessed 15 Jul. 2020].
[31]Mohammad Sadegh Sadeghi Garmaroodi, Faezeh Farivar, Mohammad Sayad Haghighi , Mahdi Aliyari Shoorehdeli, Alireza Jolfaei, "Detection of Anomalies in Industrial IoT Systems by Data Mining: Study of CHRIST Osmotron Water Purification System," IEEE Internet of Things Journal, vol. 8, no. 13, pp. 10280 - 10287, 2021.
[32]Dziri Jalal, Tahar Ezzedine, "Decision Tree and Support Vector Machine for Anomaly Detection in Water Distribution Networks," 2020 International Wireless Communications and Mobile Computing (IWCMC), Limassol, Cyprus, 15-19 Jun., 2020.
[33]Mayra Macas, Chunming Wu, "An Unsupervised Framework for Anomaly Detection in a Water Treatment System," 2019 18th IEEE International Conference On Machine Learning And Applications (ICMLA), Boca Raton, FL, USA, 16-19 Dec., 2019.
[34]陳得松, 黃康寧, "民國 99 年颱風調查報告－第11號凡那比(Fanapi)颱風(1011)," 99. [Online]. Available: https://photino.cwb.gov.tw/rdcweb/lib/cd/cd02tyrp/web_99_typhoons/web_99_Fanapi_P52.pdf. [Accessed 30 Jun. 2022].