Journal of Engineering Research and Reports

Industrial Control Systems (ICS) are especially vulnerable to advanced cyberattacks because to their connectivity to the Internet of Things (IoT) and information technology (IT) networks. Firewalls, Virtual Private Networks (VPNs), and signature-based intrusion detection systems may be reactive and ineffective in preventing advanced persistent threats (APTs) and zero-day vulnerabilities. Specifically, this study aims to provide an AI-powered proactive threat detection framework for ICS real-time monitoring and anomaly detection that is based on classification.  The method detects both known and undiscovered cyber risks by analyzing the behaviour of telemetry data, Supervisory Control and Data Acquisition (SCADA) logs, and network traffic using supervised and unsupervised learning models including CNN, Random Forest, SVM, and LSTM deep learning.  Simplified system downtime and uninterrupted operations are the results of improved automated threat intelligence and response capabilities made possible through integration with SIEM systems.  The report also stresses the significance of XAI in ICS decision-making processes by making them more transparent and trustworthy. A comprehensive threat landscape is examined, including malware, spoofing, DoS attacks, and data manipulation. Architectural models are discussed to provide a robust foundation for secure and self-adaptive ICS infrastructures. This research emphasizes AI’s role in transforming cybersecurity from reactive defence to a predictive, resilient, and intelligent threat mitigation strategy.