Cyber-Physical systems (CPS) can broadly be defined as the integration of communication, control, and software components into physical processes. When such a system applies to industrial process control, this system is referred to as an industrial control system (ICS), whose purpose is to monitor and control physical industrial processes. Due to the high availability requirements present in Industrial Control Systems (ICS), any cyberattacks that can interrupt its processes are unacceptable. (Distributed) denial-of-service ((D)DoS) attacks are examples of such attacks.

With the advancement of cyber-integration and network communication in ICS and CPS, investment is needed to protect systems against (D)DoS. In recent years, there has been research on using machine learning and deep learning algorithms for (D)DoS attacks in ICS, as well as in CPS and IoT. However, existing studies do not sufficiently address the different existing types of (D)DoS attacks while also maintaining low computational overhead in resource-constrained environments.

This research investigates the adaptability and flexibility of existing detection algorithms for different attack types in multiple domains, particularly ICS, IoT, and CPS. Our hypothesis is that it is theoretically possible to adapt a detection model to the CPS and IoT domain, and vice versa, based on the datasets it trained on within some constraints.

Using a controlled experiment research methodology, we trained each of the three different detection models on three datasets: CICIDS2017, CICIDDoS2019, and the SWaT. The models were then evaluated on a Raspberry PI to measure their computational overhead. We found that a model's capability for domain adaptation is largely dependent on the model's architecture. Particularly, the model's architecture must be sufficiently flexible to extract and learn from relevant features in an unfamiliar detection domain. Additionally, we also identify various impacts that domain adaptation might have on a model, which include detection performance and computational overhead. This inherently affects the model's applicability for deployment into a resource-constrained system in the real world.