Abstract: As a core component of national critical infrastructure, the security of Industrial Control Systems (ICS) is of paramount importance. With the widespread application of information technology, the efficiency of ICS operations has significantly improved, but new security risks have also emerged. In recent years, the frequent occurrence of cyber-physical attacks targeting ICS has made anomaly detection a key technology in safeguarding such systems. Traditional anomaly detection methods often reduce the problem to binary classification, which is insufficient for practical needs. To more precisely locate attack sources and facilitate rapid system recovery, a finer-grained classification of ICS anomalies is required. This paper proposes a novel deep learning-based model for ICS anomaly detection and attack classification. The model leverages the strengths of Convolutional Neural Networks (CNN), Bidirectional Long Short-Term Memory (BiLSTM) networks, and the Attention mechanism. CNN is used to extract spatial features of data packets, BiLSTM captures temporal dependencies between packets, and the Attention mechanism focuses on critical time-step information to achieve high-precision detection of ICS network attacks. Experimental results demonstrate that the proposed model outperforms existing industrial intrusion detection systems in terms of detection accuracy and performs well on imbalanced datasets, offering a new solution for ICS security protection.