The adoption of Ethernet-based communication networks in modern train systems has significantly improved data transmission and operational efficiency. However, the increasing reliance on real time Ethernet for train control systems exposes the network to potential security vulnerabilities, making it a prime target for cyberattacks. Ensuring the security and reliability of these networks is critical for the safety of passengers and the smooth operation of rail services. One effective approach to enhancing the security of train real-time Ethernet systems is anomaly detection, which allows for the identification of unusual behaviors and potential intrusions in the network.