Industrial　control　systems　(ICS)　face　severe　threats　due　to　the　inherent　vulnerability　of　shared　networks.　Among　the　attacks　against　ICS,　stealthy　attack　is　an　attack　behavior　in　which　an　attacker　injects　false　sensor　measurements　or　drives　signals　into　the　control　loop,　evading　detection　by　the　intrusion　detection　system　(IDS).　They　are　highly　destructive　and　difficult　to　detect　because　of　concealment.　In　related　studies,　data-driven　methods　have　the　shortcomings　of　a　large　computation　burden.　Physics-based　methods　are　usually　difficult　and　expensive　to　change　the　system　structure.　Moreover,　most　of　the　current　methods　against　stealthy　attacks　take　up　a　considerable　amount　of　system　resources　due　to　training　or　the　pursuit　of　robustness.　In　this　paper,　using　the　importance　and　correlation　of　neglected　feature　data,　an　stealthy　attack　detection　method　based　on　the　Multi-feature　LSTM　(MFLSTM)　model　is　innovatively　developed　to　predict　and　recover　data　attacked.　Random　Forest　(RF)　scores　and　heatmap　are　used　to　judge　the　importance　and　correlation　of　the　feature　data.　Then　the　forget　gates　of　the　LSTM　model　are　improved　to　construct　an　MFLSTM　model　that　can　learn　predictive　information　from　other　feature　data　and　decouples　the　attack　conditions　that　stealthy　attack　relies　on.　The　testing　results　indicated　that　MFLSTM　has　significant　advantages　in　prediction　accuracy,　stability,　and　resource-saving.　MFLSTM　model　saved　52.3%　of　the　resources　required　for　the　same　type　of　prediction.　The　single-point　prediction　mean　square　error　(MSE)　for　the　STEP　7　(S7)　protocol　attack　signature　prediction　and　secure　water　treatment　(SWaT)　dataset　were　0.0471　and　0.0035,　respectively,　which　also　demonstrates　the　feasibility　of　our　proposed　method.　©　2022　Elsevier　B.V.