Industrial control systems (ICS) are often targeted by highly motivated attackers seeking to disrupt their services due to its critical nature. Traditional cybersecurity does not provide the necessary reliability for ICS systems. Even when implemented with many layers of defense, including network intrusion detection systems (NIDS). This paper proposes a dynamic and reliable intrusion detection model that is implemented in two steps. First, it proactively classifies each type of possible network attack on the basis of the current network traffic behavior. Second, it evaluates the classification quality through rejection option, which is an indication of its reliability. By adapting to the evolving network traffic, our proposal increases the system robustness against motivated attackers. The proposed model effectiveness has been demonstrated by experimenting in a controlled testbed with more than 14 attack categories. The dynamic selection of security mechanisms allowed us to increase the detection accuracy by up to 26%. Moreover, the classification evaluation in the proposed model achieves up to 99% detection accuracy with only 1% rejection.