Deep Learning based Covert Attack Identification for Industrial Control
Systems
- URL: http://arxiv.org/abs/2009.12360v1
- Date: Fri, 25 Sep 2020 17:48:43 GMT
- Title: Deep Learning based Covert Attack Identification for Industrial Control
Systems
- Authors: Dan Li, Paritosh Ramanan, Nagi Gebraeel, and Kamran Paynabar
- Abstract summary: We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on smart grids.
The framework has a hybrid design that combines an autoencoder, a recurrent neural network (RNN) with a Long-Short-Term-Memory layer, and a Deep Neural Network (DNN)
- Score: 5.299113288020827
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Cybersecurity of Industrial Control Systems (ICS) is drawing significant
concerns as data communication increasingly leverages wireless networks. A lot
of data-driven methods were developed for detecting cyberattacks, but few are
focused on distinguishing them from equipment faults. In this paper, we develop
a data-driven framework that can be used to detect, diagnose, and localize a
type of cyberattack called covert attacks on smart grids. The framework has a
hybrid design that combines an autoencoder, a recurrent neural network (RNN)
with a Long-Short-Term-Memory (LSTM) layer, and a Deep Neural Network (DNN).
This data-driven framework considers the temporal behavior of a generic
physical system that extracts features from the time series of the sensor
measurements that can be used for detecting covert attacks, distinguishing them
from equipment faults, as well as localize the attack/fault. We evaluate the
performance of the proposed method through a realistic simulation study on the
IEEE 14-bus model as a typical example of ICS. We compare the performance of
the proposed method with the traditional model-based method to show its
applicability and efficacy.
Related papers
- Enhanced Anomaly Detection in Industrial Control Systems aided by Machine Learning [2.2457306746668766]
This study investigates whether combining both network and process data can improve attack detection in ICSs environments.
Our findings suggest that integrating network traffic with operational process data can enhance detection capabilities.
Although the results are promising, they are preliminary and highlight the need for further studies.
arXiv Detail & Related papers (2024-10-25T17:41:33Z) - Convolutional Neural Network Design and Evaluation for Real-Time Multivariate Time Series Fault Detection in Spacecraft Attitude Sensors [41.94295877935867]
This paper presents a novel approach to detecting stuck values within the Accelerometer and Inertial Measurement Unit of a drone-like spacecraft.
A multi-channel Convolutional Neural Network (CNN) is used to perform multi-target classification and independently detect faults in the sensors.
An integration methodology is proposed to enable the network to effectively detect anomalies and trigger recovery actions at the system level.
arXiv Detail & Related papers (2024-10-11T09:36:38Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - A Variational Autoencoder Framework for Robust, Physics-Informed
Cyberattack Recognition in Industrial Cyber-Physical Systems [2.051548207330147]
We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on industrial control systems.
The framework has a hybrid design that combines a variational autoencoder (VAE), a recurrent neural network (RNN), and a Deep Neural Network (DNN)
arXiv Detail & Related papers (2023-10-10T19:07:53Z) - Federated Learning Based Distributed Localization of False Data
Injection Attacks on Smart Grids [5.705281336771011]
False data injection attack (FDIA) is one of the classes of attacks that target the smart measurement devices by injecting malicious data.
We propose a federated learning-based scheme combined with a hybrid deep neural network architecture.
We validate the proposed architecture by extensive simulations on the IEEE 57, 118, and 300 bus systems and real electricity load data.
arXiv Detail & Related papers (2023-06-17T20:29:55Z) - Anomaly Detection Dataset for Industrial Control Systems [1.2234742322758418]
Industrial Control Systems (ICSs) have been targeted by cyberattacks and are becoming increasingly vulnerable.
The lack of suitable datasets for evaluating Machine Learning algorithms is a challenge.
This paper presents the 'ICS-Flow' dataset, which offers network data and process state variables logs for supervised and unsupervised ML-based IDS assessment.
arXiv Detail & Related papers (2023-05-11T14:52:19Z) - Leveraging a Probabilistic PCA Model to Understand the Multivariate
Statistical Network Monitoring Framework for Network Security Anomaly
Detection [64.1680666036655]
We revisit anomaly detection techniques based on PCA from a probabilistic generative model point of view.
We have evaluated the mathematical model using two different datasets.
arXiv Detail & Related papers (2023-02-02T13:41:18Z) - Firearm Detection via Convolutional Neural Networks: Comparing a
Semantic Segmentation Model Against End-to-End Solutions [68.8204255655161]
Threat detection of weapons and aggressive behavior from live video can be used for rapid detection and prevention of potentially deadly incidents.
One way for achieving this is through the use of artificial intelligence and, in particular, machine learning for image analysis.
We compare a traditional monolithic end-to-end deep learning model and a previously proposed model based on an ensemble of simpler neural networks detecting fire-weapons via semantic segmentation.
arXiv Detail & Related papers (2020-12-17T15:19:29Z) - Experimental Review of Neural-based approaches for Network Intrusion
Management [8.727349339883094]
We provide an experimental-based review of neural-based methods applied to intrusion detection issues.
We offer a complete view of the most prominent neural-based techniques relevant to intrusion detection, including deep-based approaches or weightless neural networks.
Our evaluation quantifies the value of neural networks, particularly when state-of-the-art datasets are used to train the models.
arXiv Detail & Related papers (2020-09-18T18:32:24Z) - Bayesian Optimization with Machine Learning Algorithms Towards Anomaly
Detection [66.05992706105224]
In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique.
The performance of the considered algorithms is evaluated using the ISCX 2012 dataset.
Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
arXiv Detail & Related papers (2020-08-05T19:29:35Z) - Deep Anomaly Detection for Time-series Data in Industrial IoT: A
Communication-Efficient On-device Federated Learning Approach [40.992167455141946]
This paper proposes a new communication-efficient on-device federated learning (FL)-based deep anomaly detection framework for sensing time-series data in IIoT.
We first introduce a FL framework to enable decentralized edge devices to collaboratively train an anomaly detection model, which can improve its generalization ability.
Second, we propose an Attention Mechanism-based Convolutional Neural Network-Long Short Term Memory (AMCNN-LSTM) model to accurately detect anomalies.
Third, to adapt the proposed framework to the timeliness of industrial anomaly detection, we propose a gradient compression mechanism based on Top-textitk selection to
arXiv Detail & Related papers (2020-07-19T16:47:26Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.