A Variational Autoencoder Framework for Robust, Physics-Informed
Cyberattack Recognition in Industrial Cyber-Physical Systems
- URL: http://arxiv.org/abs/2310.06948v1
- Date: Tue, 10 Oct 2023 19:07:53 GMT
- Title: A Variational Autoencoder Framework for Robust, Physics-Informed
Cyberattack Recognition in Industrial Cyber-Physical Systems
- Authors: Navid Aftabi, Dan Li and Paritosh Ramanan
- Abstract summary: We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on industrial control systems.
The framework has a hybrid design that combines a variational autoencoder (VAE), a recurrent neural network (RNN), and a Deep Neural Network (DNN)
- Score: 2.051548207330147
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Cybersecurity of Industrial Cyber-Physical Systems is drawing significant
concerns as data communication increasingly leverages wireless networks. A lot
of data-driven methods were develope for detecting cyberattacks, but few are
focused on distinguishing them from equipment faults. In this paper, we develop
a data-driven framework that can be used to detect, diagnose, and localize a
type of cyberattack called covert attacks on networked industrial control
systems. The framework has a hybrid design that combines a variational
autoencoder (VAE), a recurrent neural network (RNN), and a Deep Neural Network
(DNN). This data-driven framework considers the temporal behavior of a generic
physical system that extracts features from the time series of the sensor
measurements that can be used for detecting covert attacks, distinguishing them
from equipment faults, as well as localize the attack/fault. We evaluate the
performance of the proposed method through a realistic simulation study on a
networked power transmission system as a typical example of ICS. We compare the
performance of the proposed method with the traditional model-based method to
show its applicability and efficacy.
Related papers
- CARACAS: vehiCular ArchitectuRe for detAiled Can Attacks Simulation [37.89720165358964]
This paper showcases CARACAS, a vehicular model, including component control via CAN messages and attack injection capabilities.
CarACAS showcases the efficacy of this methodology, including a Battery Electric Vehicle (BEV) model, and focuses on attacks targeting torque control in two distinct scenarios.
arXiv Detail & Related papers (2024-06-11T10:16:55Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - An Approach to Abstract Multi-stage Cyberattack Data Generation for ML-Based IDS in Smart Grids [2.5655761752240505]
We propose a method to generate synthetic data using a graph-based approach for training machine learning models in smart grids.
We use an abstract form of multi-stage cyberattacks defined via graph formulations and simulate the propagation behavior of attacks in the network.
arXiv Detail & Related papers (2023-12-21T11:07:51Z) - Physical-Layer Semantic-Aware Network for Zero-Shot Wireless Sensing [74.12670841657038]
Device-free wireless sensing has recently attracted significant interest due to its potential to support a wide range of immersive human-machine interactive applications.
Data heterogeneity in wireless signals and data privacy regulation of distributed sensing have been considered as the major challenges that hinder the wide applications of wireless sensing in large area networking systems.
We propose a novel zero-shot wireless sensing solution that allows models constructed in one or a limited number of locations to be directly transferred to other locations without any labeled data.
arXiv Detail & Related papers (2023-12-08T13:50:30Z) - Physics-Informed Convolutional Autoencoder for Cyber Anomaly Detection
in Power Distribution Grids [0.0]
This paper proposes a physics-informed convolutional autoencoder (PIConvAE) to detect stealthy cyber-attacks in power distribution grids.
The proposed model integrates the physical principles into the loss function of the neural network by applying Kirchhoff's law.
arXiv Detail & Related papers (2023-12-08T00:05:13Z) - Leveraging a Probabilistic PCA Model to Understand the Multivariate
Statistical Network Monitoring Framework for Network Security Anomaly
Detection [64.1680666036655]
We revisit anomaly detection techniques based on PCA from a probabilistic generative model point of view.
We have evaluated the mathematical model using two different datasets.
arXiv Detail & Related papers (2023-02-02T13:41:18Z) - Extending Isolation Forest for Anomaly Detection in Big Data via K-Means [8.560480662599407]
We propose a novel unsupervised machine learning approach that combines the K-Means algorithm with the Isolation Forest for anomaly detection in industrial big data scenarios.
We utilize the Apache Spark framework to implement our proposed model which was trained in large network traffic data.
We find that our proposed system can be used for real-time anomaly detection in the industrial setup.
arXiv Detail & Related papers (2021-04-27T16:21:48Z) - Multi-Source Data Fusion for Cyberattack Detection in Power Systems [1.8914160585516038]
We show that fusing information from multiple data sources can help identify cyber-induced incidents and reduce false positives.
We perform multi-source data fusion for training IDS in a cyber-physical power system testbed.
Results are presented using the proposed data fusion application to infer False Data and Command injection-based Man-in- The-Middle attacks.
arXiv Detail & Related papers (2021-01-18T06:34:45Z) - Firearm Detection via Convolutional Neural Networks: Comparing a
Semantic Segmentation Model Against End-to-End Solutions [68.8204255655161]
Threat detection of weapons and aggressive behavior from live video can be used for rapid detection and prevention of potentially deadly incidents.
One way for achieving this is through the use of artificial intelligence and, in particular, machine learning for image analysis.
We compare a traditional monolithic end-to-end deep learning model and a previously proposed model based on an ensemble of simpler neural networks detecting fire-weapons via semantic segmentation.
arXiv Detail & Related papers (2020-12-17T15:19:29Z) - Deep Learning based Covert Attack Identification for Industrial Control
Systems [5.299113288020827]
We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on smart grids.
The framework has a hybrid design that combines an autoencoder, a recurrent neural network (RNN) with a Long-Short-Term-Memory layer, and a Deep Neural Network (DNN)
arXiv Detail & Related papers (2020-09-25T17:48:43Z) - Bayesian Optimization with Machine Learning Algorithms Towards Anomaly
Detection [66.05992706105224]
In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique.
The performance of the considered algorithms is evaluated using the ISCX 2012 dataset.
Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
arXiv Detail & Related papers (2020-08-05T19:29:35Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.