Securing Swarms: Cross-Domain Adaptation for ROS2-based CPS Anomaly Detection

• URL: http://arxiv.org/abs/2508.15865v1
• Date: Wed, 20 Aug 2025 20:02:28 GMT
• Title: Securing Swarms: Cross-Domain Adaptation for ROS2-based CPS Anomaly Detection
• Authors: Julia Boone, Fatemeh Afghah,
• Abstract summary: Cyber-physical systems (CPS) are being increasingly utilized for critical applications.<n>CPS is more vulnerable to attacks compared to network-only systems.<n>We develop an anomaly detection model that can detect attacks within CPS without the need for previously labeled data.
• Score: 9.118996584649599
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Cyber-physical systems (CPS) are being increasingly utilized for critical applications. CPS combines sensing and computing elements, often having multi-layer designs with networking, computational, and physical interfaces, which provide them with enhanced capabilities for a variety of application scenarios. However, the combination of physical and computational elements also makes CPS more vulnerable to attacks compared to network-only systems, and the resulting impacts of CPS attacks can be substantial. Intelligent intrusion detection systems (IDS) are an effective mechanism by which CPS can be secured, but the majority of current solutions often train and validate on network traffic-only datasets, ignoring the distinct attacks that may occur on other system layers. In order to address this, we develop an adaptable CPS anomaly detection model that can detect attacks within CPS without the need for previously labeled data. To achieve this, we utilize domain adaptation techniques that allow us to transfer known attack knowledge from a network traffic-only environment to a CPS environment. We validate our approach using a state-of-the-art CPS intrusion dataset that combines network, operating system (OS), and Robot Operating System (ROS) data. Through this dataset, we are able to demonstrate the effectiveness of our model across network traffic-only and CPS environments with distinct attack types and its ability to outperform other anomaly detection methods.

Related papers

• CANDoSA: A Hardware Performance Counter-Based Intrusion Detection System for DoS Attacks on Automotive CAN bus [45.24207460381396]
  This paper presents a novel Intrusion Detection System (IDS) designed for the Controller Area Network (CAN) environment.<n>A RISC-V-based CAN receiver is simulated using the gem5 simulator, processing CAN frame payloads with AES-128 encryption as FreeRTOS tasks.<n>Results indicate that this approach could significantly improve CAN security and address emerging challenges in automotive cybersecurity.
  arXiv  Detail & Related papers  (2025-07-19T20:09:52Z)
• CyFence: Securing Cyber-Physical Controllers via Trusted Execution Environment [45.86654759872101]
  Cyber-physical systems (CPSs) have experienced a significant technological evolution and increased connectivity, at the cost of greater exposure to cyber-attacks.<n>We propose CyFence, a novel architecture that improves the resilience of closed-loop control systems against cyber-attacks by adding a semantic check.<n>We evaluate CyFence considering a real-world application, consisting of an active braking digital controller, demonstrating that it can mitigate different types of attacks with a negligible overhead.
  arXiv  Detail & Related papers  (2025-06-12T12:22:45Z)
• Topology-aware Detection and Localization of Distributed Denial-of-Service Attacks in Network-on-Chips [2.6490401904186758]
  This paper presents a framework to conduct topology-aware detection and localization of DDoS attacks using Graph Neural Networks (GNNs)<n>By modeling the NoC as a graph, our method utilizes traffic features to effectively identify and localize DDoS attacks.<n> Experimental results demonstrate that our approach can detect and localize DDoS attacks with high accuracy (up to 99%) while maintaining consistent performance under diverse attack strategies.
  arXiv  Detail & Related papers  (2025-05-20T20:49:34Z)
• CANTXSec: A Deterministic Intrusion Detection and Prevention System for CAN Bus Monitoring ECU Activations [53.036288487863786]
  We propose CANTXSec, the first deterministic Intrusion Detection and Prevention system based on physical ECU activations.<n>It detects and prevents classical attacks in the CAN bus, while detecting advanced attacks that have been less investigated in the literature.<n>We prove the effectiveness of our solution on a physical testbed, where we achieve 100% detection accuracy in both classes of attacks while preventing 100% of FIAs.
  arXiv  Detail & Related papers  (2025-05-14T13:37:07Z)
• Federated Learning for Cyber Physical Systems: A Comprehensive Survey [49.54239703000928]
  Federated learning (FL) has become increasingly popular in recent years.<n>The article scrutinizes how FL is utilized in critical CPS applications, e.g., intelligent transportation systems, cybersecurity services, smart cities, and smart healthcare solutions.
  arXiv  Detail & Related papers  (2025-05-08T01:17:15Z)
• Enhancing Network Security Management in Water Systems using FM-based Attack Attribution [43.48086726793515]
  We propose a novel model-agnostic Factorization Machines (FM)-based approach that capitalizes on water system sensor-actuator interactions to provide granular explanations and attributions for cyber attacks.<n>In multi-feature cyber attack scenarios involving intricate sensor-actuator interactions, our FM-based attack attribution method effectively ranks attack root causes, achieving approximately 20% average improvement over SHAP and LEMNA.
  arXiv  Detail & Related papers  (2025-03-03T06:52:00Z)
• A Survey of Anomaly Detection in Cyber-Physical Systems [1.2891210250935148]
  This paper provides an overview of the different ways researchers have approached anomaly detection in CPS.<n>We categorize and compare methods like machine learning, deep learning, mathematical models, invariant, and hybrid techniques.<n>Our goal is to help readers understand the strengths and weaknesses of these methods and how they can be used to create safer, more reliable CPS.
  arXiv  Detail & Related papers  (2025-02-18T19:38:18Z)
• Enhanced Anomaly Detection in Industrial Control Systems aided by Machine Learning [2.2457306746668766]
  This study investigates whether combining both network and process data can improve attack detection in ICSs environments. Our findings suggest that integrating network traffic with operational process data can enhance detection capabilities. Although the results are promising, they are preliminary and highlight the need for further studies.
  arXiv  Detail & Related papers  (2024-10-25T17:41:33Z)
• Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
  We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
  arXiv  Detail & Related papers  (2024-01-22T14:16:37Z)
• Learning-Based Vulnerability Analysis of Cyber-Physical Systems [10.066594071800337]
  This work focuses on the use of deep learning for vulnerability analysis of cyber-physical systems. We consider a control architecture widely used in CPS (e.g., robotics) where the low-level control is based on e.g., the extended Kalman filter (EKF) and an anomaly detector. To facilitate analyzing the impact potential sensing attacks could have, our objective is to develop learning-enabled attack generators.
  arXiv  Detail & Related papers  (2021-03-10T06:52:26Z)
• Resilient Machine Learning for Networked Cyber Physical Systems: A Survey for Machine Learning Security to Securing Machine Learning for CPS [3.5643245407473545]
  Cyber Physical Systems (CPS) are characterized by their ability to integrate the physical and information worlds. An attraction for cyber concerns in CPS rises from the process of sending information from sensors to actuators over the wireless communication medium. In a world of increasing adversaries, it is becoming more difficult to totally prevent CPS from adversarial attacks. Resilient CPS are designed to withstand disruptions and remain functional despite the operation of adversaries.
  arXiv  Detail & Related papers  (2021-02-14T20:50:18Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.