Learning Based Anomaly Detection in Critical Cyber-Physical Systems

Cyber-physical system (CPS) has been one of the important parts of infrastructures and industrial control systems for years. Its footprint is seen in a wide range of domains including medical systems, automotive systems, environmental control, avionics, robotics, energy conservation, smart structure, etc. Due to the recent large-scale distribution, CPSs are more complicated than before, and they are facing a considerable number of challenges. For instance, the rate of uncertainty that they should handle has increased, and they have become more vulnerable to cyber-attacks. In order to manage unprecedented situations and uncertainty, CPS-run software should be able to control the operations of CPS, while remaining self-adaptive and goal-aware. Moreover, due to the devastating and irrecoverable consequences of CPS-specific attacks, there is a huge need to be able to detect and predict such attacks before happening. Anomaly detection is considered as a decent technique in identifying vulnerabilities in software systems. The best method that provides novel security technologies is machine-learning algorithms, which are widely used in anomaly detection in CPS networks. In this paper, different algorithms are implemented for detecting anomalies in order to confirm that machine learning and deep learning methods have strong potential to be used for attack detection in critical cyber- physical infrastructures.

[1]  Liviu Miclea,et al.  Cyber-Physical Systems - Concept, Challenges and Research Areas , 2012 .

[2]  Heejo Lee,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[3]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[4]  Yuan Xue,et al.  Taxonomy for description of cross-domain attacks on CPS , 2013, HiCoNS '13.

[5]  Siu-Ming Yiu,et al.  Security Issues and Challenges for Cyber Physical System , 2010, 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing.

[6]  D. Malathi,et al.  A Survey on Anomaly Based Host Intrusion Detection System , 2018 .

[7]  Hadis Karimipour,et al.  Joint State Estimation and Cyber-Attack Detection Based on Feature Grouping , 2019, 2019 IEEE 7th International Conference on Smart Energy Grid Engineering (SEGE).

[8]  Amr M. Youssef,et al.  Security Tradeoffs in Cyber Physical Systems: A Case Study Survey on Implantable Medical Devices , 2016, IEEE Access.

[9]  Zahir Tari,et al.  An Efficient Data-Driven Clustering Technique to Detect Attacks in SCADA Systems , 2016, IEEE Transactions on Information Forensics and Security.

[10]  Chun-Hung Richard Lin,et al.  Intrusion detection system: A comprehensive review , 2013, J. Netw. Comput. Appl..

[11]  Gianluca Dini,et al.  MADAM: A Multi-level Anomaly Detector for Android Malware , 2012, MMM-ACNS.

[12]  Krishnendu Chakrabarty,et al.  A cyberphysical synthesis approach for error recovery in digital microfluidic biochips , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[13]  M. A. Jabbar,et al.  Cyber Physical Systems(CPS):Security Issues, Challenges and Solutions , 2017 .

[14]  Felix Naumann,et al.  Data fusion , 2009, CSUR.

[15]  Hadis Karimipour,et al.  An improved two-hidden-layer extreme learning machine for malware hunting , 2020, Comput. Secur..

[16]  Hadis Karimipour,et al.  Cyber intrusion detection by combined feature selection algorithm , 2019, J. Inf. Secur. Appl..

[17]  Paul Honeine,et al.  ${l_p}$-norms in One-Class Classification for Intrusion Detection in SCADA Systems , 2014, IEEE Transactions on Industrial Informatics.

[18]  Hadis Karimipour,et al.  Robust Massively Parallel Dynamic State Estimation of Power Systems Against Cyber-Attack , 2018, IEEE Access.

[19]  Laurence T. Yang,et al.  Data Mining for Internet of Things: A Survey , 2014, IEEE Communications Surveys & Tutorials.

[20]  Ali Dehghantanha,et al.  Fuzzy pattern tree for edge malware detection and categorization in IoT , 2019, J. Syst. Archit..

[21]  Calin Belta,et al.  Anomaly detection in cyber-physical systems: A formal methods approach , 2014, 53rd IEEE Conference on Decision and Control.

[22]  Ali Dehghantanha,et al.  A survey on internet of things security: Requirements, challenges, and solutions , 2019, Internet Things.

[23]  Qiang Chen,et al.  Multivariate Statistical Analysis of Audit Trails for Host-Based Intrusion Detection , 2002, IEEE Trans. Computers.

[24]  Yenumula B. Reddy,et al.  Cyber-Physical Systems: Survey , 2014 .

[25]  Ali Dehghantanha,et al.  A deep unsupervised representation learning approach for effective cyber-physical attack detection and identification on highly imbalanced data , 2019, CASCON.

[26]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[27]  Xue Li,et al.  A Novel Sparse False Data Injection Attack Method in Smart Grids with Incomplete Power Network Information , 2018, Complex..

[28]  Henry Leung,et al.  Intelligent Anomaly Detection for Large-scale Smart Grids , 2019, 2019 IEEE Canadian Conference of Electrical and Computer Engineering (CCECE).

[29]  R. Sekar,et al.  Specification-based anomaly detection: a new approach for detecting network intrusions , 2002, CCS '02.

[30]  Henry Leung,et al.  Relaxation-based anomaly detection in cyber-physical systems using ensemble kalman filter , 2019, IET Cyper-Phys. Syst.: Theory & Appl..

[31]  Edward A. Lee,et al.  Introduction to Embedded Systems - A Cyber-Physical Systems Approach , 2013 .

[32]  Cristina Alcaraz,et al.  Context-Awareness Using Anomaly-Based Detectors for Smart Grid Domains , 2014, CRiSIS.

[33]  Wei Gao,et al.  On SCADA control system command and response injection and intrusion detection , 2010, 2010 eCrime Researchers Summit.

[34]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[35]  Ali Dehghantanha,et al.  Security Aspects of Internet of Things aided Smart Grids: a Bibliometric Survey , 2019, Internet Things.

[36]  Frank Vahid,et al.  A Survey on Concepts, Applications, and Challenges in Cyber-Physical Systems , 2014, KSII Trans. Internet Inf. Syst..

[37]  Insup Lee,et al.  Cyber-physical systems: The next computing revolution , 2010, Design Automation Conference.

[38]  Hadis Karimipour,et al.  Multivariate Mutual Information-based Feature Selection for Cyber Intrusion Detection , 2018, 2018 IEEE Electrical Power and Energy Conference (EPEC).

[39]  Matthias Schonlau,et al.  Support Vector Machines , 2016 .

[40]  Simin Nadjm-Tehrani,et al.  Crowdroid: behavior-based malware detection system for Android , 2011, SPSM '11.

[41]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[42]  Sha Tao,et al.  Robust Optimization for Integrated Construction Scheduling and Multiscale Resource Allocation , 2018, Complex..

[43]  Thomas H. Morris,et al.  Machine learning for power system disturbance and cyber-attack discrimination , 2014, 2014 7th International Symposium on Resilient Control Systems (ISRCS).

[44]  Sridhar Adepu,et al.  Anomaly Detection in Cyber Physical Systems Using Recurrent Neural Networks , 2017, 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE).

[45]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[46]  Shikha Agrawal,et al.  Survey on Anomaly Detection using Data Mining Techniques , 2015, KES.

[47]  Dimitrios Serpanos,et al.  The Cyber-Physical Systems Revolution , 2018, Computer.

[48]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[49]  Ali Dehghantanha,et al.  Smart Grid Cyber Attacks Detection Using Supervised Learning and Heuristic Feature Selection , 2019, 2019 IEEE 7th International Conference on Smart Energy Grid Engineering (SEGE).

[50]  Helen Gill,et al.  Cyber-Physical Systems , 2019, 2019 IEEE International Conference on Mechatronics (ICM).

[51]  Hadis Karimipour,et al.  A Layered Intrusion Detection System for Critical Infrastructure Using Machine Learning , 2019, 2019 IEEE 7th International Conference on Smart Energy Grid Engineering (SEGE).

[52]  Edward A. Lee Cyber Physical Systems: Design Challenges , 2008, 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC).

[53]  Khurum Nazir Junejo,et al.  Behaviour-Based Attack Detection and Classification in Cyber Physical Systems Using Machine Learning , 2016, CPSS@AsiaCCS.

[54]  Jiafu Wan,et al.  A survey of Cyber-Physical Systems , 2011, 2011 International Conference on Wireless Communications and Signal Processing (WCSP).

[55]  Žliobait . e,et al.  Learning under Concept Drift: an Overview , 2010 .

[56]  Henry Leung,et al.  A Deep and Scalable Unsupervised Machine Learning System for Cyber-Attack Detection in Large-Scale Smart Grids , 2019, IEEE Access.