Few-shot Detection of Anomalies in Industrial Cyber-Physical System via Prototypical Network and Contrastive Learning

The rapid development of Industry 4.0 has amplified the scope and destructiveness of industrial Cyber-Physical System (CPS) by network attacks. Anomaly detection techniques are employed to identify these attacks and guarantee the normal operation of industrial CPS. However, it is still a challenging problem to cope with scenarios with few labeled samples. In this paper, we propose a few-shot anomaly detection model (FSL-PN) based on prototypical network and contrastive learning for identifying anomalies with limited labeled data from industrial CPS. Specifically, we design a contrastive loss to assist the training process of the feature extractor and learn more fine-grained features to improve the discriminative performance. Subsequently, to tackle the overfitting issue during classifying, we construct a robust cost function with a specific regularizer to enhance the generalization capability. Experimental results based on two public imbalanced datasets with few-shot settings show that the FSL-PN model can significantly improve F1 score and reduce false alarm rate (FAR) for identifying anomalous signals to guarantee the security of industrial CPS.

[1]  Haibin Sun,et al.  Adaptive tracking control of switched cyber-physical systems with cyberattacks , 2022, Appl. Math. Comput..

[2]  Jianhua Ma,et al.  Siamese Neural Network Based Few-Shot Learning for Anomaly Detection in Industrial Cyber-Physical Systems , 2021, IEEE Transactions on Industrial Informatics.

[3]  Sang-goo Lee,et al.  Masked Contrastive Learning for Anomaly Detection , 2021, IJCAI.

[4]  Jianhua Ma,et al.  Variational LSTM Enhanced Anomaly Detection for Industrial Big Data , 2021, IEEE Transactions on Industrial Informatics.

[5]  Junfei Qiao,et al.  Ensemble Meta-Learning for Few-Shot Soot Density Recognition , 2021, IEEE Transactions on Industrial Informatics.

[6]  Zhenguo Li,et al.  DetCo: Unsupervised Contrastive Learning for Object Detection , 2021, 2021 IEEE/CVF International Conference on Computer Vision (ICCV).

[7]  Hang Xu,et al.  Driver Anomaly Detection: A Dataset and Contrastive Learning Approach , 2020, 2021 IEEE Winter Conference on Applications of Computer Vision (WACV).

[8]  Qi Sun,et al.  Resilient Model Predictive Control of Cyber–Physical Systems Under DoS Attacks , 2020, IEEE Transactions on Industrial Informatics.

[9]  Abhisek Ukil,et al.  Smart I/O Modules for Mitigating Cyber-Physical Attacks on Industrial Control Systems , 2020, IEEE Transactions on Industrial Informatics.

[10]  Yanxia Sun,et al.  A Deep Long Short-Term Memory based classifier for Wireless Intrusion Detection System , 2020, ICT Express.

[11]  Hailong Yang,et al.  A Gated Few-shot Learning Model For Anomaly Detection , 2020, 2020 International Conference on Information Networking (ICOIN).

[12]  Ross B. Girshick,et al.  Momentum Contrast for Unsupervised Visual Representation Learning , 2019, 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR).

[13]  Wen-Zhan Song,et al.  Enhanced Cyber-Physical Security in Internet of Things Through Energy Auditing , 2019, IEEE Internet of Things Journal.

[14]  Ali Razavi,et al.  Data-Efficient Image Recognition with Contrastive Predictive Coding , 2019, ICML.

[15]  James T. Kwok,et al.  Generalizing from a Few Examples , 2019, ACM Comput. Surv..

[16]  R. Devon Hjelm,et al.  Learning deep representations by mutual information estimation and maximization , 2018, ICLR.

[17]  Asaf Shabtai,et al.  Detecting Cyber Attacks in Industrial Control Systems Using Convolutional Neural Networks , 2018, CPS-SPC@CCS.

[18]  Jiang Li,et al.  A few-shot deep learning approach for improved intrusion detection , 2017, 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON).

[19]  Ali Davoudi,et al.  Detection of False-Data Injection Attacks in Cyber-Physical DC Microgrids , 2017, IEEE Transactions on Industrial Informatics.

[20]  Fengjun Li,et al.  Cyber-Physical Systems Security—A Survey , 2017, IEEE Internet of Things Journal.

[21]  Masato Uchida,et al.  Human error tolerant anomaly detection based on time-periodic packet sampling , 2016, Knowl. Based Syst..

[22]  Ping Zhang,et al.  Detection of covert attacks and zero dynamics attacks in cyber-physical systems , 2016, 2016 American Control Conference (ACC).

[23]  Jill Slay,et al.  The evaluation of Network Anomaly Detection Systems: Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set , 2016, Inf. Secur. J. A Glob. Perspect..

[24]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[25]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[26]  Hiroshi Sako,et al.  Effects of classifier structures and training regimes on integrated segmentation and recognition of handwritten numeral strings , 2004, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[27]  Lior Wolf,et al.  Anomaly Detection for Tabular Data with Internal Contrastive Learning , 2022, ICLR.