A modeling framework for critical infrastructure and its application in detecting cyber-attacks on a water distribution system

Mishra, Vishrut Kumar; Palleti, Venkata Reddy; Mathur, Aditya P.

doi:10.1016/j.ijcip.2019.05.001

Cited by 19 publications

(12 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For those reasons, we chose to use DNNs that are more flexible on both counts. Specification-based system modeling can also be very effective, as shown by [33] and [7]. In [33], the authors used behavior rules to specify the safe system state for medical Cyber Physical Systems (CPSs) and monitor deviation from these rules.…”

Section: Related Workmentioning

confidence: 99%

“…The WADI dataset was made public recently, and very few attack detection results utilizing this dataset have been published. In [7], the authors proposed an agent-based framework for CPS modeling and used it to detect attacks on the WADI dataset. Unfortunately, the authors of [7] did not publish the quantitative metrics of the detection results, only reporting that 12 of 16 attacks were detected.…”

Section: Wadimentioning

confidence: 99%

“…In [7], the authors proposed an agent-based framework for CPS modeling and used it to detect attacks on the WADI dataset. Unfortunately, the authors of [7] did not publish the quantitative metrics of the detection results, only reporting that 12 of 16 attacks were detected. In [50], the authors use LSTM-based generative adversarial networks (referred to as MAD-GANs in the paper) and show that they outperform other methods, such as PCA, K-nearest neighbors (KNN), and feature bagging (FB) on the SWaT and WADI datasets.…”

Section: Wadimentioning

confidence: 99%

“…However, the very low number of known attacks on ICSs renders this approach ineffective. Alternatively, model-based methods have been proposed to detect anomalous behavior of the monitored ICS [4]- [7]. Unfortunately, creating an accurate model of complex physical processes is a very challenging task.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Detecting Cyber Attacks in Industrial Control Systems Using Convolutional Neural Networks

Kravchik

Shabtai

2018

Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy

235

167

View full text Add to dashboard Cite

Industrial control systems (ICSs) are widely used and vital to industry and society. Their failure can have severe impact on both economics and human life. Hence, these systems have become an attractive target for attacks, both physical and cyber. A number of attack detection methods have been proposed, however they are characterized by a low detection rate, a substantial false positive rate, or are system specific. In this paper, we study an attack detection method based on simple and lightweight neural networks, namely, 1D convolutions and autoencoders. We apply these networks to both the time and frequency domains of the collected data and discuss pros and cons of each approach. We evaluate the suggested method on three popular public datasets and achieve detection rates matching or exceeding previously published detection results, while featuring small footprint, short training and detection times, and generality. We also demonstrate the effectiveness of PCA, which, given proper data preprocessing and feature selection, can provide high attack detection scores in many settings. Finally, we study the proposed method's robustness against adversarial attacks, that exploit inherent blind spots of neural networks to evade detection while achieving their intended physical effect. Our results show that the proposed method is robust to such evasion attacks: in order to evade detection, the attacker is forced to sacrifice the desired physical impact on the system. This finding suggests that neural networks trained under the constraints of the laws of physics can be trusted more than networks trained under more flexible conditions.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Wadimentioning

confidence: 99%

Section: Wadimentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Detecting Cyber Attacks in Industrial Control Systems Using Convolutional Neural Networks

Kravchik

Shabtai

2018

Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy

235

167

View full text Add to dashboard Cite

show abstract

“…Requiring development of invariants, an information execution flow across these domains starting from source to destination is monitored to identify when vulnerabilities that have been exploited have resulted in invariant violation. Mishra et al [108] proposed an agent-based modelling framework to model critical CPS and their interdependencies, to understand the impact of attacks on interconnected critical infrastructures; they evaluated the application of the model to a water distribution system and used invariant-based method [70] to generate rules to detect attacks.…”

Section: Model-based Security Analysismentioning

confidence: 99%

A Systematic Review of the State of Cyber-Security in Water Systems

Tuptuk

Hazell

Watson

et al. 2021

Water

View full text Add to dashboard Cite

Critical infrastructure systems are evolving from isolated bespoke systems to those that use general-purpose computing hosts, IoT sensors, edge computing, wireless networks and artificial intelligence. Although this move improves sensing and control capacity and gives better integration with business requirements, it also increases the scope for attack from malicious entities that intend to conduct industrial espionage and sabotage against these systems. In this paper, we review the state of the cyber-security research that is focused on improving the security of the water supply and wastewater collection and treatment systems that form part of the critical national infrastructure. We cover the publication statistics of the research in this area, the aspects of security being addressed, and future work required to achieve better cyber-security for water systems.

show abstract

An efficient machine learning model for malicious activities recognition in water‐based industrial internet of things

Selim

Hemdan

Shehata

et al. 2021

Security and Privacy

View full text Add to dashboard Cite

The Industrial Control System (ICS) has an important role to reduce the interaction between humans and the industrial system. Cyber‐Physical Systems (CPSs) operate in critical infrastructures such as transport networks, gas, and water distribution networks, Unmanned Aerial Vehicle Systems (UASs), and nuclear power generation. In this paper, we provide a Machine Learning Model for Malicious Activities Recognition in Water‐based Industrial Internet of Things (MARWIIoT). This model can help industrial operators and administrators to recognize any malicious activities against industrial infrastructure. To classify the malicious activity, various machine learning methods, such as Logistic Regression (LR), Linear Discriminant Analysis (LDA), k‐nearest neighbors (KNN), Naïve Bayes (NB), and Support Vector Machine (SVM) can be used. The proposed MARWIIoT model is based on Genetic‐KNN with normalization to classify malicious activities efficiently. This model has been evaluated using a dataset covering 15 anomaly circumstances, including normal system behavior. The circumstances existing addressed various incidents from hardware failure to critical water infrastructure damage. The comprehensive results have indicated that the MARWIIoT model is superlative in compared existing machine learning models because it has the highest performance based on different evaluation metrics such as accuracy, precision, recall, and F1‐Score.

show abstract

A modeling framework for critical infrastructure and its application in detecting cyber-attacks on a water distribution system

Cited by 19 publications

References 32 publications

Detecting Cyber Attacks in Industrial Control Systems Using Convolutional Neural Networks

Detecting Cyber Attacks in Industrial Control Systems Using Convolutional Neural Networks

A Systematic Review of the State of Cyber-Security in Water Systems

An efficient machine learning model for malicious activities recognition in water‐based industrial internet of things

Contact Info

Product

Resources

About