Cyber-Attack Detection in Water Distribution Systems Based on Blind Sources Separation Technique

Brentan, Bruno Melo; Rezende, Pedro J. de; Barros, Daniel Bezerra; Lima, Gustavo Meirelles; Luvizotto, Edevar; Izquierdo, Joaquín

doi:10.3390/w13060795

Cited by 14 publications

(7 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Hence, combining both algorithms is paramount to providing high normalized accuracy and a reliable detection system. [26] 0.98 0.96 0.97 ANN [24] 0.95 0.95 0.94 PCA [23] 0.96 0.93 0.92 RNN [32] 0.98 0.85 0.89 Statistical analysis [25] 0.86 0.88 0.77 RForest [22] 0.78 0.42 0.53 QDA [6] 0.94 0.95 0.94 MD [6] 0.92 0.90 0.91 Ensemble [6] 0.92 0.89 0.91 LOF [6] 0.89 0.85 0.87 SOD [6] 0.88 0.83 0.86 Naive Bayes [6] 0.50 1 0.75 LDA [6] 0.69 0.65 0.67 Statistical analysis [29] 0.973 0.19 0.973 ANN and PCA [54] 0.953 0.984 0.966 5NN [30] 0.512 0.323 0.418 ANN [30] 0.708 0.759 0.749 SVM [30] 0.756 0.722 0.754 ELM [30] 0.841 0.941 0.591 Table 5. S ACC , TTD, and S in stage 2 of using 6 h granularity.…”

Section: Results Discussion and Performance Evaluationmentioning

confidence: 99%

“…These algorithms are Quadratic Discriminant Analysis (QDA), Mahalanobis Distance (MD), Local Outlier Factor (LOF), Subspace Outlier Degree (SOD), Naive Bayes (NB), Once-Class Support Vector Machine (OSVM), Linear Discriminant Analysis (LDA) and Ensemble model of parametric & Non-parametric algorithms. Brentan et al in [29] also utilized a two-step framework of attack detection in which fast Independent Component Analysis (fastICA) algorithm is applied followed by a statistical control algorithm. Moreover, Young et al [30] constructed an attack detection model on the same dataset using 5NN, ANN, and an extreme learning machine.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Time-Series Self-Supervised Learning Approach to Detection of Cyber-physical Attacks in Water Distribution Systems

Mahmoud

Gaber

2022

Energies

View full text Add to dashboard Cite

Water Distribution System (WDS) threats have significantly grown following the Maroochy shire incident, as evidenced by proofed attacks on water premises. As a result, in addition to traditional solutions (e.g., data encryption and authentication), attack detection is being proposed in WDS to reduce disruption cases. The attack detection system must meet two critical requirements: high accuracy and near real-time detection. This drives us to propose a two-stage detection system that uses self-supervised and unsupervised algorithms to detect Cyber-Physical (CP) attacks. Stage 1 uses heuristic adaptive self-supervised algorithms to achieve near real-time decision-making and detection sensitivity of 66% utilizing Boss. Stage 2 attempts to validate the detection of attacks using an unsupervised algorithm to maintain a detection accuracy of 94% utilizing Isolation Forest. Both stages are examined against time granularity and are empirically analyzed against a variety of performance evaluation indicators. Our findings demonstrate that the algorithms in stage 1 are less favored than those in the literature, but their existence enables near real-time decision-making and detection reliability. In stage 2, the isolation Forest algorithm, in contrast, gives excellent accuracy. As a result, both stages can collaborate to maximize accuracy in a near real-time attack detection system.

show abstract

Section: Results Discussion and Performance Evaluationmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

A Time-Series Self-Supervised Learning Approach to Detection of Cyber-physical Attacks in Water Distribution Systems

Mahmoud

Gaber

2022

Energies

View full text Add to dashboard Cite

show abstract

“…In parallel, the use of anomaly detection algorithms can differentiate false data from ordinary sensor noise. Several techniques ranging from fast Independent Component Analysis (Brentan et al., 2021), support vector machines (Nader et al., 2016), hidden Markov chains (Zohrevand et al., 2016), to information theory (Ahmed et al., 2016) have been introduced for this task. The realm of data‐driven anomaly detection remains a fertile ground for further research (Moazeni & Khazaei, 2022).…”

Section: Discussionmentioning

confidence: 99%

Flood Risks of Cyber‐Physical Attacks in a Smart Storm Water System

Lin,

Yang,

Moazeni

2024

Water Resources Research

View full text Add to dashboard Cite

The rise in smart water technologies has introduced new cybersecurity vulnerabilities for water infrastructures. However, the implications of cyber‐physical attacks on the systems like urban drainage systems remain underexplored. This research delves into this gap, introducing a method to quantify flood risks in the face of cyber‐physical threats. We apply this approach to a smart stormwater system—a real‐time controlled network of pond‐conduit configurations, fitted with water level detectors and gate regulators. Our focus is on a specific cyber‐physical threat: false data injection (FDI). In FDI attacks, adversaries introduce deceptive data that mimics legitimate system noises, evading detection. Our risk assessment incorporates factors like sensor noises and weather prediction uncertainties. Findings reveal that FDIs can amplify flood risks by feeding the control system false data, leading to erroneous outflow directives. Notably, FDI attacks can reshape flood risk dynamics across different storm intensities, accentuating flood risks during less severe but more frequent storms. This study offers valuable insights for strategizing investments in smart stormwater systems, keeping cyber‐physical threats in perspective. Furthermore, our risk quantification method can be extended to other water system networks, such as irrigation channels and multi‐reservoir systems, aiding in cyber‐defense planning.

show abstract

“…In this section, a generative model is developed for generating successful FDI attacks targeting the model in (3). Including attack signals in the CPS model in (3) yields the adversarial measurement model…”

Section: Automated Attack Generationmentioning

confidence: 99%

“…In 2015, 25 cyber attacks were disclosed in several water systems [2]. And recently in 2020, a malicious cyber-attack attempted to raise the chlorine level in Israel's water supply to dangerous proportion [3]. Supervisory Control and Data Acquisition (SCADA) is a critical part of the CPCI that is highly susceptible to cyberattacks.…”

Section: Introductionmentioning

confidence: 99%

Algorithm Design for Resilient Cyber-Physical Systems using an Automated Attack Generative Model

Zheng¹,

Sayghe²,

Anubi³

2021

Preprint

View full text Add to dashboard Cite

<div>This paper presents a suite of algorithms for detecting and localizing attacks in cyber-physical systems, and performing improved resilient state estimation through a pruning algorithm. High performance rates for the underlying detection and localization algorithms are achieved by generating training data that cover large region of the attack space. An unsupervised generative model trained by physics-based discriminators is designed to generate successful false data injection attacks. Then the generated adversarial examples are used to train a multi-class deep neural network which detects and localizes the attacks on measurements. Next, a pruning algorithm is included to improve the precision of localization result and provide performance guarantees for the resulting resilient observer. The performance of the proposed method is validated using the numerical simulation of a water distribution cyber-physical system.</div>

show abstract

Cyber-Attack Detection in Water Distribution Systems Based on Blind Sources Separation Technique

Cited by 14 publications

References 35 publications

A Time-Series Self-Supervised Learning Approach to Detection of Cyber-physical Attacks in Water Distribution Systems

A Time-Series Self-Supervised Learning Approach to Detection of Cyber-physical Attacks in Water Distribution Systems

Flood Risks of Cyber‐Physical Attacks in a Smart Storm Water System

Algorithm Design for Resilient Cyber-Physical Systems using an Automated Attack Generative Model

Contact Info

Product

Resources

About