Deep Learning-based Anomaly Detection in Cyber-physical Systems

Luo, Yuan; Xiao, Yao; Cheng, Long; Peng, Guojun; Yao, Danfeng

doi:10.1145/3453155

Cited by 153 publications

(65 citation statements)

References 79 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [61], CPSs require the monitoring of network health information in a real-time and continuous manner in order to maintain the appropriate performance. However, as CPSs become more complicated and faults are increasingly diverse, the traditional methods for CPS anomaly detection and network performance estimation become less effective [62]. This motivated the use of ML-based approaches that do not rely on domain-specific knowledge [62,63].…”

Section: Discussion and Future Directionmentioning

confidence: 99%

“…However, as CPSs become more complicated and faults are increasingly diverse, the traditional methods for CPS anomaly detection and network performance estimation become less effective [62]. This motivated the use of ML-based approaches that do not rely on domain-specific knowledge [62,63]. These ML-based approaches have been widely used in CPS anomaly detection related to various types of attacks [62].…”

Section: Discussion and Future Directionmentioning

confidence: 99%

See 1 more Smart Citation

Machine learning based wireless interference estimation in a robotic force-seeking application

Candell¹,

Kashef²,

Montgomery³

et al. 2022

View full text Add to dashboard Cite

Wide deployment of wireless communications plays an essential role in the vision of future cyber-physical systems (CPSs), which includes massive transfer of automation information. Many practical considerations of industrial CPSs affect the success of the deployment of industrial wireless networks, and, thus, can inhibit their widespread adoption. These considerations include multi-path propagation, network congestion, and jamming interference. Jamming is of chief concern when wireless is used for mission critical or safety integrated systems. In this paper, an experimental platform consisting of a robot arm depressing a spring mechanism with a wireless force-feedback control algorithm is constructed. The robot applies downward pressure on a spring assembly until a predetermined force is detected and transmitted successfully to the controller under varying levels of sustained interference. Machine learning is used to learn and predict the signal-to-interference level of the communication link solely using position information from an independent vision tracking system. Various supervised learning algorithms are investigated and rated according to their performance.

show abstract

Section: Discussion and Future Directionmentioning

confidence: 99%

Section: Discussion and Future Directionmentioning

confidence: 99%

Machine learning based wireless interference estimation in a robotic force-seeking application

Candell¹,

Kashef²,

Montgomery³

et al. 2022

View full text Add to dashboard Cite

show abstract

“…These matrices are then given as input to a convolutional encoder and an attention-based convolutional Long Short Term Memory (LSTM) to capture the temporal patterns. The same data representation has been used in (Luo et al, 2021), and applied to CPSs. In this case, a single scale has been used and the different time series represent measurements provided by a set of sensors.…”

Section: Security Approaches Based On Multi-dimensional Representation Of Traffic Datamentioning

confidence: 99%

“…According to the CPS definition, the distributed context could work both analyzing the measurements, and processing the network traffic data. Since, as pointed out in (Luo et al, 2021), the majority of the research literature has focused on detecting anomalies from sensor and actuator data, in this work we aim at analyzing the anomaly detection issue from the network traffic data point of view. Concerning the local data, in this case, they may concern the operating conditions of the CPS (e.g., weather forecast or presence of natural emergencies like fires and earthquakes), and the cost of the different mitigation actions.…”

Section: Cps Security Case Studymentioning

confidence: 99%

Analysis of a 2D Representation for CPS Anomaly Detection in a Context-Based Security Framework

Baldoni

Carli

Battisti

2022

Front. Signal Process.

View full text Add to dashboard Cite

In this contribution, a flexible context-based security framework is proposed by exploring two types of context: distributed and local. While the former consists in processing information from a set of spatially distributed sources, the second accounts for the local environment surrounding the monitored system. The joint processing of these two types of information allows the identification of the anomaly cause, differentiating between natural and attack-related events, and the suggestion of the best mitigation strategy. In this work, the proposed framework is applied the Cyber Physical Systems scenario. More in detail, we focus on the distributed context analysis investigating the definition of a 2D representation of network traffic data. The suitability of four representation variables has been evaluated, and the variable selection has been performed.

show abstract

“…CPSs are a prime target for many cyber attack vectors such as Denial-of-Service (DOS), data injection, and interception schemes [17,18]. Anomaly Detection Systems (ADSs) are becoming a common component of CPSs which are implemented to detect anomalies in CPS networks [19]. These anomalies may be signs that an intruder is attempting unauthorized access to the system [20].…”

Section: Related Workmentioning

confidence: 99%

Data-Driven Correlation of Cyber and Physical Anomalies for Holistic System Health Monitoring

Marino¹,

Wickramasinghe

Tsouvalas

et al. 2021

IEEE Access

View full text Add to dashboard Cite

Concerns of cyber-security threats are increasingly becoming a part of everyday operations of cyber-physical systems, especially in the context of critical infrastructures. However, despite the tight integration of cyber and physical components in modern critical infrastructures, the monitoring of cyber and physical subsystems is still done separately. For successful health monitoring of such systems, a holistic approach is needed. In this paper, we present an approach for holistic health monitoring of cyber-physical systems based on cyber and physical anomaly detection and correlation. We provide a data-driven approach for the detection of cyber and physical anomalies based on machine learning. The benefits of the presented approach are: 1) integrated architecture that supports acquisition and real-time analysis of both cyber and physical data; 2) a metric for holistic health monitoring that allows for differentiation between physical faults, cyber intrusion, and cyber-physical attacks. We present experimental analysis on a power-grid use case using the IEEE-33 bus model. The system was tested on several types of attacks such as network scan, Denial of Service (DOS), and malicious command injections.

show abstract

Deep Learning-based Anomaly Detection in Cyber-physical Systems

Cited by 153 publications

References 79 publications

Machine learning based wireless interference estimation in a robotic force-seeking application

Machine learning based wireless interference estimation in a robotic force-seeking application

Analysis of a 2D Representation for CPS Anomaly Detection in a Context-Based Security Framework

Data-Driven Correlation of Cyber and Physical Anomalies for Holistic System Health Monitoring

Contact Info

Product

Resources

About