This paper presents an anomaly-based methodology for reliable detection of integrity attacks in cyber-physical critical infrastructures. Such malicious events compromise the smooth operation of the infrastructure while the attacker is able to exploit the respective resources according to his/her purposes. Even though the operator may not understand the attack, since the overall system appears to remain in a steady state, the consequences may be of catastrophic nature with a huge negative impact. Here, we apply a deep learning technique and more specifically reservoir networks. They follow the supervised learning principle for recurrent neural networks, while the fundamental logic is to steer a random, large, fixed recurrent neural network with the input signal to the desired direction (class, probability, etc.). Their great advantage is the fact that the only part in need of training is the output layer which is a linear combination of all of the response signals. In addition we consider both temporal and functional dependencies existing among the elements of an infrastructure. The experimental platform includes a simulator of both a power grid and a cyber-network of the IEEE-9 bus model. Subsequently we implemented a wide range of integrity attacks (replay, ramp, pulse, scaling, and random) with different intensity levels. A thorough evaluation procedure is carried out while the results demonstrate the ability of the proposed method to produce a desired result in terms of false positive rate, false negative rate and detection delay.
Previous Article in event
Previous Article in session
Next Article in event
Detection of Integrity Attacks in Cyper Physical Systems Based On Reservoir Networks
Published:
13 November 2015
by MDPI
in 2nd International Electronic Conference on Entropy and Its Applications
session Machine Learning and Systems Theory
Abstract: