Identifying false data injection attacks in industrial control systems using artificial neural networks

Potluri, Sasanka; Diedrich, Christian; Sangala, Girish Kumar Reddy

doi:10.1109/etfa.2017.8247663

Cited by 35 publications

(16 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In order to select this threshold τ for Mahalanobis distance, we conduct an experiment to vary τ as a function of standard deviation (σ thr ) and mean (μ thr ) of Mahalanobis distance values of all the normal samples in training dataset as shown in (14). We use F1score as the performance metric to choose the value of η of (14) that results in the highest F1-score for training data to decide the optimal value of τ. τ = μ thr + η * σ thr .…”

Section: Corrdet Anomaly Detectionmentioning

confidence: 99%

Hybrid data‐driven physics model‐based framework for enhanced cyber‐physical smart grid security

et al. 2020

View full text Add to dashboard Cite

This paper presents a hybrid data-driven physics model-based framework for real time monitoring in smart grids. As the power grid transitions to the use of smart grid technology, it's real time monitoring becomes more vulnerable to cyber attacks like false data injections (FDI). Although smart grids cyber-physical security has an extensive scope, this paper focuses on FDI attacks, which are modeled as bad data. State of the art strategies for FDI detection in real time monitoring rely on physics model-based weighted least squares state estimation solution and statistical tests. This strategy is inherently vulnerable by the linear approximation and the companion statistical modeling error, which means it can be exploited by a coordinated FDI attack. In order to enhance the robustness of FDI detection, this paper presents a framework which explores the use of data-driven anomaly detection methods in conjunction with physics model-based bad data detection via data fusion. Multiple anomaly detection methods working at both the system level and distributed local detection level are fused. The fusion takes into consideration the confidence of the various anomaly detection methods to provide the best overall detection results. Validation considers tests on the IEEE 118 bus system.

show abstract

Section: Corrdet Anomaly Detectionmentioning

confidence: 99%

Hybrid data‐driven physics model‐based framework for enhanced cyber‐physical smart grid security

et al. 2020

View full text Add to dashboard Cite

show abstract

“…A straightforward approach is to create a separate level 0 monitoring network and compare the sensor data sent to Level 2 with the data received on the original level 0 monitoring network. Other more sophisticated mitigations include the use of autonomous and/or external defenses that can estimate the state of sensors/actuators based on physicsbased models [113], [114]. For the actuation decisions, all the commands should be authenticated using mechanisms of the industrial protocols [115] (see Section VI).…”

Section: ) Mitigationmentioning

confidence: 99%

Industrial and Critical Infrastructure Security: Technical Analysis of Real-Life Security Incidents

Makrakis¹,

Kolias

Kambourakis

et al. 2021

IEEE Access

View full text Add to dashboard Cite

Critical infrastructures and industrial organizations aggressively move towards integrating elements of modern Information Technology (IT) into their monolithic Operational Technology (OT) architectures. Yet, as OT systems progressively become more and more interconnected, they silently have turned into alluring targets for diverse groups of adversaries. Meanwhile, the inherent complexity of these systems, along with their advanced-in-age nature, prevents defenders from fully applying contemporary security controls in a timely manner. Forsooth, the combination of these hindering factors has led to some of the most severe cybersecurity incidents of the past years. This work contributes a full-fledged and upto-date survey of the most prominent threats and attacks against Industrial Control Systems and critical infrastructures, along with the communication protocols and devices adopted in these environments. Our study highlights that threats against critical infrastructure follow an upward spiral due to the mushrooming of commodity tools and techniques that can facilitate either the early or late stages of attacks. Furthermore, our survey exposes that existing vulnerabilities in the design and implementation of several of the OTspecific network protocols and devices may easily grant adversaries the ability to decisively impact physical processes. We provide a categorization of such threats and the corresponding vulnerabilities based on various criteria. As far as we are aware, this is the first time an exhaustive and detailed survey of this kind is attempted.

show abstract

“…A variety of machine learning methods have been developed to detect FDI attacks in the literature. Some methods rely on neural network‐based approaches to identify FDI samples, such as using a simple neural network architecture [24] or deep belief networks [21, 23]. Neural network‐based methods are capable of learning a non‐linear classifier to detect abnormal samples but with the high cost of computation complexity especially when the network is deep.…”

Section: Background Informationmentioning

confidence: 99%

“…Another advancement in bad data analysis in power systems is the surge in machine learning and artificial intelligence research. These studies are mainly based on neural network, deep learning and fuzzy clustering approaches [21–24]. More recently, physics‐model based solutions have been integrated with data‐driven solutions [25, 26] to take advantage of the temporal characteristics of real‐time data.…”

Section: Introductionmentioning

confidence: 99%

Ensemble CorrDet with adaptive statistics for bad data detection

et al. 2020

View full text Add to dashboard Cite

Identifying false data injection attacks in industrial control systems using artificial neural networks

Cited by 35 publications

References 5 publications

Hybrid data‐driven physics model‐based framework for enhanced cyber‐physical smart grid security

Hybrid data‐driven physics model‐based framework for enhanced cyber‐physical smart grid security

Industrial and Critical Infrastructure Security: Technical Analysis of Real-Life Security Incidents

Ensemble CorrDet with adaptive statistics for bad data detection

Contact Info

Product

Resources

About