FALCON: Framework for Anomaly Detection in Industrial Control Systems

被引:9
|
作者
Sapkota, Subin [1 ]
Mehdy, A. K. M. Nuhil [1 ]
Reese, Stephen [2 ]
Mehrpouyan, Hoda [1 ]
机构
[1] Boise State Univ, Dept Comp Sci, Coll Engn, Boise, ID 83725 USA
[2] Idaho Natl Lab, Idaho Falls, ID 83401 USA
基金
美国国家科学基金会;
关键词
industrial controls systems; attack detection; neural networks;
D O I
10.3390/electronics9081192
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Industrial Control Systems (ICS) are used to control physical processes in critical infrastructure. These systems are used in a wide variety of operations such as water treatment, power generation and distribution, and manufacturing. While the safety and security of these systems are of serious concern, recent reports have shown an increase in targeted attacks aimed at manipulating physical processes to cause catastrophic consequences. This trend emphasizes the need for algorithms and tools that provide resilient and smart attack detection mechanisms to protect ICS. In this paper, we propose an anomaly detection framework for ICS based on a deep neural network. The proposed methodology uses dilated convolution and long short-term memory (LSTM) layers to learn temporal as well as long term dependencies within sensor and actuator data in an ICS. The sensor/actuator data are passed through a unique feature engineering pipeline where wavelet transformation is applied to the sensor signals to extract features that are fed into the model. Additionally, this paper explores four variations of supervised deep learning models, as well as an unsupervised support vector machine (SVM) model for this problem. The proposed framework is validated on Secure Water Treatment testbed results. This framework detects more attacks in a shorter period of time than previously published methods.
引用
收藏
页码:1 / 20
页数:20
相关论文
共 50 条
  • [41] INDUSTRIAL CONTROL SYSTEM FINGERPRINTING AND ANOMALY DETECTION
    Peng, Yong
    Xiang, Chong
    Gao, Haihui
    Chen, Dongqing
    Ren, Wang
    [J]. CRITICAL INFRASTRUCTURE PROTECTION IX, 2015, 466 : 73 - 85
  • [42] Palisade: A framework for anomaly detection in embedded systems
    Kauffman, Sean
    Dunne, Murray
    Gracioli, Giovani
    Khan, Waleed
    Benann, Nirmal
    Fischmeister, Sebastian
    [J]. JOURNAL OF SYSTEMS ARCHITECTURE, 2021, 113
  • [43] A Machine Learning Approach for Anomaly Detection in Industrial Control Systems Based on Measurement Data
    Mokhtari, Sohrab
    Abbaspour, Alireza
    Yen, Kang K.
    Sargolzaei, Arman
    [J]. ELECTRONICS, 2021, 10 (04) : 1 - 13
  • [44] Anomaly Detection for Industrial Control Systems Using K-Means and Convolutional Autoencoder
    Chang, Chun-Pi
    Hsu, Wen-Chiao
    Liao, I-En
    [J]. 2019 27TH INTERNATIONAL CONFERENCE ON SOFTWARE, TELECOMMUNICATIONS AND COMPUTER NETWORKS (SOFTCOM), 2019, : 136 - 141
  • [45] TABOR: A Graphical Model-based Approach for Anomaly Detection in Industrial Control Systems
    Lin, Qin
    Adepu, Sridhar
    Verwer, Sicco
    Mathur, Aditya
    [J]. PROCEEDINGS OF THE 2018 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (ASIACCS'18), 2018, : 525 - 536
  • [46] Leveraging Determinism in Industrial Control Systems for Advanced Anomaly Detection and Reliable Security Configuration
    Hadeli, Hadeli
    Schierholz, Ragnar
    Braendle, Markus
    Tuduce, Cristian
    [J]. 2009 IEEE CONFERENCE ON EMERGING TECHNOLOGIES & FACTORY AUTOMATION (EFTA 2009), 2009,
  • [47] Anomaly Detection for Industrial Control Systems Using Sequence-to-Sequence Neural Networks
    Kim, Jonguk
    Yun, Jeong-Han
    Kim, Hyoung Chun
    [J]. COMPUTER SECURITY, ESORICS 2019, 2020, 11980 : 3 - 18
  • [48] Using timing-based side channels for anomaly detection in industrial control systems
    Dunlap, Stephen
    Butts, Jonathan
    Lopez, Juan
    Rice, Mason
    Mullins, Barry
    [J]. INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURE PROTECTION, 2016, 15 : 12 - 26
  • [49] MENDEL: Time series anomaly detection using transfer learning for industrial control systems
    Park, Jeongyong
    Kim, Bedeuro
    Kim, Hyoungshick
    [J]. 2023 IEEE INTERNATIONAL CONFERENCE ON BIG DATA AND SMART COMPUTING, BIGCOMP, 2023, : 261 - 268
  • [50] Anomaly Detection based on Robust Spatial-temporal Modeling for Industrial Control Systems
    Li, Shijie
    Liu, Junjiao
    Pan, Zhiwen
    Lv, Shichao
    Si, Shuaizong
    Sun, Limin
    [J]. 2022 IEEE 19TH INTERNATIONAL CONFERENCE ON MOBILE AD HOC AND SMART SYSTEMS (MASS 2022), 2022, : 355 - 363