Abstract
Industrial control systems (ICSs) are widely used and vital to industry and society. Their failure can have severe impact on both the economy and human life. Hence, these systems have become an attractive target for physical and cyber attacks alike. In this article, we examine an attack detection method based on simple and lightweight neural networks, namely, 1D convolutional neural networks and autoencoders. We apply these networks to both the time and frequency domains of the data and discuss the pros and cons of each representation approach. The suggested method is evaluated on three popular public datasets, and detection rates matching or exceeding previously published detection results are achieved, while demonstrating a small footprint, short training and detection times, and generality. We also show the effectiveness of PCA, which, given proper data preprocessing and feature selection, can provide high attack detection rates in many settings. Finally, we study the proposed method's robustness against adversarial attacks that exploit inherent blind spots of neural networks to evade detection while achieving their intended physical effect. Our results show that the proposed method is robust to such evasion attacks: in order to evade detection, the attacker is forced to sacrifice the desired physical impact on the system.
| Original language | American English |
|---|---|
| Pages (from-to) | 2179-2197 |
| Number of pages | 19 |
| Journal | IEEE Transactions on Dependable and Secure Computing |
| Volume | 19 |
| Issue number | 4 |
| DOIs | |
| State | Published - 1 Jan 2022 |
Keywords
- Anomaly detection
- adversarial machine learning
- adversarial robustness
- autoencoders
- convolutional neural networks
- frequency analysis
- industrial control systems
All Science Journal Classification (ASJC) codes
- General Computer Science
- Electrical and Electronic Engineering
