首页|Mode division-based anomaly detection against integrity and availability attacks in industrial cyber-physical systems
Mode division-based anomaly detection against integrity and availability attacks in industrial cyber-physical systems
扫码查看
点击上方二维码区域,可以放大扫码查看
原文链接
NSTL
Elsevier
? 2022 Elsevier B.V.Integrity and availability attacks can cause serious damage to modern industrial cyber-physical systems (ICPS). It is critical to detect and identify these attacks promptly and accurately. This paper investigates the anomaly detection for ICPS in the process industry. Three typical attacks, the Stuxnet-like, denial-of-service, and false data injection, are taken as specific defense targets. We propose to detect anomalies by quantifying the dynamic variations of generalized model implied by operating data, and present a mode division as the novel detection framework. The subspace technique and a quantization method for the amplitude-frequency characteristic deviation are employed to design the detector, which can be deployed independently in the active ICPS and does not cause any loss of control performance. An attack-defense experimental platform is developed to evaluate the detector under the attack scenarios of interest. The results show that the detector can detect any of the three attacks in a maximum of 28 s after the attack onset, and that these attacks can be distinguished by combining the state estimation residuals and system errors.
Anomaly detectionIndustrial Cyber-physical systemsIndustrial Internet of ThingsSecurity detectionStuxnet
Liu B.、Chen J.、Hu Y.
展开 >
Engineering Research Center of Metallurgical Automation and Measurement Technology Ministry of Education Wuhan University of Science and Technology
Science and Technology on Space Intelligent Control Laboratory Beijing Institute of Control Engineering
NSTL
Elsevier
