Abstract
Data-centric approaches are becoming increasingly common in the creation of defense mechanisms for critical infrastructure such as the electric power grid and water treatment plants. Such approaches often use well-known methods from machine learning and system identification, i.e., the Multi-Layer Perceptron, Convolutional Neural Network, and Deep Auto Encoders to create process anomaly detectors. Such detectors are then evaluated using data generated from an operational plant or a simulator; rarely is the assessment conducted in real time on a live plant. Regardless of the method to create an anomaly detector, and the data used for performance evaluation, there remain significant challenges that ought to be overcome before such detectors can be deployed with confidence in city-scale plants or large electric power grids. This position paper enumerates such challenges that the authors have faced when creating data-centric anomaly detectors and using them in a live plant.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 6th ACM on Cyber-Physical System Security Workshop |
| Place of Publication | New York, USA |
| Pages | 23–29 |
| Number of pages | 7 |
| DOIs | |
| Publication status | Published - 31 Oct 2020 |
Keywords
- CPS security
- ICS security
- anomaly detection
- neural networks
- intrusion detection system
- attack detection
- challenges in ids
- machine learning