Challenges in machine learning based approaches for real-time anomaly detection in industrial control systems

Chuadhry Mujeeb Ahmed; Gauthama Raman M R; Aditya P. Mathur

doi:10.1145/3384941.3409588

Challenges in machine learning based approaches for real-time anomaly detection in industrial control systems

Chuadhry Mujeeb Ahmed, Gauthama Raman M R, Aditya P. Mathur

Computer And Information Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution book

1 Citation (Scopus)

4 Downloads (Pure)

Abstract

Data-centric approaches are becoming increasingly common in the creation of defense mechanisms for critical infrastructure such as the electric power grid and water treatment plants. Such approaches often use well-known methods from machine learning and system identification, i.e., the Multi-Layer Perceptron, Convolutional Neural Network, and Deep Auto Encoders to create process anomaly detectors. Such detectors are then evaluated using data generated from an operational plant or a simulator; rarely is the assessment conducted in real time on a live plant. Regardless of the method to create an anomaly detector, and the data used for performance evaluation, there remain significant challenges that ought to be overcome before such detectors can be deployed with confidence in city-scale plants or large electric power grids. This position paper enumerates such challenges that the authors have faced when creating data-centric anomaly detectors and using them in a live plant.

Original language	English
Title of host publication	Proceedings of the 6th ACM on Cyber-Physical System Security Workshop
Place of Publication	New York, USA
Pages	23–29
Number of pages	7
DOIs	https://doi.org/10.1145/3384941.3409588
Publication status	Published - 31 Oct 2020

Keywords

CPS security
ICS security
anomaly detection
neural networks
intrusion detection system
attack detection
challenges in ids
machine learning

Access to Document

10.1145/3384941.3409588

Ahmed-etal-CPSS2020-Challenges-in-machine-learning-based-approaches-for-real-time-anomaly-detectionAccepted author manuscript, 1.32 MB

Fingerprint Dive into the research topics of 'Challenges in machine learning based approaches for real-time anomaly detection in industrial control systems'. Together they form a unique fingerprint.

Cite this

@inproceedings{40f826e77d754ed69736801b6e6618a3,

title = "Challenges in machine learning based approaches for real-time anomaly detection in industrial control systems",

abstract = "Data-centric approaches are becoming increasingly common in the creation of defense mechanisms for critical infrastructure such as the electric power grid and water treatment plants. Such approaches often use well-known methods from machine learning and system identification, i.e., the Multi-Layer Perceptron, Convolutional Neural Network, and Deep Auto Encoders to create process anomaly detectors. Such detectors are then evaluated using data generated from an operational plant or a simulator; rarely is the assessment conducted in real time on a live plant. Regardless of the method to create an anomaly detector, and the data used for performance evaluation, there remain significant challenges that ought to be overcome before such detectors can be deployed with confidence in city-scale plants or large electric power grids. This position paper enumerates such challenges that the authors have faced when creating data-centric anomaly detectors and using them in a live plant.",

keywords = "CPS security, ICS security, anomaly detection, neural networks, intrusion detection system, attack detection, challenges in ids, machine learning",

author = "Ahmed, {Chuadhry Mujeeb} and {M R}, {Gauthama Raman} and Mathur, {Aditya P.}",

year = "2020",

month = oct,

day = "31",

doi = "10.1145/3384941.3409588",

language = "English",

isbn = "9781450376082",

pages = "23–29",

booktitle = "Proceedings of the 6th ACM on Cyber-Physical System Security Workshop",

}

Challenges in machine learning based approaches for real-time anomaly detection in industrial control systems. / Ahmed, Chuadhry Mujeeb; M R, Gauthama Raman; Mathur, Aditya P.

Proceedings of the 6th ACM on Cyber-Physical System Security Workshop. New York, USA, 2020. p. 23–29.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution book

TY - GEN

T1 - Challenges in machine learning based approaches for real-time anomaly detection in industrial control systems

AU - Ahmed, Chuadhry Mujeeb

AU - M R, Gauthama Raman

AU - Mathur, Aditya P.

PY - 2020/10/31

Y1 - 2020/10/31

N2 - Data-centric approaches are becoming increasingly common in the creation of defense mechanisms for critical infrastructure such as the electric power grid and water treatment plants. Such approaches often use well-known methods from machine learning and system identification, i.e., the Multi-Layer Perceptron, Convolutional Neural Network, and Deep Auto Encoders to create process anomaly detectors. Such detectors are then evaluated using data generated from an operational plant or a simulator; rarely is the assessment conducted in real time on a live plant. Regardless of the method to create an anomaly detector, and the data used for performance evaluation, there remain significant challenges that ought to be overcome before such detectors can be deployed with confidence in city-scale plants or large electric power grids. This position paper enumerates such challenges that the authors have faced when creating data-centric anomaly detectors and using them in a live plant.

AB - Data-centric approaches are becoming increasingly common in the creation of defense mechanisms for critical infrastructure such as the electric power grid and water treatment plants. Such approaches often use well-known methods from machine learning and system identification, i.e., the Multi-Layer Perceptron, Convolutional Neural Network, and Deep Auto Encoders to create process anomaly detectors. Such detectors are then evaluated using data generated from an operational plant or a simulator; rarely is the assessment conducted in real time on a live plant. Regardless of the method to create an anomaly detector, and the data used for performance evaluation, there remain significant challenges that ought to be overcome before such detectors can be deployed with confidence in city-scale plants or large electric power grids. This position paper enumerates such challenges that the authors have faced when creating data-centric anomaly detectors and using them in a live plant.

KW - CPS security

KW - ICS security

KW - anomaly detection

KW - neural networks

KW - intrusion detection system

KW - attack detection

KW - challenges in ids

KW - machine learning

U2 - 10.1145/3384941.3409588

DO - 10.1145/3384941.3409588

M3 - Conference contribution book

SN - 9781450376082

SP - 23

EP - 29

BT - Proceedings of the 6th ACM on Cyber-Physical System Security Workshop

CY - New York, USA

ER -