Curse of system complexity and virtue of operational invariants: machine learning based system modeling and attack detection in CPS

Muhammad Omer Shahid; Chuadhry Mujeeb Ahmed; Venkata Reddy Palleti; Jianying Zhou

doi:10.1109/dsc54232.2022.9888940

Curse of system complexity and virtue of operational invariants: machine learning based system modeling and attack detection in CPS

Muhammad Omer Shahid, Chuadhry Mujeeb Ahmed, Venkata Reddy Palleti, Jianying Zhou

Computer And Information Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution book

6 Downloads (Pure)

Abstract

Cyber Physical Systems (CPS) security has gained a lot of interest in recent years. Different approaches have been proposed to tackle the security challenges. Intrusion detection has been of most interest so far, involving design-based and data-based approaches. Design-based approaches require domain expertise and are not scalable, on the other hand, data-based approaches suffer from the lack of real-world datasets available for specific critical physical processes. In this work, a data collection effort is made on a realistic Water Distribution (WADI) test-bed. Collected data consists of both the normal operation as well as a range of attack scenarios. Next, machine learning-based system-modeling techniques are considered using the data from WADI. It is shown that the accuracy of system model-based intrusion detectors depends on the model accuracy and for non-linear processes, it is non-trivial to obtain accurate system models. Moreover, an operational invariants-based attack detection technique is proposed using the system design parameters. It is shown that using a simple rule-based anomaly detector performs better than the complex black-box data-based techniques.

Original language	English
Title of host publication	2022 IEEE Conference on Dependable and Secure Computing (DSC)
Place of Publication	Piscataway, NJ
Publisher	IEEE
Pages	1-8
Number of pages	8
ISBN (Electronic)	9781665421416
ISBN (Print)	9781665421423
DOIs	https://doi.org/10.1109/dsc54232.2022.9888940
Publication status	Published - 26 Sep 2022
Event	2022 IEEE conference on Dependable and Secure Computing - Glassroom, Edinburgh Napier University, Edinburgh, United Kingdom Duration: 22 Jun 2022 → 24 Jun 2022 https://attend.ieee.org/dsc-2022/

Conference

Conference	2022 IEEE conference on Dependable and Secure Computing
Abbreviated title	DSC 2022
Country/Territory	United Kingdom
City	Edinburgh
Period	22/06/22 → 24/06/22
Internet address	https://attend.ieee.org/dsc-2022/

Keywords

computational modeling
intrusion detection
detectors
machine learning
systems modeling
data collection
complexity theory

Access to Document

10.1109/dsc54232.2022.9888940

Shahid-etal-DSC-2022-Curse-of-system-complexity-and-virtue-of-operational invariants-machine-learningAccepted author manuscript, 1.74 MBLicence: Strath_1

Cite this

@inproceedings{75f4e1f3bca044a09cfb2bbfe8ec90b6,

title = "Curse of system complexity and virtue of operational invariants: machine learning based system modeling and attack detection in CPS",

abstract = "Cyber Physical Systems (CPS) security has gained a lot of interest in recent years. Different approaches have been proposed to tackle the security challenges. Intrusion detection has been of most interest so far, involving design-based and data-based approaches. Design-based approaches require domain expertise and are not scalable, on the other hand, data-based approaches suffer from the lack of real-world datasets available for specific critical physical processes. In this work, a data collection effort is made on a realistic Water Distribution (WADI) test-bed. Collected data consists of both the normal operation as well as a range of attack scenarios. Next, machine learning-based system-modeling techniques are considered using the data from WADI. It is shown that the accuracy of system model-based intrusion detectors depends on the model accuracy and for non-linear processes, it is non-trivial to obtain accurate system models. Moreover, an operational invariants-based attack detection technique is proposed using the system design parameters. It is shown that using a simple rule-based anomaly detector performs better than the complex black-box data-based techniques.",

keywords = "computational modeling, intrusion detection, detectors, machine learning, systems modeling, data collection, complexity theory",

author = "Shahid, {Muhammad Omer} and Ahmed, {Chuadhry Mujeeb} and Palleti, {Venkata Reddy} and Jianying Zhou",

note = "{\textcopyright} 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting /republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.; 2022 IEEE conference on Dependable and Secure Computing, DSC 2022 ; Conference date: 22-06-2022 Through 24-06-2022",

year = "2022",

month = sep,

day = "26",

doi = "10.1109/dsc54232.2022.9888940",

language = "English",

isbn = "9781665421423",

pages = "1--8",

booktitle = "2022 IEEE Conference on Dependable and Secure Computing (DSC)",

publisher = "IEEE",

url = "https://attend.ieee.org/dsc-2022/",

}

Shahid, MO, Ahmed, CM, Palleti, VR & Zhou, J 2022, Curse of system complexity and virtue of operational invariants: machine learning based system modeling and attack detection in CPS. in 2022 IEEE Conference on Dependable and Secure Computing (DSC). IEEE, Piscataway, NJ, pp. 1-8, 2022 IEEE conference on Dependable and Secure Computing, Edinburgh, United Kingdom, 22/06/22. https://doi.org/10.1109/dsc54232.2022.9888940

Curse of system complexity and virtue of operational invariants : machine learning based system modeling and attack detection in CPS. / Shahid, Muhammad Omer; Ahmed, Chuadhry Mujeeb; Palleti, Venkata Reddy et al.

2022 IEEE Conference on Dependable and Secure Computing (DSC). Piscataway, NJ : IEEE, 2022. p. 1-8.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution book

TY - GEN

T1 - Curse of system complexity and virtue of operational invariants

T2 - 2022 IEEE conference on Dependable and Secure Computing

AU - Shahid, Muhammad Omer

AU - Ahmed, Chuadhry Mujeeb

AU - Palleti, Venkata Reddy

AU - Zhou, Jianying

N1 - © 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting /republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

PY - 2022/9/26

Y1 - 2022/9/26

N2 - Cyber Physical Systems (CPS) security has gained a lot of interest in recent years. Different approaches have been proposed to tackle the security challenges. Intrusion detection has been of most interest so far, involving design-based and data-based approaches. Design-based approaches require domain expertise and are not scalable, on the other hand, data-based approaches suffer from the lack of real-world datasets available for specific critical physical processes. In this work, a data collection effort is made on a realistic Water Distribution (WADI) test-bed. Collected data consists of both the normal operation as well as a range of attack scenarios. Next, machine learning-based system-modeling techniques are considered using the data from WADI. It is shown that the accuracy of system model-based intrusion detectors depends on the model accuracy and for non-linear processes, it is non-trivial to obtain accurate system models. Moreover, an operational invariants-based attack detection technique is proposed using the system design parameters. It is shown that using a simple rule-based anomaly detector performs better than the complex black-box data-based techniques.

AB - Cyber Physical Systems (CPS) security has gained a lot of interest in recent years. Different approaches have been proposed to tackle the security challenges. Intrusion detection has been of most interest so far, involving design-based and data-based approaches. Design-based approaches require domain expertise and are not scalable, on the other hand, data-based approaches suffer from the lack of real-world datasets available for specific critical physical processes. In this work, a data collection effort is made on a realistic Water Distribution (WADI) test-bed. Collected data consists of both the normal operation as well as a range of attack scenarios. Next, machine learning-based system-modeling techniques are considered using the data from WADI. It is shown that the accuracy of system model-based intrusion detectors depends on the model accuracy and for non-linear processes, it is non-trivial to obtain accurate system models. Moreover, an operational invariants-based attack detection technique is proposed using the system design parameters. It is shown that using a simple rule-based anomaly detector performs better than the complex black-box data-based techniques.

KW - computational modeling

KW - intrusion detection

KW - detectors

KW - machine learning

KW - systems modeling

KW - data collection

KW - complexity theory

U2 - 10.1109/dsc54232.2022.9888940

DO - 10.1109/dsc54232.2022.9888940

M3 - Conference contribution book

SN - 9781665421423

SP - 1

EP - 8

BT - 2022 IEEE Conference on Dependable and Secure Computing (DSC)

PB - IEEE

CY - Piscataway, NJ

Y2 - 22 June 2022 through 24 June 2022

ER -

Curse of system complexity and virtue of operational invariants: machine learning based system modeling and attack detection in CPS

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this