Abstract
Supervisory Control and Data Acquisition (SCADA) systems forms a vital part of any critical infrastructure. Such systems are network integrated for remote monitoring and control making them vulnerable to intrusions by malicious actors. Such intrusions may lead to anomalous behavior of the underlying physical process. This work presents a Probabilistic Neural Network (PNN) based anomaly detector to detect anomalies arising consequent to a cyber attack. Experimental validation was conducted using the dataset obtained from an operational water treatment testbed, namely Secure Water Treatment (SWaT). The impact of the smoothening parameter on the performance of the PNN-based anomaly detector was analyzed. Experimental evaluations indicate the significance of the PNN-based anomaly detector, compared with several competing detectors, in terms of precision, F-score, false alarm rate, and detection rate.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Adepu, S., Mathur, A.: An investigation into the response of a water treatment system to cyber attacks. In: IEEE 17th International Symposium on High Assurance Systems Engineering, pp. 141–148. IEEE (2016)
Adepu, S., Mathur, A.: Distributed attack detection in a water treatment plant: method and case study. IEEE Trans. Dependable Secure Comput. 11 (2018). https://doi.org/10.1109/TDSC.2018.2875008
Ball, T.: Top 5 critical infrastructure cyber attacks. https://www.cbronline.com/cybersecurity/top-5-infrastructure-hacks/. Accessed 15 Jan 2019
Beaver, J., Borges-Hink, R., Buckner, M.: An evaluation of machine learning methods to detect malicious SCADA communications. In: 12th International Conference on Machine Learning and Applications, pp. 54–59. IEEE (2013)
Berge, C., Minieka, E.: Graphs and Hypergraphs. North-Holland Pub. Co., Amsterdam (1973)
Clotet, X., Moyano, J., Len, G.: A real-time anomaly-based IDS for cyber-attack detection at the industrial process level of critical infrastructures. Int. J. Crit. Infrastruct. Prot. 23, 11–20 (2018)
Filonov, P., Kitashov, F., Lavrentyev, A.: RNN-based early cyber-attack detection for the tennessee eastman process. arXiv preprint arXiv:1709.02232 (2017)
Filonov, P., Lavrentyev, A., Vorontsov, A.: Multivariate industrial time series with cyber-attack simulation: fault detection using an LSTM-based predictive data model. arXiv preprint arXiv:1612.06676 (2016)
Gauthama Raman, M., Somu, N., Kirthivasan, K., Sriram, V.: A hypergraph and arithmetic residue-based probabilistic neural network for classification in intrusion detection systems. Neural Networks 92, 89–97 (2017)
Ginter, A.: The top 20 cyber attacks against industrial control systems. https://waterfall-security.com/20-attacks. Accessed 15 Jan 2019
Goh, J., Adepu, S., Junejo, K., Mathur, A.: A dataset to support research in the design of secure water treatment systems. In: International Conference on Critical Information Infrastructures Security, pp. 88–99. IEEE (2016)
Goh, J., Adepu, S., Tan, M., Lee, Z.: Anomaly detection in cyber physical systems using recurrent neural networks. In: IEEE 18th International Symposium on High Assurance Systems Engineering, pp. 140–145. IEEE (2017)
Hajdarevic, A., Dzananovic, I., Banjanovic-Mehmedovic, L., Mehmedovic, F.: Anomaly detection in thermal power plant using probabilistic neural network. In: 2015 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pp. 1118–1123. IEEE (2015)
Han, S., Xie, M., Chen, H., Ling, Y.: Intrusion detection in cyber-physical systems: techniques and challenges. IEEE Syst. J. 8, 1052–1062 (2014)
Huda, S., Yearwood, J., Hassan, M., Almogren, A.: Securing the operations in SCADA-IoT platform based industrial control system using ensemble of deep belief networks. Appl. Soft Comput. J. 71, 66–77 (2018)
Inoue, J., Yamagata, Y., Chen, Y., Poskitt, C., Jun, S.: Anomaly detection for a water treatment system using unsupervised machine learning. In: IEEE International Conference on Data Mining Workshops, pp. 1058–1065. IEEE (2017)
Inoue, J., Yamagata, Y., Chen, Y., Poskitt, C., Sun, J.: Anomaly detection for a water treatment system using unsupervised machine learning. In: IEEE International Conference on Data Mining Workshops ICDMW, pp. 1058–1065. IEEE (2017)
Junejo, K.N., Goh, J.: Behaviour-based attack detection and classification in cyber physical systems using machine learning. In: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security, pp. 34–43. ACM (2016)
Kravchik, M., Shabtai, A.: Detecting cyber attacks in Industrial Control Systems using convolutional neural networks. In: ACM Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy, pp. 72–83. ACM (2018)
Li, D., Chen, D., Goh, J., Ng, S.: Anomaly detection with generative adversarial networks for multivariate time series. In: 7th International Workshop on Big Data, Streams and Heterogeneous Source Mining: Algorithms, Systems, pp. 1–10. ACM (2018)
Malhotra, P., Ramakrishnan, A., Anand, G., Vig, L., Agarwal, P., Shroff, G.: LSTM-based encoder-decoder for multi-sensor anomaly detection. arXiv preprint arXiv:1607.00148 (2016)
Mathur, A.P., Tippenhauer, N.O.: SWaT: A water treatment testbed for research and training on ICS security. In: International Workshop on Cyber-physical Systems for Smart Water Networks (CySWater), pp. 31–36. IEEE, USA, April 2016
McMillen: Attacks targeting Industrial Control Systems (ICS) up 110 percent. https://securityintelligence.com/attacks-targeting-industrial-control-systems-ics-up-110-percent/. Accessed 15 Jan 2019
Myers, D., Suriadi, S., Radke, K., Foo, E.: Anomaly detection for industrial control systems using process mining. Comput. Secur. 78, 103–125 (2018)
Nazir, S., Patel, S., Patel, D.: Assessing and augmenting scada cyber security: a survey of techniques. Comput. Secur. 70, 436–454 (2017)
Raman, M.G., Somu, N., Krithivasan, K., Sriram, V.S.: A hypergraph and arithmetic residue-based probabilistic neural network for classification in intrusion detection systems. Neural Networks 92, 89–97 (2017)
Schneider, P., Bottinger, K.: High-performance unsupervised anomaly detection for cyber-physical system networks. In: ACM Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy, pp. 1–12. IEEE (2018)
Shalyga, D., Filonov, P., Lavrentyev, A.: Anomaly detection for water treatment system based on neural network with automatic architecture optimization. arXiv preprint arXiv:1807.07282 (2018)
Siboni, S., et al.: Security testbed for the Internet of Things Devices. IEEE Trans. Reliab. 68, 1–12 (2018)
Somu, N., Gauthama Raman, M.R., Kalpana, V., Krithivasan, K., Shankar, V.: An improved robust heteroscedastic probabilistic neural network based trust prediction approach for cloud service selection. Neural Networks 108, 339–354 (2018)
Specht, D.: Probabilistic neural networks. Neural Networks 3, 109–118 (1990)
Tran, T.P., Jan, T.: Boosted modified probabilistic neural network (BMPNN) for network intrusion detection. In: The 2006 IEEE International Joint Conference on Neural Network Proceedings, pp. 2354–2361. IEEE (2006)
Yu, S.N., Chen, Y.H.: Electrocardiogram beat classification based on wavelet transformation and probabilistic neural network. Pattern Recogn. Lett. 28(10), 1142–1150 (2007)
Zhang, Y., Wang, L., Sun, W., Green, I., Robert, C., Alam, M.: Distributed intrusion detection system in a multi-layer network architecture of smart grids. IEEE Trans. Smart Grids 2, 796–808 (2011)
Zonouz, S., Davis, C.M., Davis, K.R., Berthier, R., Bobba, R.B., Sanders, W.H.: SOCCA: a security-oriented cyber-physical contingency analysis in power infrastructures. IEEE Trans. Smart Grid 5(1), 3–13 (2014)
Acknowledgements
This work was supported by the National Research Foundation (NRF), Prime Minister’s Office, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2016NCR-NCR002-023) and administered by the National Cybersecurity R&D Directorate.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Gauthama Raman, M.R., Somu, N., Mathur, A.P. (2019). Anomaly Detection in Critical Infrastructure Using Probabilistic Neural Network. In: Shankar Sriram, V., Subramaniyaswamy, V., Sasikaladevi, N., Zhang, L., Batten, L., Li, G. (eds) Applications and Techniques in Information Security. ATIS 2019. Communications in Computer and Information Science, vol 1116. Springer, Singapore. https://doi.org/10.1007/978-981-15-0871-4_10
Download citation
DOI: https://doi.org/10.1007/978-981-15-0871-4_10
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-0870-7
Online ISBN: 978-981-15-0871-4
eBook Packages: Computer ScienceComputer Science (R0)