Skip to main content
SpringerLink
Log in

Anomaly Detection in Critical Infrastructure Using Probabilistic Neural Network

  • Conference paper
  • First Online:
Applications and Techniques in Information Security (ATIS 2019)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1116))

Abstract

Supervisory Control and Data Acquisition (SCADA) systems forms a vital part of any critical infrastructure. Such systems are network integrated for remote monitoring and control making them vulnerable to intrusions by malicious actors. Such intrusions may lead to anomalous behavior of the underlying physical process. This work presents a Probabilistic Neural Network (PNN) based anomaly detector to detect anomalies arising consequent to a cyber attack. Experimental validation was conducted using the dataset obtained from an operational water treatment testbed, namely Secure Water Treatment (SWaT). The impact of the smoothening parameter on the performance of the PNN-based anomaly detector was analyzed. Experimental evaluations indicate the significance of the PNN-based anomaly detector, compared with several competing detectors, in terms of precision, F-score, false alarm rate, and detection rate.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Adepu, S., Mathur, A.: An investigation into the response of a water treatment system to cyber attacks. In: IEEE 17th International Symposium on High Assurance Systems Engineering, pp. 141–148. IEEE (2016)

    Google Scholar 

  2. Adepu, S., Mathur, A.: Distributed attack detection in a water treatment plant: method and case study. IEEE Trans. Dependable Secure Comput. 11 (2018). https://doi.org/10.1109/TDSC.2018.2875008

  3. Ball, T.: Top 5 critical infrastructure cyber attacks. https://www.cbronline.com/cybersecurity/top-5-infrastructure-hacks/. Accessed 15 Jan 2019

  4. Beaver, J., Borges-Hink, R., Buckner, M.: An evaluation of machine learning methods to detect malicious SCADA communications. In: 12th International Conference on Machine Learning and Applications, pp. 54–59. IEEE (2013)

    Google Scholar 

  5. Berge, C., Minieka, E.: Graphs and Hypergraphs. North-Holland Pub. Co., Amsterdam (1973)

    Google Scholar 

  6. Clotet, X., Moyano, J., Len, G.: A real-time anomaly-based IDS for cyber-attack detection at the industrial process level of critical infrastructures. Int. J. Crit. Infrastruct. Prot. 23, 11–20 (2018)

    Article  Google Scholar 

  7. Filonov, P., Kitashov, F., Lavrentyev, A.: RNN-based early cyber-attack detection for the tennessee eastman process. arXiv preprint arXiv:1709.02232 (2017)

  8. Filonov, P., Lavrentyev, A., Vorontsov, A.: Multivariate industrial time series with cyber-attack simulation: fault detection using an LSTM-based predictive data model. arXiv preprint arXiv:1612.06676 (2016)

  9. Gauthama Raman, M., Somu, N., Kirthivasan, K., Sriram, V.: A hypergraph and arithmetic residue-based probabilistic neural network for classification in intrusion detection systems. Neural Networks 92, 89–97 (2017)

    Article  Google Scholar 

  10. Ginter, A.: The top 20 cyber attacks against industrial control systems. https://waterfall-security.com/20-attacks. Accessed 15 Jan 2019

  11. Goh, J., Adepu, S., Junejo, K., Mathur, A.: A dataset to support research in the design of secure water treatment systems. In: International Conference on Critical Information Infrastructures Security, pp. 88–99. IEEE (2016)

    Google Scholar 

  12. Goh, J., Adepu, S., Tan, M., Lee, Z.: Anomaly detection in cyber physical systems using recurrent neural networks. In: IEEE 18th International Symposium on High Assurance Systems Engineering, pp. 140–145. IEEE (2017)

    Google Scholar 

  13. Hajdarevic, A., Dzananovic, I., Banjanovic-Mehmedovic, L., Mehmedovic, F.: Anomaly detection in thermal power plant using probabilistic neural network. In: 2015 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pp. 1118–1123. IEEE (2015)

    Google Scholar 

  14. Han, S., Xie, M., Chen, H., Ling, Y.: Intrusion detection in cyber-physical systems: techniques and challenges. IEEE Syst. J. 8, 1052–1062 (2014)

    Article  Google Scholar 

  15. Huda, S., Yearwood, J., Hassan, M., Almogren, A.: Securing the operations in SCADA-IoT platform based industrial control system using ensemble of deep belief networks. Appl. Soft Comput. J. 71, 66–77 (2018)

    Article  Google Scholar 

  16. Inoue, J., Yamagata, Y., Chen, Y., Poskitt, C., Jun, S.: Anomaly detection for a water treatment system using unsupervised machine learning. In: IEEE International Conference on Data Mining Workshops, pp. 1058–1065. IEEE (2017)

    Google Scholar 

  17. Inoue, J., Yamagata, Y., Chen, Y., Poskitt, C., Sun, J.: Anomaly detection for a water treatment system using unsupervised machine learning. In: IEEE International Conference on Data Mining Workshops ICDMW, pp. 1058–1065. IEEE (2017)

    Google Scholar 

  18. Junejo, K.N., Goh, J.: Behaviour-based attack detection and classification in cyber physical systems using machine learning. In: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security, pp. 34–43. ACM (2016)

    Google Scholar 

  19. Kravchik, M., Shabtai, A.: Detecting cyber attacks in Industrial Control Systems using convolutional neural networks. In: ACM Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy, pp. 72–83. ACM (2018)

    Google Scholar 

  20. Li, D., Chen, D., Goh, J., Ng, S.: Anomaly detection with generative adversarial networks for multivariate time series. In: 7th International Workshop on Big Data, Streams and Heterogeneous Source Mining: Algorithms, Systems, pp. 1–10. ACM (2018)

    Google Scholar 

  21. Malhotra, P., Ramakrishnan, A., Anand, G., Vig, L., Agarwal, P., Shroff, G.: LSTM-based encoder-decoder for multi-sensor anomaly detection. arXiv preprint arXiv:1607.00148 (2016)

  22. Mathur, A.P., Tippenhauer, N.O.: SWaT: A water treatment testbed for research and training on ICS security. In: International Workshop on Cyber-physical Systems for Smart Water Networks (CySWater), pp. 31–36. IEEE, USA, April 2016

    Google Scholar 

  23. McMillen: Attacks targeting Industrial Control Systems (ICS) up 110 percent. https://securityintelligence.com/attacks-targeting-industrial-control-systems-ics-up-110-percent/. Accessed 15 Jan 2019

  24. Myers, D., Suriadi, S., Radke, K., Foo, E.: Anomaly detection for industrial control systems using process mining. Comput. Secur. 78, 103–125 (2018)

    Article  Google Scholar 

  25. Nazir, S., Patel, S., Patel, D.: Assessing and augmenting scada cyber security: a survey of techniques. Comput. Secur. 70, 436–454 (2017)

    Article  Google Scholar 

  26. Raman, M.G., Somu, N., Krithivasan, K., Sriram, V.S.: A hypergraph and arithmetic residue-based probabilistic neural network for classification in intrusion detection systems. Neural Networks 92, 89–97 (2017)

    Article  Google Scholar 

  27. Schneider, P., Bottinger, K.: High-performance unsupervised anomaly detection for cyber-physical system networks. In: ACM Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy, pp. 1–12. IEEE (2018)

    Google Scholar 

  28. Shalyga, D., Filonov, P., Lavrentyev, A.: Anomaly detection for water treatment system based on neural network with automatic architecture optimization. arXiv preprint arXiv:1807.07282 (2018)

  29. Siboni, S., et al.: Security testbed for the Internet of Things Devices. IEEE Trans. Reliab. 68, 1–12 (2018)

    Google Scholar 

  30. Somu, N., Gauthama Raman, M.R., Kalpana, V., Krithivasan, K., Shankar, V.: An improved robust heteroscedastic probabilistic neural network based trust prediction approach for cloud service selection. Neural Networks 108, 339–354 (2018)

    Article  Google Scholar 

  31. Specht, D.: Probabilistic neural networks. Neural Networks 3, 109–118 (1990)

    Article  Google Scholar 

  32. Tran, T.P., Jan, T.: Boosted modified probabilistic neural network (BMPNN) for network intrusion detection. In: The 2006 IEEE International Joint Conference on Neural Network Proceedings, pp. 2354–2361. IEEE (2006)

    Google Scholar 

  33. Yu, S.N., Chen, Y.H.: Electrocardiogram beat classification based on wavelet transformation and probabilistic neural network. Pattern Recogn. Lett. 28(10), 1142–1150 (2007)

    Article  Google Scholar 

  34. Zhang, Y., Wang, L., Sun, W., Green, I., Robert, C., Alam, M.: Distributed intrusion detection system in a multi-layer network architecture of smart grids. IEEE Trans. Smart Grids 2, 796–808 (2011)

    Article  Google Scholar 

  35. Zonouz, S., Davis, C.M., Davis, K.R., Berthier, R., Bobba, R.B., Sanders, W.H.: SOCCA: a security-oriented cyber-physical contingency analysis in power infrastructures. IEEE Trans. Smart Grid 5(1), 3–13 (2014)

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported by the National Research Foundation (NRF), Prime Minister’s Office, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2016NCR-NCR002-023) and administered by the National Cybersecurity R&D Directorate.

Author information

Authors and Affiliations

  1. iTrust–Centre for Research in Cyber Security, Singapore University of Technology and Design, Singapore, Singapore

    M. R. Gauthama Raman & Aditya P. Mathur

  2. Smart Energy Informatics Laboratory (SEIL), Indian Institute of Technology, Bombay, Mumbai, India

    Nivethitha Somu

Authors
  1. M. R. Gauthama Raman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nivethitha Somu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Aditya P. Mathur
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aditya P. Mathur .

Editor information

Editors and Affiliations

  1. School of Computing, SASTRA University, Thanjavur, India

    V. S. Shankar Sriram

  2. School of Computing, SASTRA University, Thanjavur, India

    V. Subramaniyaswamy

  3. School of Computing, SASTRA University, Thanjavur, India

    N. Sasikaladevi

  4. School of Information Technology, Deakin University, Geelong, VIC, Australia

    Leo Zhang

  5. School of Information Technology, Deakin University, Geelong, VIC, Australia

    Lynn Batten

  6. School of Information Technology, Deakin University, Geelong, VIC, Australia

    Gang Li

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gauthama Raman, M.R., Somu, N., Mathur, A.P. (2019). Anomaly Detection in Critical Infrastructure Using Probabilistic Neural Network. In: Shankar Sriram, V., Subramaniyaswamy, V., Sasikaladevi, N., Zhang, L., Batten, L., Li, G. (eds) Applications and Techniques in Information Security. ATIS 2019. Communications in Computer and Information Science, vol 1116. Springer, Singapore. https://doi.org/10.1007/978-981-15-0871-4_10

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-0871-4_10

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-0870-7

  • Online ISBN: 978-981-15-0871-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation