Abstract
Physical objects and infrastructure can now be connected to the web and to one another using cyber-physical systems, which incorporate sensing, computation, control, and networking. Protection of these cyber-physical systems is becoming a necessity for their major stakeholders, including government agencies. Their performance affects several facets of human existence, including health, economy, and welfare. Cyber-Physical Systems (CPSs) are vulnerable to security breaches, and an attacker could potentially acquire access to the process controls for a prolonged amount of time. As a part of our research, we present a hybrid cyber-attack detection model, integrating the incremental principal component analysis (IPCA) with the two machine learning methods in parallel: k-nearest neighbor (KNN) and logistic regression (LR). Two machine learning methods with hyperparameters are combined with model adjustment to enhance their ability to predict attacks. To improve the validation accuracy, the incremental principal component analysis (IPCA) is taken into consideration. The experiments are performed using the Secure Water Treatment (SWaT) dataset, comprising details about the normal operation of the system as well as the malfunctioning of the system caused due to cyber-attacks. First, we evaluate the suggested model's efficacy in light of previous research, and it shows that out of two parallel machine learning techniques, KNN does perform exceptionally well in terms of precision attaining a value of 0.997, recall of 0.996, and F1-score of 0.996 in comparison to LR.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Elnour M, Meskin N, Khan K, Jain R (2020) A dual-isolation-forests-based attack detection framework for industrial control systems. IEEE Access. 8:36639–36651. https://doi.org/10.1109/ACCESS.2020.2975066
Chapelle O, Scholkopf B, Zien A (eds) (2009) Semi-supervised learning (2006) [Book reviews]. IEEE Trans Neural Netw 20. https://doi.org/10.1109/tnn.2009.2015974
Beaver J, R.B.-H (2013) 12th international, 2013, undefined: an evaluation of machine learning methods to detect malicious SCADA communications. ieeexplore.ieee.org
Borges Hink RC, Beaver JM, Buckner MA, Morris T, Adhikari U, Pan S (2014) Machine learning for power system disturbance and cyber-attack discrimination. In: 7th international symposium on resilient control systems, ISRCS 2014. https://doi.org/10.1109/ISRCS.2014.6900095
Kravchik M, A S.-IT D (2021) Undefined: efficient cyber attack detection in industrial control systems using lightweight neural networks and pca. ieeexplore.ieee.org
Alguliyev R, Imamverdiyev Y, Sukhostat L (2021) Hybrid DeepGCL model for cyber-attacks detection on cyber-physical systems. Neural Comput Appl 33:10211–10226. https://doi.org/10.1007/S00521-021-05785-2
Kravchik M, Shabtai A (2018) Detecting cyber attacks in industrial control systems using convolutional neural networks. Proc ACM Conf Comput Commun Secur 72–83. https://doi.org/10.1145/3264888.3264896
Lin Q, Verwer S, Adepu S, Mathur A (2018) TABOR: a graphical model-based approach for anomaly detection in industrial control systems. In: ASIACCS 2018—proceedings of the 2018 ACM Asia conference on computer and communications security. https://doi.org/10.1145/3196494.3196546
Hindy H, Brosset D, Bayne E, Seeam A, Bellekens X (2019) Improving SIEM for critical SCADA water infrastructures using machine learning. In: Lecture notes in computer science (including subseries lecture notes in artificial intelligence and lecture notes in bioinformatics). https://doi.org/10.1007/978-3-030-12786-2_1
Junejo KN (2020) Predictive safety assessment for storage tanks of water cyber-physical systems using machine learning. Sadhana—Acad Proc Eng Sci 45. https://doi.org/10.1007/s12046-020-1290-y
Ahmed CM, Zhou J, Mathur AP (2018) Noise matters: using sensor and process noise fingerprint to detect stealthy cyber attacks and authenticate sensors in CPS. In: ACM international conference proceeding series. https://doi.org/10.1145/3274694.3274748
Ghaeini H, Tippenhauer N 14th, J.Z.-P(2019) Zero residual attacks on industrial control systems and stateful countermeasures. dl.acm.org. https://doi.org/10.1145/3339252.3340331
Ulybyshev D, Yilmaz I, Northern B, Kholodilo V, Rogers M (2021) Trustworthy data analysis and sensor data protection in cyber-physical systems. In: SAT-CPS 2021—proceedings of the 2021 ACM workshop on secure and trustworthy cyber-physical systems. https://doi.org/10.1145/3445969.3450432
Selim GEI, Hemdan EED, Shehata AM, El-Fishawy NA (2021) Anomaly events classification and detection system in the critical industrial internet of things infrastructure using machine learning algorithms. Multi Tools Appl 80. https://doi.org/10.1007/s11042-020-10354-1
Inoue J, Yamagata Y, Chen Y, Poskitt CM, Sun J (2017) Anomaly detection for a water treatment system using unsupervised machine learning. In: IEEE international conference on data mining workshops, ICDMW. https://doi.org/10.1109/ICDMW.2017.149
Gómez ÁLP, Maimó LF, Celdrán AH, Clemente FJG (2020) MADICS: a methodology for anomaly detection in industrial control systems. Symmetry (Basel) 12. https://doi.org/10.3390/SYM12101583
Datasets—iTrust, https://itrust.sutd.edu.sg/itrust-labs_datasets/. Last accessed 13 Feb 2023
Goh J, Adepu S, Junejo K, critical, AM-I (2016) conference on, 2016, A dataset to support research in the design of secure water treatment systems. Springer
Li D, Chen D, Jin B, Shi L, Goh J, Ng SK (2019) MAD-GAN: multivariate anomaly detection for time series data with generative adversarial networks. In: Lecture notes in computer science (including subseries lecture notes in artificial intelligence and lecture notes in bioinformatics). https://doi.org/10.1007/978-3-030-30490-4_56
Shalyga D, Filonov P, Lavrentyev A (2018) Anomaly detection for water treatment system based on neural network with automatic architecture optimization
Acknowledgements
iTrust, Centre for Research in Cyber Security, Singapore University of Technology and Design, provided the SWaT dataset to help our study.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Ethics declarations
Conflict of Interest
The author affirms that no conflict of interest exists.
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Gulzar, Q., Mustafa, K. (2024). Hybrid Cyber-Attack Detection Model on Cyber-Physical Systems Using Machine Learning Techniques. In: Swaroop, A., Polkowski, Z., Correia, S.D., Virdee, B. (eds) Proceedings of Data Analytics and Management. ICDAM 2023. Lecture Notes in Networks and Systems, vol 786. Springer, Singapore. https://doi.org/10.1007/978-981-99-6547-2_16
Download citation
DOI: https://doi.org/10.1007/978-981-99-6547-2_16
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-6546-5
Online ISBN: 978-981-99-6547-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)