research-article

Real-time Cyber-Physical Security Solution Leveraging an Integrated Learning-Based Approach

Authors:

Xi ZhangAuthors Info & Claims

ACM Transactions on Sensor Networks, Volume 20, Issue 2

Article No.: 27, Pages 1 - 22

https://doi.org/10.1145/3582009

Published: 09 January 2024 Publication History

Abstract

Cyber-Physical Systems (CPS) has emerged as a paradigm that connects cyber and physical worlds, which provides unprecedented opportunities to realize intelligent applications such as smart home, smart cities, and smart manufacturing. However, CPS faces a great number of information security challenges (e.g., attacks) due to the integration of CPS as well as the human behaviors and interactions. Therefore, accurate and real-time attack detection and identification are essential to ensure information security and reliability of CPS. In this paper, we propose a novel integrated learning method that accurately detects an attack of a CPS system and then identifies the attack type in real time. Specifically, we consider a One-Class Support Vector Machine (OCSVM) model that only relies on the data from the normal state for training to achieve a real-time and effective detection of a CPS system state (i.e., normal or under-attack). If the system is detected to be under-attack, we then develop a Pairwise Self-supervised Long Short-Term Memory (PSLSTM) approach to identify the attack type, which aims to accurately distinguish the known attack types and discover unknown new attacks. Lastly, experimental results show the proposed method achieves promising performances compared with conventional and state-of-the-art learning-based benchmarks.

References

[1]

K. Liu and J. Shi. 2015. Internet of Things (IoT)-enabled system informatics for service decision making: Achievements, trends, challenges, and opportunities. IEEE Intelligent Systems 30, 6 (2015), 18–21.

[2]

W. Dong, B. Li, G. Guan, Z. Cheng, J. Zhang, and Y. Gao. 2021. TinyLink: A holistic system for rapid development of IoT applications. ACM Transactions on Sensor Networks 17, 1, 2 (2021), 1–29.

Digital Library

[3]

Z. Andrea, B. Nicola, C. Angelo, V. Lorenzo, and Z. Michele. 2014. Internet of Things for smart cities. IEEE Internet of Things Journal 1, 1 (2014), 22–32.

[4]

B. Kehoe, S. Patil, P. Abbeel, and K. Goldberg. 2015. A survey of research on cloud robotics and automation. IEEE Transactions on Automation Science and Engineering 12, 2 (2015), 398–409.

[5]

K. Moskvitch. 2017. Securing IoT: In your smart home and your connected enterprise. Engineering Technology 12, 3 (2017), 40–42.

[6]

J. Wang, L. Wu, S. Zeadally, M. K. Khan, and D. He. 2021. Privacy-preserving data aggregation against malicious data mining attack for IoT-enabled smart grid. ACM Transactions on Sensor Networks 17, 3, 25 (2021), 1–25.

Digital Library

[7]

A. Alrawais, A. Alhothaily, C. Hu, and X. Cheng. 2017. Fog computing for the internet of things: Security and privacy issues. IEEE Internet Computing 21, 2 (2017), 34–42.

Digital Library

[8]

IoT attack losses at $330K and rising. ISS Source, 2019. https://www.isssource.com/iot-attack-losses-at-330k-and-rising/.

[9]

M. Ozay, I. Esnaola, F. Tunay, Y. Vural, S. R. Kulkarni, and H. V. Poor. 2016. Machine learning methods for attack detection in the smart grid. IEEE Transactions on Neural Networks and Learning Systems 27, 8 (2016), 1773–1786.

[10]

W. Li, P. Yi, Y. Wu, L. Pan, and J. Li. 2014. A new intrusion detection system based on KNN classification algorithm in wireless sensor network. Journal of Electrical and Computer Engineering 240217 (2014), 1–8,

[11]

S. Liou, D. Kurniadi, B. Zheng, W. Xie, C. Tien, and G. Jong. 2018. Classification of biomedical signal on IoT platform using support vector machine. IEEE International Conference on Applied System Invention. Chiba, Japan, 50–53.

[12]

D. Moon, H. Im, I. Kim, and J. H. Park. 2017. DTB-IDS: An intrusion detection system based on decision tree using behavior analysis for preventing APT attacks. The Journal of Supercomputing 73, 7 (2017), 2881–2895.

Digital Library

[13]

C. Ambikavathi and S. K. Srivatsa. 2020. Predictor selection and attack classification using random forest for intrusion detection. Journal of Scientific and Industrial Research 79, 5 (2020), 365–368.

[14]

E. Besharati, M. Naderan, and E. Namjoo. 2018. LR-HIDS: Logistic regression host-based intrusion detection system for cloud environments. Journal of Ambient Intelligence and Humanized Computing 10, 9 (2018), 3669–3692.

[15]

F. Li, A. Shinde, Y. Shi, J. Ye, X. Li, and W. Song. 2019. System statistics learning-based IoT security: Feasibility and suitability. IEEE Internet of Things Journal 6, 4 (2019), 6396–6403.

[16]

K. Liu, X. Zhang, and J. Shi. 2014. Adaptive sensor allocation strategy for process monitoring and diagnosis in a Bayesian network. IEEE Transactions on Automation Science and Engineering 11, 2 (2014), 452–462.

[17]

L. A. Maglaras and J. Jiang. 2014. A real time OCSVM intrusion detection module with low overhead for SCADA systems. International Journal of Advanced Research in Artificial Intelligence 3, 10 (2014), 45–53.

[18]

Y. Li, R. Ma, and R. Jiao. 2015. A hybrid malicious code detection method based on deep learning. International Journal of Software Engineering and Its Applications 9, 5 (2015), 205–216.

[19]

M. A. Al-Garadi, A. Mohamed, A. Al-Ali, X. Du, and M. Guizani. 2018. A survey of machine and deep learning methods for internet of things (IoT) security. arXiv preprint arXiv:1807.11023.

[20]

R. Vinayakumar, G. H. B. Ganesh, P. Prabaharan, K. M. An, and K. P. Soman. 2018. Deep-Net: Deep neural network for cyber security use cases. 1–16. arXiv:1812.03519.

[21]

Y. Li, P. Tao, S. Deng, and G. Zhou. 2022. DeFFusion: CNN-based continuous uuthentication using deep feature fusion. ACM Transactions on Sensor Networks 18, 2, 18 (2022), 1–20.

Digital Library

[22]

Y. Duan, Y. Lv, and F. Wang. 2016. Travel time prediction with LSTM neural network. International Conference on Intelligent Transportation Systems. Brazil, 1053–1058.

[23]

Q. Niyaz, W. Sun, A. Y. Javaid, and M. Alam. 2016. Deep learning approach for network intrusion detection system. EAI International Conference on Bio-inspired Information and Communications Technologies. New York, 1–6.

[24]

M. J. Kang and J. W. Kang. 2016. Intrusion detection system using deep neural network for in-vehicle network security. PLoS One 11, 6 (2016), e0155781.

[25]

R. David, J. Duke, A. Jain, V. J. Reddi, N. Jeffries, J. Li, N. Kreeger, I. Nappier, M. Natraj, S. Regev, R. Rhodes, T. Wang, and P. Warden. 2020. TensorFlow lite micro: Embedded machine learning on TinyML systems. arXiv:2010.08678.

[26]

D. K. Dennis, Y. Gaurkar, S. Gopinath, S. S. Goyal, C. Gupta, M. Jain, S. Jaiswal, A. Kumar, A. Kusupati, C. Lovett, S. G. Patil, S. Oindrila, and H. V. Simhadri. EdgeML: Machine Learning for resource-constrained edge devices. version 0.4.

[27]

D. E. Phillips, R. Tan, M. M. Moazzami, G. Xing, J. Chen, and D. K. Y. Yau. 2013. Supero: A sensor system for unsupervised residential power usage monitoring. IEEE International Conference on Pervasive Computing and Communications. San Diego, CA, USA, 66–75.

[28]

D. Stiawan, A. I. Shakhatreh, M. Y. Idris, K. A. Bakar, and A. H. Abdullah. 2012. Intrusion prevention system: A survey. Journal of Theoretical and Applied Information Technology 40, 1 (2012), 44–54.

[29]

J. Raiyn. 2014. A survey of cyber attack detection strategies. International Journal of Security and Its Applications 8, 1 (2014), 247–256.

[30]

I. You, K. Yim, V. Sharma, G. Choudhary, I. Chen, and J. Cho. 2019. Misbehavior detection of embedded IoT devices in medical cyber physical systems. IEEE/ACM International Conference on Connected Health: Application, Systems and Engineering Technologies. Washington, DC, USA, 88–93.

[31]

A. C. Kim, W. H. Park, and D. H. Lee. 2013. A study on the live forensic techniques for anomaly detection in user terminals. International Journal of Network Security 7, 1 (2013), 181–188.

[32]

A. P. da Silva, M. H. T. Martins, B. P. S. Rocha, A. A. F. Loureiro, L. B. Ruiz, and H. C. Wong. 2015. Decentralized intrusion detection in wireless sensor networks. ACM International Workshop on Quality of Service and Security in Wireless and Mobile Networks. Montreal, Canada, 16–23.

[33]

S. Raza, L. Wallgren, and T. Voigt. 2013. SVELTE: Real-time intrusion detection in the internet of things. Ad hoc Networks 11, 8 (2013), 2661–2674.

Digital Library

[34]

A. Fuchsberger. 2015. Intrusion detection systems and intrusion prevention systems. Information Security Technical Report, Elsevier, 134–139.

[35]

S. Schaust and H. Szczerbicka. 2008. Artificial immune systems in context of misbehaviour detection. International Journal of Cybernetics and Systems 39, 2 (2008), 136–154.

Digital Library

[36]

K. Lee. 2012. Security threats in cloud computing environments. International Journal of Security and Its Applications 6, 4 (2012), 25–32.

[37]

D. Janakiram, V. A. Reddy, and A. P. Kumar. 2006. Outlier detection in wireless sensor networks using Bayesian belief networks. International Conference on Communication System Software and Middleware. New Delhi, India, 1–6.

[38]

T. Idé, S. Papadimitriou, and M. Vlachos. 2008. Computing correlation anomaly scores using stochastic nearest neighbors. IEEE International Conference on Data Mining. Omaha, NE, USA, 523–528.

[39]

T. Idé and H. Kashima. 2004. Eigenspace-based anomaly detection in computer systems. ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. New York, NY, USA, 440–449.

[40]

D. C. Montgomery. 2009. Introduction to Statistical Quality Control, 6th ed. Wiley: New York, NY, USA.

[41]

N. Ye, Q. Chen, and C. M. Borror. 2004. EWMA forecast of normal system activity for computer intrusion detection. IEEE Transactions on Reliability 53, 4 (2004), 557–566.

[42]

J. Giraldo, D. Urbina, A. Cardenas, J. Valente, M. Faisal, J. Ruths, N. O. Tippenhauer, H. Sandberg, and Richard Candell. 2018. A survey of physics-based attack detection in cyber-physical systems. ACM Computing Surveys 51, 4 (2018), 1–36.

Digital Library

[43]

M. Salvaris, D. Dean, and W. H. Tok. 2018. Recurrent neural networks. Deep Learning with Azure. Apress. Berkeley, CA, USA, 161–186.

[44]

J. Mazumdar and R. G. Harley. 2008. Recurrent neural networks trained with backpropagation through time algorithm to estimate nonlinear load harmonic currents. IEEE Transactions on Industrial Electronics 55, 9 (2008), 3484–3491.

[45]

M. Valero, F. Li, S. Wang, F. Lin, and W. Song. 2019. Real-time cooperative analytics for ambient noise tomography in sensor networks. IEEE Transactions on Signal and Information Processing over Networks 5, 2 (2019), 375–389.

[46]

N. Srivastava, G. Hinton, A. Krizhevskv, and I. Sutskever. 2014. Dropout: A simple way to prevent neural networks from overfitting. Journal of Machine Learning Research 15, 1 (2014), 1929–1958.

Digital Library

Cited By

Fu LLiu YZhang YLi M(2024)Network Information Security Monitoring Under Artificial Intelligence EnvironmentInternational Journal of Information Security and Privacy10.4018/IJISP.34503818:1(1-25)Online publication date: 21-Jun-2024
https://dl.acm.org/doi/10.4018/IJISP.345038
Alsufyani ARana OPerera C(2024)Knowledge-based Cyber Physical Security at Smart Home: A ReviewACM Computing Surveys10.1145/3698768Online publication date: 3-Oct-2024
https://doi.org/10.1145/3698768
Gao HSu YWang FLi H(2024)Heterogeneous Fusion and Integrity Learning Network for RGB-D Salient Object DetectionACM Transactions on Multimedia Computing, Communications, and Applications10.1145/365647620:7(1-24)Online publication date: 15-May-2024
https://dl.acm.org/doi/10.1145/3656476
Show More Cited By

Index Terms

Real-time Cyber-Physical Security Solution Leveraging an Integrated Learning-Based Approach
1. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
    1. Intrusion detection systems

Recommendations

Government regulations in cyber security: Framework, standards and recommendations
Abstract
Cyber security refers to the protection of Internet-connected systems, such as hardware, software as well as data (information) from cyber attacks (adversaries). A cyber security regulation is needed in order to protect information ...
Highlights
- We list and discuss the cyber attacks, security requirements and measures. We then discuss the cyber security incident management framework and its various ...
Security analysis for cyber-physical systems against stealthy cyber attacks
CERIAS '13: Proceedings of the 14th Annual Information Security Symposium

Security of Cyber-Physical Systems (CPS) against cyber attacks is an important yet challenging problem. Since most cyber attacks happen in erratic ways, it is difficult to describe them systematically. In this paper, instead of identifying a specific ...
Cyber Security of Cyber Physical Systems: Cyber Threats and Defense of Critical Infrastructures
VLSID '16: Proceedings of the 2016 29th International Conference on VLSI Design and 2016 15th International Conference on Embedded Systems (VLSID)

Summary form only. Most critical infrastructures such as the power grid, railway or air traffic control, industrial automation in manufacturing, water/sewage infrastructure, banking system, etc., are cyber physical systems (CPS). Since continued ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Transactions on Sensor Networks

ACM Transactions on Sensor Networks Volume 20, Issue 2

March 2024

572 pages

EISSN:1550-4867

DOI:10.1145/3618080

Editor:
Wen Hu
University of New South Wales, Australia

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

ACM Journals for the Design of Smart and Connected Systems

Publication History

Published: 09 January 2024

Online AM: 25 January 2023

Accepted: 04 November 2022

Revised: 21 September 2022

Received: 18 May 2022

Published in TOSN Volume 20, Issue 2

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Science Foundation of China
Shanghai Sailing Program
National Science Foundation of Shanghai
Shanghai Chenguang Program

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
437
Total Downloads

Downloads (Last 12 months)260
Downloads (Last 6 weeks)20

Reflects downloads up to 23 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Fu LLiu YZhang YLi M(2024)Network Information Security Monitoring Under Artificial Intelligence EnvironmentInternational Journal of Information Security and Privacy10.4018/IJISP.34503818:1(1-25)Online publication date: 21-Jun-2024
https://dl.acm.org/doi/10.4018/IJISP.345038
Alsufyani ARana OPerera C(2024)Knowledge-based Cyber Physical Security at Smart Home: A ReviewACM Computing Surveys10.1145/3698768Online publication date: 3-Oct-2024
https://doi.org/10.1145/3698768
Gao HSu YWang FLi H(2024)Heterogeneous Fusion and Integrity Learning Network for RGB-D Salient Object DetectionACM Transactions on Multimedia Computing, Communications, and Applications10.1145/365647620:7(1-24)Online publication date: 15-May-2024
https://dl.acm.org/doi/10.1145/3656476
Wang SYan YHan FTian YDing YYang PLi XOkoshi TKo JLiKamWa R(2024)MultiRider: Enabling Multi-Tag Concurrent OFDM Backscatter by Taming In-band InterferenceProceedings of the 22nd Annual International Conference on Mobile Systems, Applications and Services10.1145/3643832.3661862(292-303)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3643832.3661862
Wang DXian XSong C(2024)Joint Learning of Failure Mode Recognition and Prognostics for Degradation ProcessesIEEE Transactions on Automation Science and Engineering10.1109/TASE.2023.323900421:2(1421-1433)Online publication date: Apr-2024
https://doi.org/10.1109/TASE.2023.3239004
Ji RKumar NPadha D(2024)CNN-GWO-voting & hybrid: ensemble learning inspired intrusion detection approaches for cyber-physical systemsProceedings of the Indian National Science Academy10.1007/s43538-024-00372-0Online publication date: 26-Nov-2024
https://doi.org/10.1007/s43538-024-00372-0
Xue MXu ZQiao SZheng JLi TWang YPeng D(2024)Driver intention prediction based on multi-dimensional cross-modality information interactionMultimedia Systems10.1007/s00530-024-01282-330:2Online publication date: 15-Mar-2024
https://dl.acm.org/doi/10.1007/s00530-024-01282-3
Wu ZGuo KWang LHu MRen S(undefined)A Collaborative Learning-based Urban Low-light Small-target Face Image Enhancement MethodACM Transactions on Sensor Networks10.1145/3616013
https://dl.acm.org/doi/10.1145/3616013

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Full Text

View this article in Full Text.

Media

Figures

Other

Tables

View full text|Download PDF

View Issue’s Table of Contents