CPS attack detection based on SAE-SVM

Abstract

Abstract: Cyber-physical system (CPS) is widely used in industrial control and critical infrastructures. Because of its vulnerability, the security of CPS is especially important. In order to improve the accuracy of CPS attack detection, an attack detection method combining sparse autoencoder (SAE) and support vector machine (SVM) is proposed in this paper. For the purpose of dimension reduction of data in CPS, SAE is used to learn and reduce dimension of the data, and the unsupervised method is adopted to reconstruct the new representation of features. On this basis, in order to establish an optimized detection model, improved bacterial foraging algorithm(IBFA) is employed to optimize parameters of SVM. The Tennessee-Eastman process model is utilized as simulation foundation to simulate a malicious attack to CPS, and the proposed algorithm is then used to detect the attack. Results coming out of above simulation and detections indicate that the proposed algorithm can detect occurrence of attacks effectively, which not only shorten detection time but also improve security performance of CPS.

Key words: cyber-physical system, attack detection, sparse autoencoder, support vector machine, parameter optimization

CLC Number:

TP273

WANG Zhi-wen, CAO Xu, HUANG Tao. CPS attack detection based on SAE-SVM[J]. Journal of Lanzhou University of Technology, 2021, 47(2): 72-79.

References

[1] LU T,LIN J,ZHAO L,et al.A security architecture in cyber-physical systems:security theories,analysis,simulation and application fields [J].International Journal of Security &Its Applications,2015,9(7):1-16.
[2] 吕雪峰,谢耀滨.一种基于状态迁移图的工业控制系统异常检测方法[J].自动化学报,2018,44(9):1662-1671.
[3] ASHFAQ R A R,WANG X Z,HUANG J Z,et al.Fuzziness based semi-supervised learning approach for intrusion detection system[J].Information Sciences,2016,378:484-497.
[4] JABBAR M A,SAMREEN S.Intelligent network intrusion detection using alternating decision trees[C]//2016 International Conference on Circuits,Controls,Communications and Computing (I4C).Bangalore,India:IEEE,2016:1-6.
[5] RUIZ Z,SALVADOR J,GARCIA-RODRIGUEZ J.A survey of machine learning methods for big data[C]//International Work-Conference on the Interplay Between Natural &Artificial Computation.[S.l.]:Springer,2017:259-267.
[6] LI L,HAO Z,PENG H,et al.Nearest neighbors based density peaks approach to intrusion detection[J].Chaos Solitons &Fractals,2018,110:33-40.
[7] CHAPELLE O,HAFFNER P,VAPNIK V N.Support vector machines for histogram-based image classification[J].IEEE Transactions on Neural Networks,1999,10(5):1055-1064.
[8] SHAMSUI H,HOHN Y,MEHEDI H M,et al.Securing the operations in SCADA-IoT platform based industrial control system using ensemble of deep belief networks[J].Applied Soft Computing,2018,71:66-77.
[9] KIM G,LEE S,KIM S.A novel hybrid intrusion detection method integrating anomaly detection with misuse detection[J].Expert Systems with Applications,2014,41(4):1690-1700.
[10] SHANG W,CUI J,SONG C,et al.Research on industrial control anomaly detection based on FCM and SVM[C]//2018 17th IEEE International Conference on Trust,Security and Privacyin Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE).New York,USA:IEEE,2018:218-222.
[11] BEAVER J M,BORGES-HINK R C,BUCKNER M A.An evaluation of machine learning methods to detect malicious SCADA Communications[C]//2013 12th International Conference on Machine Learning and Applications.Miami,USA:IEEE,2013:54-59.
[12] KISS I,GENGE B,HALLER P.A clustering-based approach to detect cyber attacks in process control systems[C]//IEEE International Conference on Industrial Informatics.Cambridge,England:IEEE,2015:142-148.
[13] SOKOLOV A N,PYATNITSKY I A,ALABUGIN S K.Research of classical machine learning methods and deep learning models effectiveness in detecting anomalies of industrial control system[C]//2018 Global Smart Industry Conference (GloSIC).Chelyabinsk,Russia:IEEE,2018:1-6.
[14] LECUN Y,BENGIO Y,HINTON G.Deep learning[J].Nature,2015,521:436-444.
[15] XU L,CAO M,SONG B,et al.pen-circuit fault diagnosis of power rectifier using sparse autoencoder based deep neural network[J].Neurocomputing,2018,311:1-10.
[16] ZENG N,ZHANG H,SONG B,et al.Facial expression recognition via learning deep sparse autoencoders[J].Neurocomputing,2018,273:643-649.
[17] WAHAB O A,MOURAD A,OTROK H,et al.CEAP:SVM-based intelligent detection model for clustered vehicular ad hoc networks[J].Expert Systems with Applications,2016,50:40-54.
[18] DAS S,DASGUPTA S,BISWAS A,et al.On stability of the chemotactic dynamics in bacterial-foraging optimization algorithm[J].IEEE Transactions on Systems,Man,and Cybernetics-Part A:Systems and Humans,2009,39(3):670-679.
[19] COELLO C A C,PULIDO G T,LECHUGA M S.Handling multiple objectives with particle swarm optimization[J].IEEE Transactions on Evolutionary Computation,2004,8(3):256-279.
[20] DOWNS J J,VOGEL E F.A plant-wide industrial process control problem[J].Computers and Chemical Engineering,1993,17(3):245-255.
[21] CHANG C C,LIN C J.LIBSVM:a library for support vector machines[DB/OL].(2020-11-10).http://www.csie.ntu.edu.tw/~cjlin/libsvm.