Skip to main content
SpringerLink
Log in

Hybrid Cyber-Attack Detection Model on Cyber-Physical Systems Using Machine Learning Techniques

  • Conference paper
  • First Online:
Proceedings of Data Analytics and Management (ICDAM 2023)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 786))

Included in the following conference series:

  • 124 Accesses

Abstract

Physical objects and infrastructure can now be connected to the web and to one another using cyber-physical systems, which incorporate sensing, computation, control, and networking. Protection of these cyber-physical systems is becoming a necessity for their major stakeholders, including government agencies. Their performance affects several facets of human existence, including health, economy, and welfare. Cyber-Physical Systems (CPSs) are vulnerable to security breaches, and an attacker could potentially acquire access to the process controls for a prolonged amount of time. As a part of our research, we present a hybrid cyber-attack detection model, integrating the incremental principal component analysis (IPCA) with the two machine learning methods in parallel: k-nearest neighbor (KNN) and logistic regression (LR). Two machine learning methods with hyperparameters are combined with model adjustment to enhance their ability to predict attacks. To improve the validation accuracy, the incremental principal component analysis (IPCA) is taken into consideration. The experiments are performed using the Secure Water Treatment (SWaT) dataset, comprising details about the normal operation of the system as well as the malfunctioning of the system caused due to cyber-attacks. First, we evaluate the suggested model's efficacy in light of previous research, and it shows that out of two parallel machine learning techniques, KNN does perform exceptionally well in terms of precision attaining a value of 0.997, recall of 0.996, and F1-score of 0.996 in comparison to LR.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Elnour M, Meskin N, Khan K, Jain R (2020) A dual-isolation-forests-based attack detection framework for industrial control systems. IEEE Access. 8:36639–36651. https://doi.org/10.1109/ACCESS.2020.2975066

    Article  Google Scholar 

  2. Chapelle O, Scholkopf B, Zien A (eds) (2009) Semi-supervised learning (2006) [Book reviews]. IEEE Trans Neural Netw 20. https://doi.org/10.1109/tnn.2009.2015974

  3. Beaver J, R.B.-H (2013) 12th international, 2013, undefined: an evaluation of machine learning methods to detect malicious SCADA communications. ieeexplore.ieee.org

    Google Scholar 

  4. Borges Hink RC, Beaver JM, Buckner MA, Morris T, Adhikari U, Pan S (2014) Machine learning for power system disturbance and cyber-attack discrimination. In: 7th international symposium on resilient control systems, ISRCS 2014. https://doi.org/10.1109/ISRCS.2014.6900095

  5. Kravchik M, A S.-IT D (2021) Undefined: efficient cyber attack detection in industrial control systems using lightweight neural networks and pca. ieeexplore.ieee.org

    Google Scholar 

  6. Alguliyev R, Imamverdiyev Y, Sukhostat L (2021) Hybrid DeepGCL model for cyber-attacks detection on cyber-physical systems. Neural Comput Appl 33:10211–10226. https://doi.org/10.1007/S00521-021-05785-2

    Article  Google Scholar 

  7. Kravchik M, Shabtai A (2018) Detecting cyber attacks in industrial control systems using convolutional neural networks. Proc ACM Conf Comput Commun Secur 72–83. https://doi.org/10.1145/3264888.3264896

  8. Lin Q, Verwer S, Adepu S, Mathur A (2018) TABOR: a graphical model-based approach for anomaly detection in industrial control systems. In: ASIACCS 2018—proceedings of the 2018 ACM Asia conference on computer and communications security. https://doi.org/10.1145/3196494.3196546

  9. Hindy H, Brosset D, Bayne E, Seeam A, Bellekens X (2019) Improving SIEM for critical SCADA water infrastructures using machine learning. In: Lecture notes in computer science (including subseries lecture notes in artificial intelligence and lecture notes in bioinformatics). https://doi.org/10.1007/978-3-030-12786-2_1

  10. Junejo KN (2020) Predictive safety assessment for storage tanks of water cyber-physical systems using machine learning. Sadhana—Acad Proc Eng Sci 45. https://doi.org/10.1007/s12046-020-1290-y

  11. Ahmed CM, Zhou J, Mathur AP (2018) Noise matters: using sensor and process noise fingerprint to detect stealthy cyber attacks and authenticate sensors in CPS. In: ACM international conference proceeding series. https://doi.org/10.1145/3274694.3274748

  12. Ghaeini H, Tippenhauer N 14th, J.Z.-P(2019) Zero residual attacks on industrial control systems and stateful countermeasures. dl.acm.org. https://doi.org/10.1145/3339252.3340331

  13. Ulybyshev D, Yilmaz I, Northern B, Kholodilo V, Rogers M (2021) Trustworthy data analysis and sensor data protection in cyber-physical systems. In: SAT-CPS 2021—proceedings of the 2021 ACM workshop on secure and trustworthy cyber-physical systems. https://doi.org/10.1145/3445969.3450432

  14. Selim GEI, Hemdan EED, Shehata AM, El-Fishawy NA (2021) Anomaly events classification and detection system in the critical industrial internet of things infrastructure using machine learning algorithms. Multi Tools Appl 80. https://doi.org/10.1007/s11042-020-10354-1

  15. Inoue J, Yamagata Y, Chen Y, Poskitt CM, Sun J (2017) Anomaly detection for a water treatment system using unsupervised machine learning. In: IEEE international conference on data mining workshops, ICDMW. https://doi.org/10.1109/ICDMW.2017.149

  16. Gómez ÁLP, Maimó LF, Celdrán AH, Clemente FJG (2020) MADICS: a methodology for anomaly detection in industrial control systems. Symmetry (Basel) 12. https://doi.org/10.3390/SYM12101583

  17. Datasets—iTrust, https://itrust.sutd.edu.sg/itrust-labs_datasets/. Last accessed 13 Feb 2023

  18. Goh J, Adepu S, Junejo K, critical, AM-I (2016) conference on, 2016, A dataset to support research in the design of secure water treatment systems. Springer

    Google Scholar 

  19. Li D, Chen D, Jin B, Shi L, Goh J, Ng SK (2019) MAD-GAN: multivariate anomaly detection for time series data with generative adversarial networks. In: Lecture notes in computer science (including subseries lecture notes in artificial intelligence and lecture notes in bioinformatics). https://doi.org/10.1007/978-3-030-30490-4_56

  20. Shalyga D, Filonov P, Lavrentyev A (2018) Anomaly detection for water treatment system based on neural network with automatic architecture optimization

    Google Scholar 

Download references

Acknowledgements

iTrust, Centre for Research in Cyber Security, Singapore University of Technology and Design, provided the SWaT dataset to help our study.

Author information

Authors and Affiliations

  1. Department of Computer Science, Jamia Millia Islamia, New Delhi, India

    Qawsar Gulzar & Khurram Mustafa

Authors
  1. Qawsar Gulzar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Khurram Mustafa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qawsar Gulzar .

Editor information

Editors and Affiliations

  1. Department of Information Technology, Bhagwan Parshuram Institute of Technology, New Delhi, Delhi, India

    Abhishek Swaroop

  2. Jan Wyżykowski University, Polkowice, Poland

    Zdzislaw Polkowski

  3. Polytechnic Institute of Portalegre, Portalegre, Portugal

    Sérgio Duarte Correia

  4. Centre for Communications Technology, London Metropolitan University, London, UK

    Bal Virdee

Ethics declarations

Conflict of Interest

The author affirms that no conflict of interest exists.

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gulzar, Q., Mustafa, K. (2024). Hybrid Cyber-Attack Detection Model on Cyber-Physical Systems Using Machine Learning Techniques. In: Swaroop, A., Polkowski, Z., Correia, S.D., Virdee, B. (eds) Proceedings of Data Analytics and Management. ICDAM 2023. Lecture Notes in Networks and Systems, vol 786. Springer, Singapore. https://doi.org/10.1007/978-981-99-6547-2_16

Download citation

Publish with us

Policies and ethics

Search

Navigation