Abstract
Detection of deception attacks is pivotal to ensure the safe and reliable operation of cyber-physical systems (CPS). Detection of such attacks needs to consider time-series sequences and is very challenging especially for autonomous vehicles that rely on high-dimensional observations from camera sensors. The paper presents an approach to detect deception attacks in real-time utilizing sensor observations, with a special focus on high-dimensional observations. The approach is based on inductive conformal anomaly detection (ICAD) and utilizes a novel generative model which consists of a variational autoencoder (VAE) and a recurrent neural network (RNN) that is used to learn both spatial and temporal features of the normal dynamic behavior of the system. The model can be used to predict the observations for multiple time steps, and the predictions are then compared with actual observations to efficiently quantify the nonconformity of a sequence under attack relative to the expected normal behavior, thereby enabling real-time detection of attacks using high-dimensional sequential data. We evaluate the approach empirically using two simulation case studies of an advanced emergency braking system and an autonomous car racing example, as well as a real-world secure water treatment dataset. The experiments show that the proposed method outperforms other detection methods, and in most experiments, both false positive and false negative rates are less than 10%. Furthermore, execution times measured on both powerful cloud machines and embedded devices are relatively short, thereby enabling real-time detection.
Similar content being viewed by others
Data availability statement
The datasets generated during and/or analyzed during the current study are available from the corresponding author on reasonable request.
Change history
19 April 2023
A Correction to this paper has been published: https://doi.org/10.1007/s10207-023-00696-w
Notes
In this paper, “normal” refers to the intended behavior of the system without any attack and “abnormal” refers specifically to the abnormal behavior due to attacks.
It should be noted that the observations (control signals) can be either from historical data that has been occurred in the network or modified arbitrarily by an attacker.
References
Anwar, A., Mahmood, A., Ray, B., Mahmud, M.A., Tari, Z.: Machine learning to ensure data integrity in power system topological network database. Electronics 9(4), 693 (2020)
Bengio, Y. , Frasconi, P., Simard, P.Y.: The problem of learning long-term dependencies in recurrent networks. In: Proceedings of International Conference on Neural Networks, ICNN ’88 (1993)
Bishop, C.: Mixture density networks. Technical Report (1994)
Brockman, G., Cheung, V., Pettersson, L., Schneider, J., Schulman, J., Tang, J., Zaremba, W.: Openai gym. CoRR. arXiv:1606.01540 (2016)
Cai, F., Koutsoukos, X.D.: Real-time out-of-distribution detection in learning-enabled cyber-physical systems. In: 11th ACM/IEEE International Conference on Cyber-Physical Systems, ICCPS (2020)
Cai, F., Li, J., Koutsoukos, X.D.: Detecting adversarial examples in learning-enabled cyber-physical systems using variational autoencoder for regression. In: IEEE Security and Privacy Workshops (2020)
Cai, F., Ozdagli, A.I., Koutsoukos, X.D.: Detection of dataset shifts in learning-enabled cyber-physical systems using variational autoencoder for regression. In: 4th IEEE International Conference on Industrial Cyber-Physical Systems, ICPS (2021)
Cárdenas, A.A., Amin, S., Sastry, S.: Secure control: towards survivable cyber-physical systems. In: 28th IEEE International Conference on Distributed Computing Systems Workshops (2008)
Depeweg, S., Hernández-Lobato, J.M., Doshi-Velez, F., Udluft, S.: Learning and policy search in stochastic dynamical systems with Bayesian neural networks. In: 5th International Conference on Learning Representations, ICLR (2017)
Dosovitskiy, A., Ros, G., Codevilla, F., López A., Koltun, V.: CARLA: an open urban driving simulator. In: 1st Annual Conference on Robot Learning, CoRL (2017)
Fedorova, V., Gammerman, A.J., Nouretdinov, I., Vovk, V.: Plug-in martingales for testing exchangeability on-line. In: Proceedings of the 29th International Conference on Machine Learning, ICML ’12 (2012)
Feng, Y., Ng, D.J.X., Easwaran, A.: Improving variational autoencoder based out-of-distribution detection for embedded real-time applications. ACM Trans. Embed. Comput. Syst. (TECS) 20(5s), 1–26 (2021)
Ferragut, E.M., Laska, J., Olama, M.M., Ozmen, O.: Real-time cyber-physical false data attack detection in smart grids using neural networks. In: International Conference on Computational Science and Computational Intelligence (CSCI) (2017)
Garip, M.T., Gursoy, M.E., Reiher, P., Gerla, M.: Congestion attacks to autonomous cars using vehicular botnets. In: NDSS Workshop on Security of Emerging Networking Technologies (SENT) (2015)
Goh, J., Adepu, S., Junejo, K.N., Mathur, A.: A dataset to support research in the design of secure water treatment systems. In: 11th International Conference on Critical Information Infrastructures Security, CRITIS (2016)
Goh, J., Adepu, S., Tan, M., Lee, Z.S.: Anomaly detection in cyber physical systems using recurrent neural networks. In: 18th IEEE International Symposium on High Assurance Systems Engineering, HASE ’2017 (2017)
Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. In: 3rd International Conference on Learning Representations, ICLR (2015)
Gu, X., Easwaran, A.: Towards safe machine learning for cps: infer uncertainty from training data. In: 10th ACM/IEEE International Conference on Cyber-Physical Systems, ICCPS, pp. 249–258 (2019)
Ha, D., Schmidhuber, J.: Recurrent world models facilitate policy evolution. In: Advances in Neural Information Processing Systems, NeurIPS, vol. 31 (2018)
Habler, E., Shabtai, A.: Using LSTM encoder-decoder algorithm for detecting anomalous ADS-B messages. Comput. Secur. 78, 155–173 (2018)
Hoehn, A., Zhang, P.: Detection of replay attacks in cyber-physical systems. In: American Control Conference, ACC, pp. 290–295. IEEE (2016)
Inoue, J., Yamagata, Y., Chen, Y., Poskitt, C.M., Sun, J.: Anomaly detection for a water treatment system using unsupervised machine learning. In: IEEE International Conference on Data Mining Workshops (2017)
Ishimtsev, V., Bernstein, A., Burnaev, E., Nazarov, I.: Conformal \(k\)-NN anomaly detector for univariate data streams. In: Proceedings of Machine Learning Research, vol. 60, pp. 213–227. PMLR (2017)
Kantaros, Y., Carpenter, T.J., Sridhar, K., Yang, Y., Lee, I., Weimer, J.: Real-time detectors for digital and physical adversarial inputs to perception systems. In: 12th ACM/IEEE International Conference on Cyber-Physical Systems, ICCPS (2021)
Keahey, K., Anderson, J., Zhen, Z., Riteau, P., Ruth, P., Stanzione, D., Cevik, M., Colleran, J., Gunawi, H.S., Hammock, C., Mambretti, J., Barnes, A., Halbach, F., Rocha, A., Stubbs, J.: Lessons learned from the chameleon testbed. In: USENIX Annual Technical Conference (2020)
Khaitan, S.K., McCalley, J.D.: Design techniques and applications of cyberphysical systems: a survey. IEEE Syst. J. 9(2), 350–365 (2014)
Kingma, D.P., Welling, M.: Auto-encoding variational Bayes. In: 2nd International Conference on Learning Representations, ICLR (2014)
Kravchik, M., Shabtai, A.: Detecting cyber attacks in industrial control systems using convolutional neural networks. In: Proceedings of the 2018 Workshop on Cyber-physical Systems Security and Privacy (2018)
Laxhammar, R., Falkman, G.: Conformal prediction for distribution-independent anomaly detection in streaming vessel data. In: 1st International Workshop on Novel Data Stream Pattern Mining Techniques (2010)
Laxhammar, R., Falkman, G.: Inductive conformal anomaly detection for sequential detection of anomalous sub-trajectories. Ann. Math. Artif. Intell. 74, 67–94 (2015)
Li, D., Chen, D., Jin, B., Shi, L., Goh, J., Ng, S.: MAD-GAN: multivariate anomaly detection for time series data with generative adversarial networks. In: 28th International Conference on Artificial Neural Networks, ICANN ’2019 (2019)
Liu, Y., Ning, P., Reiter, M.K.: False data injection attacks against state estimation in electric power grids. ACM Trans. Inf. Syst. Secur. 14(1), 13:1-13:33 (2011)
McAllister, R., Rasmussen, C.E.: Data-efficient reinforcement learning in continuous state-action gaussian-pomdps (2017)
Mo, Y., Sinopoli, B.: Integrity attacks on cyber-physical systems. In: 1st International Conference on High Confidence Networked Systems, HiCoNS (2012)
Mo, Y., Weerakkody, S., Sinopoli, B.: Physical authentication of control systems: designing watermarked control inputs to detect counterfeit sensor outputs. IEEE Control Syst. Mag. 35(1), 93–109 (2015)
Nizam, F., Chaki, S., Al Mamun, S., Kaiser, M.S., et al.: Attack detection and prevention in the cyber physical system. In: International Conference on Computer Communication and Informatics (ICCCI) (2016)
Pang, Z.-H., Liu, G., Dong, Z.: Secure networked control systems under denial of service attacks. IFAC Proc. Vol. 44(1), 8908–8913 (2011)
Rumelhart, D.E., Hinton, G.E., Williams, R.J.: Learning internal representations by error propagation. Technical report, California Univ. San Diego La Jolla Inst for Cognitive Science (1985)
Schmidhuber, J.: On learning to think: algorithmic information theory for novel combinations of reinforcement learning controllers and recurrent neural world models. arXiv preprint arXiv:1511.09249 (2015)
Smith, J., Nouretdinov, I., Craddock, R., Offer, C., Gammerman, A.: Anomaly detection of trajectories with kernel density estimation by conformal prediction. In: International Conference on Artificial Intelligence Applications and Innovations, AIAI (2014)
Srikantha, P., Kundur, D.: Denial of service attacks and mitigation for stability in cyber-enabled power grid. In: 2015 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT), pp. 1–5. IEEE (2015)
Su, Y., Zhao, Y., Niu, C., Liu, R., Sun, W., Pei, D.: Robust anomaly detection for multivariate time series through stochastic recurrent neural network. In: 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, KDD (2019)
Zhou, M., Zhang, Z., Xie, L.: Permutation entropy based detection scheme of replay attacks in industrial cyber-physical systems. J. Frankl. Inst. 358(7), 4058–4076 (2021)
Funding
The material presented in this paper is based upon work supported by the National Science Foundation (NSF) under Grant Numbers CNS 1739328 and the Defense Advanced Research Projects Agency (DARPA) through Contract Number FA8750-18-C-0089. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of DARPA, or NSF.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Ethical approval
This article does not contain any studies with human participants or animals performed by any of the authors.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Cai, F., Koutsoukos, X. Real-time detection of deception attacks in cyber-physical systems. Int. J. Inf. Secur. 22, 1099–1114 (2023). https://doi.org/10.1007/s10207-023-00677-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-023-00677-z