Advertisement

Securing Industrial Control Systems from False Data Injection Attacks with Convolutional Neural Networks

  • Sasanka PotluriEmail author
  • Shamim Ahmed
  • Christian Diedrich
Chapter
Part of the Studies in Computational Intelligence book series (SCI, volume 867)

Abstract

Due to trends in modern infrastructure development and usage, the attacks on Industrial Control Systems (ICS) are inevitable. New threats and other forms of attacks are constantly emerging to exploit vulnerabilities in system compromising the security parameters such as Confidentiality, Integrity and Availability (CIA). Injection attacks also termed as False Data Injection Attacks (FDIA) are the complex attacks on the ICS. FDIA affects the data integrity of a packet by modifying their payloads and are considered as an intrusion via remote access. In FDIA, attackers gain access to a critical process or process parameters in ICS and forces them to execute according to the newly injected code or command. For our research, a process control plant from Integrated Automation laboratory was used to acquire different parameters related to ICS. Injection attacks such as measurement injection and command injection were simulated and injected into the obtained plant data. Convolutional Neural Networks (CNN) is used to evaluate the functionality of identifying those injection attacks. Multiple steps such as pre-processing, feature extraction, data transformation and image representation were performed in order to feed the CNN with the simulated plant data. A 3-layered fully connected CNN architecture with non-linear ReLU activation is built along with a SoftMax classification layer for classifying the input data as a normal or an attack. A proper training of CNN is done by checking the variance to avoid overfitting and underfitting of the network. Performance parameters such as accuracy, recall, precision F-measure and Cohen’s kappa coefficient were computed. CNN outperforms in the performance compared to other deep learning approaches.

Keywords

Convolutional neural networks Injection attacks Industrial control systems 

References

  1. 1.
    ISA: ISA99, Industrial automation and control systems security. https://www.isa.org/isa99/. Accessed 07 Mar 2019
  2. 2.
    The White House and Washington: PRESIDENTIAL DECISION DIRECTIVE/NSC-63. https://fas.org/irp/offdocs/pdd/pdd-63.htm. Accessed 07 Mar 2019
  3. 3.
    Nigam, R.: (Known) SCADA attacks over the year, Security Research. https://blog.fortinet.com/2015/02/12/known-scada-attacks-over-the-years (2015). Accessed 15 Sept 2017
  4. 4.
    Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: The spread of the sapphire/slammer wormGoogle Scholar
  5. 5.
    Legezo, D.: Operation Ghoul: learning from the targeted attack analysis to protect your business. https://www.kaspersky.com/blog/ghoul/5897/ (2016). Accessed 15 Sept 2017
  6. 6.
    Thompson, M.: Iranian cyber attack on New York dam shows future of war. http://time.com/4270728/iran-cyber-attack-dam-fbi/ (2016). Accessed 15 Sept 2017
  7. 7.
    Colbert, E.J., Kott, A.: Cyber-Security of SCADA and other Industrial Control Systems, 63rd edn. Springer (2016)Google Scholar
  8. 8.
    Morris, T., Gao, W.: Industrial control system cyber attacks. In: International Symposium on ICS SCADA Cyber Security Research, pp. 22–29 (2013)Google Scholar
  9. 9.
    Mangrulkar, N.S.: Network attacks and their detection mechanisms: A Review 90(9), 36–39 (2014)Google Scholar
  10. 10.
    Mo, Y., Sinopoli, B.: False data injection attacks in control systems. In: Conference on DecisionControl (2010)Google Scholar
  11. 11.
    Potluri, S., Diedrich, C., Sangala, G.K.R.: Identifying false data injection attacks in industrial control systems using artificial neural networks. In: Emergeing Technology in Factory Automation ETFA 2017 (2017)Google Scholar
  12. 12.
    Huang, H., Kasiviswanathan, S., Electric, G.: Streaming anomaly detection using online matrix sketching 9(3), 1–15 (2015)Google Scholar
  13. 13.
    F. O. for I. Security. Industrial control system security (2016)Google Scholar
  14. 14.
    Willsky, A.S.: A survey of design methods for failure detection in dynamic systems. Automatica 12(6), 601–611 (1976)MathSciNetCrossRefGoogle Scholar
  15. 15.
    Yu, Z.H., Chin, W.L.: Blind false data injection attack using PCA approximation method in smart grid. IEEE Trans. Smart Grid 6(3), 1219–1226 (2015)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Kamesh, Sakthi Priya, N.: Security enhancement of authenticated RFID generation. Int. J. Appl. Eng. Res. 9(22), 5968–5974 (2014)Google Scholar
  17. 17.
    Alrawashdeh, K., Purdy, C.: Toward an online anomaly intrusion detection system based on deep learning. In: 15th IEEE International Conference on Machine Learning and Applications (ICMLA), pp. 195–200 (2016)Google Scholar
  18. 18.
    Kaur, H., Minhas, J., Singh, G.: A review of machine learning based anomaly detection techniques. Int. J. Comput. Appl. Technol. Res. 2(2), 185–187 (2013)CrossRefGoogle Scholar
  19. 19.
    Van, N.T., Thinh, T.N.: An anomaly-based network intrusion detection system using deep learning. In: International Conference on System Science and Engineering (ICSSE) (2017)Google Scholar
  20. 20.
    Yu, W., Griffith D., Ge, L., Bhattarai, S., Golmie, N.: An integrated detection system against false data injection attacks in the smart grid. Secur. Commun. Netw. 8, 91–109 (2014)CrossRefGoogle Scholar
  21. 21.
    Huang, S., Zhou, C., Yang, S., Qin, Y.: Cyber-physical system security for networked 12, 567–578 (2015)Google Scholar
  22. 22.
    Pang, Z., Hou, F., Zhou, Y.: Design of false data injection attacks for output tracking control of CARMA systems. In: International Conference on Information and Automation, pp. 1273–1277 (2015)Google Scholar
  23. 23.
    Rabatel, J., Bringay, S., Poncelet, P.: Anomaly detection in monitoring sensor data for preventive maintenance. Expert Syst. Appl. 38(6), 7003–7015 (2011)CrossRefGoogle Scholar
  24. 24.
    Hill, D.J., Minsker, B.S., Amir, E.: Real-time Bayesian anomaly detection in streaming environmental data. Water Resour. Res. 46(4), 1–16 (2010)Google Scholar
  25. 25.
    Pradhan, S.K.S.M., Pradhanm, S.K.: Anomaly detection using artificial neural networks. Int. J. Eng. Sci. Emerg. Technol. 2(1), 29–36 (2012)Google Scholar
  26. 26.
    Siripanadorn, S.: Anomaly detection using self-organizing map and wavelets in wireless sensor networks. In: Proceedings of the 10th WSEA, pp. 291–297 (2010)Google Scholar
  27. 27.
    Guan, Z., Sun, N., Xu, Y.: A comprehensive survey of false data injection in smart grid. Mob. Comput. 8(1) (2015)CrossRefGoogle Scholar
  28. 28.
    Wang, D., Guan, X., Liu, T., Gu, Y., Sun, Y., Liu, Y.: A survey on bad data injection attack in smart gridGoogle Scholar
  29. 29.
    Baig, Z.A., Amoudi, A.: An analysis of smart grid attacks and countermeasures 8(8) (2013)Google Scholar
  30. 30.
    Anwar, A.: Vulnerabilities of smart grid state estimation against false data injection attack cyber incidents in different sector in renewable energy integration, green energy and technology (2014)Google Scholar
  31. 31.
    Esmalifalak, M., Member, S., Liu, L., Member, S.: Detecting stealthy false data injection using machine learning in smart grid, 1–9 (2014)Google Scholar
  32. 32.
    Hao, J., Member, S., Piechocki, R.J., Kaleshi, D.: Sparse malicious false data injection attacks and defense mechanisms in smart grids 3203, 1–12 (2015)Google Scholar
  33. 33.
    Potluri, S., Diedrich, C., Sangala, G.K.R.: Identifying false data injection attacks in industrial control systems using artificial neural networks. In: 22nd IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), pp. 1–8 (2017)Google Scholar
  34. 34.
    Famili, A., Shen, W., Weber, R., Simoudis, E.: Data preprocessing and intelligent data analysis 1, 3–23 (1997)CrossRefGoogle Scholar
  35. 35.
    Siekmann, J., Wahlster, W.: Advanced intelligent computing theories and applicationsGoogle Scholar
  36. 36.
    MaxStat: tools for scientific data analysis—Statistics. http://www.maxstat.de/statistical-tests.html. Accessed 15 Sep 2017
  37. 37.
    Wu, J.: Introduction to convolutional neural networks. 1–28, (2016)Google Scholar
  38. 38.
    Agarap, A.F.: Deep learning using rectified linear units (ReLU), 1 (2018)Google Scholar
  39. 39.
    Wu, H., Gu, X.: Max-pooling dropout for regularization of convolutional neural networks. Lecture Notes in Computer Science (including Subseries Lecture Notes in Artificial Intelligence, Lecture Notes in Bioinformatics), vol. 9489, pp. 46–54 (2015)CrossRefGoogle Scholar
  40. 40.
    ujjwalkarn: An intuitive explanation of convolutional neural networks. The data science blog. https://ujjwalkarn.me/2016/08/11/intuitive-explanation-convnets/ (2016). Accessed 06 May 2018
  41. 41.
    Bhandare, A., Bhide, M., Gokhale, P., Chandavarkar, R.: Applications of convolutional neural networks. Int. J. Comput. Sci. Inf. Technol. 7(5), 2206–2215 (2016)Google Scholar
  42. 42.
  43. 43.
    MathWorks: Training a model from Scratch—MATLAB & Simulink. https://www.mathworks.com/solutions/deep-learning/examples/training-a-model-from-scratch.html. Accessed 07 Mar 2019
  44. 44.
    MathWorks: Options for training deep learning neural network. https://www.mathworks.com/help/deeplearning/ref/trainingoptions.html. Accessed 07 Mar 2019

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Sasanka Potluri
    • 1
    Email author
  • Shamim Ahmed
    • 1
  • Christian Diedrich
    • 1
  1. 1.Faculty of Electrical Engineering and Information TechnologyInstitute for Automation Engineering, Otto-von-Guericke UniversityMagdeburgGermany

Personalised recommendations