Skip to main content
SpringerLink
Log in

Hybrid DeepGCL model for cyber-attacks detection on cyber-physical systems

  • Original Article
  • Published:
Neural Computing and Applications Aims and scope Submit manuscript

Abstract

The urgency of solving the problem of ensuring the security of cyber-physical systems is due to ensure their correct functioning. Cyber-physical system applications have a significant impact on different industrial sectors. The number and variety of cyber-attacks are growing, aimed not only at obtaining data from cyber-physical systems but also managing the production process itself. Detecting and preventing attacks on cyber-physical systems is critical because they can lead to financial losses, production interruptions, and therefore endanger national security. This paper proposes a deep hybrid model based on three parallel neural architectures: a one-dimensional convolutional neural network, a gated recurrent unit neural network, and a long short-term memory neural network. The SPOCU activation function is considered in hidden layers of the proposed model and improves its performance. Furthermore, to improve the classification accuracy, a modified version of Adam optimizer is considered. The experiments are conducted on two datasets: raw water treatment plant and gasoil heater loop process as the cyber-physical system applications. They contain information about the normal behavior of these systems and their failures caused by cyber-attacks. The results show that the proposed model outperforms the recent works using machine learning techniques.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Zeadally S, Jabeur N (2016) Cyber-physical system design with sensor networking technologies. The Institution of Engineering and Technology, London

    Google Scholar 

  2. Lun YZ, D’Innocenzo A, Smarra F, Malavolta I, Di Benedetto MD (2019) State of the art of cyber-physical systems security: an automatic control perspective. J Syst Softw 149:174–216. https://doi.org/10.1016/j.jss.2018.12.006

    Article  Google Scholar 

  3. Alguliyev R, Imamverdiyev Y, Sukhostat L (2018) Cyber-physical systems and their security issues. Comput Ind 100:212–223. https://doi.org/10.1016/j.compind.2018.04.017

    Article  Google Scholar 

  4. Atzori M, Cognolato M, Müller H (2016) Deep learning with convolutional neural networks applied to electromyography data: a resource for the classification of movements for prosthetic hands. Front Neurorobotics 10(9):1–10. https://doi.org/10.3389/fnbot.2016.00009

    Article  Google Scholar 

  5. He K, Zhang X, Ren S, Sun J (2016) Deep residual learning for image recognition. In: International conference on computer vision and pattern recognition (CVPR). IEEE, pp 770–778. https://doi.org/10.1109/CVPR.2016.90

    Chapter  Google Scholar 

  6. Farabet C, Couprie C, Najman L, LeCun Y (2013) Learning hierarchical features for scene labeling. IEEE Trans Pattern Anal Mach Intell 35(8):1915–1929. https://doi.org/10.1109/TPAMI.2012.231

    Article  Google Scholar 

  7. LeCun Y, Bengio Y, Hinton G (2015) Deep learning. Nature 521:436–444. https://doi.org/10.1038/nature14539

    Article  Google Scholar 

  8. Shin J, Baek Y, Lee J, Lee S (2019) Cyber-physical attack detection and recovery based on RNN in automotive brake systems. Appl Sci 9(1):1–21. https://doi.org/10.3390/app9010082

    Article  Google Scholar 

  9. Kravchik M, Shabtai A (2018) Detecting cyber attacks in industrial control systems using convolutional neural networks. In: Proceedings of the 2018 Workshop on cyber-physical systems security and privacy (CPS-SPC'18), pp 72–83. https://doi.org/10.1145/3264888.3264896

  10. Cho K, van Merrienboer B, Gulcehre C, Bahdanau D, Bougares F, Schwenk H, Bengio Y (2014) Learning phrase representations using RNN encoder-decoder for statistical machine translation. In: Proceedings of the 2014 international conference on empirical methods in natural language (EMNLP), pp 1724–1734. https://doi.org/10.3115/v1/D14-1179

  11. LeCun Y, Haffner P, Bottou L, Bengio Y (1999) Object recognition with gradient-based learning. In: Forsyth DA, Mundy JL, Gesu VD, Cipolla R (eds) Shape, contour and grouping in computer vision. Springer, London, pp 319–345

    Chapter  Google Scholar 

  12. Hochreiter S, Schmidhuber J (1997) Long short-term memory. Neural Comput 9(8):1735–1780. https://doi.org/10.1162/neco.1997.9.8.1735

    Article  Google Scholar 

  13. Kiselak J, Lu Y, Svihra J, Szepe P, Stehlik M (2021) “SPOCU”: scaled polynomial constant unit activation function. Neural Comput Appl 33:3385–3401. https://doi.org/10.1007/s00521-020-05182-1

    Article  Google Scholar 

  14. Loshchilov I, Hutter F (2019) Decoupled weight decay regularization. In: Proceedings of the 7th international conference on learning representations (ICLR’19), pp 1–19. arXiv:1711.05101

  15. Reddi SJ, Kale S, Kumar S (2018) On the convergence of Adam and beyond. In: Proceedings of the 6th International conference on learning representations (ICLR'18), pp 1–23. arXiv:1904.09237

  16. Gastaldi X (2017) Shake-shake regularization of 3-branch residual networks. In: Proceedings of the 5th international conference on learning representations (ICLR’17), pp 1–5

  17. Hanson SJ, Pratt LY (1989) Comparing biases for minimal network construction with back-propagation. In: Touretzky D (ed) Advances in neural information processing systems 1. Morgan Kaufman, Palo Alto, pp 177–185

  18. Lin Q, Adepu S, Verwer S, Mathur A (2018) TABOR: a graphical model-based approach for anomaly detection in industrial control systems. In: Proceedings of the Asia conference on computer and communications security (ASIACCS’18), pp 525–536. https://doi.org/10.1145/3196494.3196546

  19. Secure Water Treatment (SWaT). http://itrust.sutd.edu.sg/research/testbeds/secure-water-treatment-swat/. Accessed 2020

  20. Goh J, Adepu S, Junejo KN, Mathur A (2017) A dataset to support research in the design of secure water treatment systems. In: Havarneanu G, Setola R, Nassopoulos H, Wolthusen S (eds) Critical information infrastructures security CRITIS 2016 Lecture notes in computer science. Springer, Cham, pp 88–99. https://doi.org/10.1007/978-3-319-71368-7_8

    Chapter  Google Scholar 

  21. Filonov P, Lavrentyev A, Vorontsov A (2016) Multivariate industrial time series with cyber-attack simulation: fault detection using an LSTM-based predictive data model. In: NIPS time series workshop (NIPS’16). arXiv:1612.06676

  22. Gugulothu N, Malhotra P, Vig L, Shroff G (2018) Sparse neural networks for anomaly detection in high-dimensional time series. In: Workshop on AI for internet of things (AI4IOT’18), pp 1–7

  23. Urbina DI, Giraldo J, Cardenas AA, Tippenhauer NO, Valente J, Faisal M, Ruths J, Candell R (2016) Limiting the impact of stealthy attacks on industrial control systems. In: Proceedings of the 2016 SIGSAC conference on computer and communications security. ACM, pp 1092–105. https://doi.org/10.1145/2976749.2978388

    Chapter  Google Scholar 

  24. Yaacoub JPA, Salman O, Noura HN, Kaaniche N, Chehab A, Malli M (2020) Cyber-physical systems security: limitations, issues and future trends. Microprocess Microsyst 77:1–33. https://doi.org/10.1016/j.micpro.2020.103201

    Article  Google Scholar 

  25. Ozay M, Esnaola I, Vural FTY, Kulkarni SR, Poor HV (2016) Machine learning methods for attack detection in the smart grid. IEEE Trans Neural Netw Learn Syst 27(8):1773–1786. https://doi.org/10.1109/TNNLS.2015.2404803

    Article  MathSciNet  Google Scholar 

  26. Kreimel P, Eigner O, Tavolato P (2017) Anomaly-based detection and classification of attacks in cyber-physical systems. In: Proceedings of the 12th International conference on availability, reliability and security (ARES’17), pp 1–6. https://doi.org/10.1145/3098954.3103155

  27. Doshi R, Apthorpe N, Feamster N (2018) Machine learning DDoS detection for consumer Internet of Things devices.In: International workshop on security and privacy workshops (SPW). IEEE, pp 29–35. https://doi.org/10.1109/SPW.2018.00013

    Chapter  Google Scholar 

  28. Ntalampiras S (2016) Automatic identification of integrity attacks in cyber-physical systems. Expert Syst Appl 58:164–173. https://doi.org/10.1016/j.eswa.2016.04.006

    Article  Google Scholar 

  29. Wang Y, Amin MM, Fu J, Moussa HB (2017) A novel data analytical approach for false data injection cyber-physical attack mitigation in smart grids. IEEE Access 5:26022–26033. https://doi.org/10.1109/ACCESS.2017.2769099

    Article  Google Scholar 

  30. Maglaras L, Janicke H, Jiang J, Crampton A (2016) Novel intrusion detection mechanism with low overhead for SCADA systems. In: Ferrag MA, Ahmim A (eds) Security solutions and applied cryptography in smart grid communications. IGI Global, Hershey, pp 160–178. https://doi.org/10.4018/978-1-5225-1829-7.ch009

    Chapter  Google Scholar 

  31. Shin J, Baek Y, Eun Y, Son SH (2017) Intelligent sensor attack detection and identification for automotive cyber-physical systems. In: International symposium series on computational intelligence (SSCI). IEEE, pp 1–8. https://doi.org/10.1109/SSCI.2017.8280915

    Chapter  Google Scholar 

  32. Arman A, Krishnan VG, Foroutan S, Touhiduzzaman M, Rublein C, Srivastava A, Wu Y, Hahn A, Sindhu S (2018) Cyber physical security analytics for anomalies in transmission protection systems. In: International conference on industry applications society annual meeting (IAS). IEEE, pp 1–8. https://doi.org/10.1109/IAS.2018.8544672

    Chapter  Google Scholar 

  33. Ashrafuzzaman M, Chakhchoukh Y, Jillepalli AA, Tosic PT, Conte de Leon D, Sheldon FT, Johnson BK (2018) Detecting stealthy false data injection attacks in power grids using deep learning. In: Proceedings of the 14th International conference on wireless communications & mobile computing (IWCMC). IEEE, pp 219–225. https://doi.org/10.1109/IWCMC.2018.8450487

  34. Jevtic A, Zhang F, Li Q, Ilic M (2018) Physics- and learning-based detection and localization of false data injections in automatic generation control. IFAC-PapersOnLine 51(28):702–707. https://doi.org/10.1016/j.ifacol.2018.11.787

    Article  Google Scholar 

  35. Zhang X-M, Han Q-L, Ge X, Ding L (2020) Resilient control design based on a sampled-data model for a class of networked control systems under denial-of-service attacks. IEEE Trans Cybern 50(8):3616–3626. https://doi.org/10.1109/TCYB.2019.2956137

    Article  Google Scholar 

  36. Ge XH, Han QL, Zhong MY, Zhang XM (2019) Distributed Krein space-based attack detection over sensor networks under deception attacks. Automatica 109:1–10. https://doi.org/10.1016/j.automatica.2019.108557

    Article  MathSciNet  MATH  Google Scholar 

  37. Inoue J, Yamagata Y, Chen Y, Poskitt CM, Sun J (2017) Anomaly detection for a water treatment system using unsupervised machine learning. In: International conference on data mining workshops (ICDMW). IEEE, pp 1058–1065. https://doi.org/10.1109/ICDMW.2017.149

  38. Li J, Lee JY, Yang Y, Sun JS, Tomsovic K (2020) ConAML: constrained adversarial machine learning for cyber-physical systems. arXiv:2003.05631

  39. Raman MRG, Somu N, Mathur AP (2020) A multilayer perceptron model for anomaly detection in water treatment plants. Int J Crit Infrastruct Prot 31:1–15. https://doi.org/10.1016/j.ijcip.2020.100393

    Article  Google Scholar 

  40. Goh J, Adepu S, Tan M, Lee ZS (2017) Anomaly detection in cyber physical systems using recurrent neural networks. In: Proceedings of the 18th international symposium on high assurance systems engineering (HASE). IEEE, pp 140–145. https://doi.org/10.1109/HASE.2017.36

  41. Loukas G, Vuong T, Heartfield R, Sakellari G, Yoon Y, Gan D (2018) Cloud-based cyber-physical intrusion detection for vehicles using deep learning. IEEE Access 6:3491–3508. https://doi.org/10.1109/ACCESS.2017.2782159

    Article  Google Scholar 

  42. Hu Y, Wong Y, Wei W, Du Y, Kankanhalli M, Geng W (2018) A novel attention-based hybrid CNN-RNN architecture for sEMG-based gesture recognition. PLoS ONE 13(10):1–18. https://doi.org/10.1371/journal.pone.0206049

    Article  Google Scholar 

  43. Sundermeyer M, Schlüter R, Ney H (2012) LSTM neural networks for language modeling. In: Proceedings of the 13th annual conference of the international speech communication association (INTERSPEECH 2012). ISCA, pp 194–197

  44. Xiao Y, Yin Y (2019) Hybrid LSTM neural network for short-term traffic flow prediction. Information 10(105):1–22. https://doi.org/10.3390/info10030105

    Article  Google Scholar 

  45. Kingma DP, Ba J (2014) Adam: a method for stochastic optimization. In: Proceedings of the 4th International conference on learning representations (ICLR), pp 1–15. arXiv:1412.6980

  46. Choi S, Yun JH, Kim SK (2018) A comparison of ICS datasets for security research based on attack paths. In: Luiijf E, Žutautaitė I, Hämmerli B (eds) Critical information infrastructures security. CRITIS 2018. Lecture notes in computer science. Springer, Cham, pp 154–166. https://doi.org/10.1007/978-3-030-05849-4_12

    Chapter  Google Scholar 

  47. Ferri C, Hernández-Orallo J, Modroiu R (2009) An experimental comparison of performance measures for classification. Pattern Recognit Lett 30(1):27–38. https://doi.org/10.1016/j.patrec.2008.08.010

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Information Technology, Azerbaijan National Academy of Sciences, 9A, B. Vahabzade Street, AZ1141, Baku, Azerbaijan

    Rasim Alguliyev, Yadigar Imamverdiyev & Lyudmila Sukhostat

Authors
  1. Rasim Alguliyev
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yadigar Imamverdiyev
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lyudmila Sukhostat
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lyudmila Sukhostat.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Alguliyev, R., Imamverdiyev, Y. & Sukhostat, L. Hybrid DeepGCL model for cyber-attacks detection on cyber-physical systems. Neural Comput & Applic 33, 10211–10226 (2021). https://doi.org/10.1007/s00521-021-05785-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00521-021-05785-2

Keywords

Search

Navigation