Abstract
The urgency of solving the problem of ensuring the security of cyber-physical systems is due to ensure their correct functioning. Cyber-physical system applications have a significant impact on different industrial sectors. The number and variety of cyber-attacks are growing, aimed not only at obtaining data from cyber-physical systems but also managing the production process itself. Detecting and preventing attacks on cyber-physical systems is critical because they can lead to financial losses, production interruptions, and therefore endanger national security. This paper proposes a deep hybrid model based on three parallel neural architectures: a one-dimensional convolutional neural network, a gated recurrent unit neural network, and a long short-term memory neural network. The SPOCU activation function is considered in hidden layers of the proposed model and improves its performance. Furthermore, to improve the classification accuracy, a modified version of Adam optimizer is considered. The experiments are conducted on two datasets: raw water treatment plant and gasoil heater loop process as the cyber-physical system applications. They contain information about the normal behavior of these systems and their failures caused by cyber-attacks. The results show that the proposed model outperforms the recent works using machine learning techniques.
Similar content being viewed by others
References
Zeadally S, Jabeur N (2016) Cyber-physical system design with sensor networking technologies. The Institution of Engineering and Technology, London
Lun YZ, D’Innocenzo A, Smarra F, Malavolta I, Di Benedetto MD (2019) State of the art of cyber-physical systems security: an automatic control perspective. J Syst Softw 149:174–216. https://doi.org/10.1016/j.jss.2018.12.006
Alguliyev R, Imamverdiyev Y, Sukhostat L (2018) Cyber-physical systems and their security issues. Comput Ind 100:212–223. https://doi.org/10.1016/j.compind.2018.04.017
Atzori M, Cognolato M, Müller H (2016) Deep learning with convolutional neural networks applied to electromyography data: a resource for the classification of movements for prosthetic hands. Front Neurorobotics 10(9):1–10. https://doi.org/10.3389/fnbot.2016.00009
He K, Zhang X, Ren S, Sun J (2016) Deep residual learning for image recognition. In: International conference on computer vision and pattern recognition (CVPR). IEEE, pp 770–778. https://doi.org/10.1109/CVPR.2016.90
Farabet C, Couprie C, Najman L, LeCun Y (2013) Learning hierarchical features for scene labeling. IEEE Trans Pattern Anal Mach Intell 35(8):1915–1929. https://doi.org/10.1109/TPAMI.2012.231
LeCun Y, Bengio Y, Hinton G (2015) Deep learning. Nature 521:436–444. https://doi.org/10.1038/nature14539
Shin J, Baek Y, Lee J, Lee S (2019) Cyber-physical attack detection and recovery based on RNN in automotive brake systems. Appl Sci 9(1):1–21. https://doi.org/10.3390/app9010082
Kravchik M, Shabtai A (2018) Detecting cyber attacks in industrial control systems using convolutional neural networks. In: Proceedings of the 2018 Workshop on cyber-physical systems security and privacy (CPS-SPC'18), pp 72–83. https://doi.org/10.1145/3264888.3264896
Cho K, van Merrienboer B, Gulcehre C, Bahdanau D, Bougares F, Schwenk H, Bengio Y (2014) Learning phrase representations using RNN encoder-decoder for statistical machine translation. In: Proceedings of the 2014 international conference on empirical methods in natural language (EMNLP), pp 1724–1734. https://doi.org/10.3115/v1/D14-1179
LeCun Y, Haffner P, Bottou L, Bengio Y (1999) Object recognition with gradient-based learning. In: Forsyth DA, Mundy JL, Gesu VD, Cipolla R (eds) Shape, contour and grouping in computer vision. Springer, London, pp 319–345
Hochreiter S, Schmidhuber J (1997) Long short-term memory. Neural Comput 9(8):1735–1780. https://doi.org/10.1162/neco.1997.9.8.1735
Kiselak J, Lu Y, Svihra J, Szepe P, Stehlik M (2021) “SPOCU”: scaled polynomial constant unit activation function. Neural Comput Appl 33:3385–3401. https://doi.org/10.1007/s00521-020-05182-1
Loshchilov I, Hutter F (2019) Decoupled weight decay regularization. In: Proceedings of the 7th international conference on learning representations (ICLR’19), pp 1–19. arXiv:1711.05101
Reddi SJ, Kale S, Kumar S (2018) On the convergence of Adam and beyond. In: Proceedings of the 6th International conference on learning representations (ICLR'18), pp 1–23. arXiv:1904.09237
Gastaldi X (2017) Shake-shake regularization of 3-branch residual networks. In: Proceedings of the 5th international conference on learning representations (ICLR’17), pp 1–5
Hanson SJ, Pratt LY (1989) Comparing biases for minimal network construction with back-propagation. In: Touretzky D (ed) Advances in neural information processing systems 1. Morgan Kaufman, Palo Alto, pp 177–185
Lin Q, Adepu S, Verwer S, Mathur A (2018) TABOR: a graphical model-based approach for anomaly detection in industrial control systems. In: Proceedings of the Asia conference on computer and communications security (ASIACCS’18), pp 525–536. https://doi.org/10.1145/3196494.3196546
Secure Water Treatment (SWaT). http://itrust.sutd.edu.sg/research/testbeds/secure-water-treatment-swat/. Accessed 2020
Goh J, Adepu S, Junejo KN, Mathur A (2017) A dataset to support research in the design of secure water treatment systems. In: Havarneanu G, Setola R, Nassopoulos H, Wolthusen S (eds) Critical information infrastructures security CRITIS 2016 Lecture notes in computer science. Springer, Cham, pp 88–99. https://doi.org/10.1007/978-3-319-71368-7_8
Filonov P, Lavrentyev A, Vorontsov A (2016) Multivariate industrial time series with cyber-attack simulation: fault detection using an LSTM-based predictive data model. In: NIPS time series workshop (NIPS’16). arXiv:1612.06676
Gugulothu N, Malhotra P, Vig L, Shroff G (2018) Sparse neural networks for anomaly detection in high-dimensional time series. In: Workshop on AI for internet of things (AI4IOT’18), pp 1–7
Urbina DI, Giraldo J, Cardenas AA, Tippenhauer NO, Valente J, Faisal M, Ruths J, Candell R (2016) Limiting the impact of stealthy attacks on industrial control systems. In: Proceedings of the 2016 SIGSAC conference on computer and communications security. ACM, pp 1092–105. https://doi.org/10.1145/2976749.2978388
Yaacoub JPA, Salman O, Noura HN, Kaaniche N, Chehab A, Malli M (2020) Cyber-physical systems security: limitations, issues and future trends. Microprocess Microsyst 77:1–33. https://doi.org/10.1016/j.micpro.2020.103201
Ozay M, Esnaola I, Vural FTY, Kulkarni SR, Poor HV (2016) Machine learning methods for attack detection in the smart grid. IEEE Trans Neural Netw Learn Syst 27(8):1773–1786. https://doi.org/10.1109/TNNLS.2015.2404803
Kreimel P, Eigner O, Tavolato P (2017) Anomaly-based detection and classification of attacks in cyber-physical systems. In: Proceedings of the 12th International conference on availability, reliability and security (ARES’17), pp 1–6. https://doi.org/10.1145/3098954.3103155
Doshi R, Apthorpe N, Feamster N (2018) Machine learning DDoS detection for consumer Internet of Things devices.In: International workshop on security and privacy workshops (SPW). IEEE, pp 29–35. https://doi.org/10.1109/SPW.2018.00013
Ntalampiras S (2016) Automatic identification of integrity attacks in cyber-physical systems. Expert Syst Appl 58:164–173. https://doi.org/10.1016/j.eswa.2016.04.006
Wang Y, Amin MM, Fu J, Moussa HB (2017) A novel data analytical approach for false data injection cyber-physical attack mitigation in smart grids. IEEE Access 5:26022–26033. https://doi.org/10.1109/ACCESS.2017.2769099
Maglaras L, Janicke H, Jiang J, Crampton A (2016) Novel intrusion detection mechanism with low overhead for SCADA systems. In: Ferrag MA, Ahmim A (eds) Security solutions and applied cryptography in smart grid communications. IGI Global, Hershey, pp 160–178. https://doi.org/10.4018/978-1-5225-1829-7.ch009
Shin J, Baek Y, Eun Y, Son SH (2017) Intelligent sensor attack detection and identification for automotive cyber-physical systems. In: International symposium series on computational intelligence (SSCI). IEEE, pp 1–8. https://doi.org/10.1109/SSCI.2017.8280915
Arman A, Krishnan VG, Foroutan S, Touhiduzzaman M, Rublein C, Srivastava A, Wu Y, Hahn A, Sindhu S (2018) Cyber physical security analytics for anomalies in transmission protection systems. In: International conference on industry applications society annual meeting (IAS). IEEE, pp 1–8. https://doi.org/10.1109/IAS.2018.8544672
Ashrafuzzaman M, Chakhchoukh Y, Jillepalli AA, Tosic PT, Conte de Leon D, Sheldon FT, Johnson BK (2018) Detecting stealthy false data injection attacks in power grids using deep learning. In: Proceedings of the 14th International conference on wireless communications & mobile computing (IWCMC). IEEE, pp 219–225. https://doi.org/10.1109/IWCMC.2018.8450487
Jevtic A, Zhang F, Li Q, Ilic M (2018) Physics- and learning-based detection and localization of false data injections in automatic generation control. IFAC-PapersOnLine 51(28):702–707. https://doi.org/10.1016/j.ifacol.2018.11.787
Zhang X-M, Han Q-L, Ge X, Ding L (2020) Resilient control design based on a sampled-data model for a class of networked control systems under denial-of-service attacks. IEEE Trans Cybern 50(8):3616–3626. https://doi.org/10.1109/TCYB.2019.2956137
Ge XH, Han QL, Zhong MY, Zhang XM (2019) Distributed Krein space-based attack detection over sensor networks under deception attacks. Automatica 109:1–10. https://doi.org/10.1016/j.automatica.2019.108557
Inoue J, Yamagata Y, Chen Y, Poskitt CM, Sun J (2017) Anomaly detection for a water treatment system using unsupervised machine learning. In: International conference on data mining workshops (ICDMW). IEEE, pp 1058–1065. https://doi.org/10.1109/ICDMW.2017.149
Li J, Lee JY, Yang Y, Sun JS, Tomsovic K (2020) ConAML: constrained adversarial machine learning for cyber-physical systems. arXiv:2003.05631
Raman MRG, Somu N, Mathur AP (2020) A multilayer perceptron model for anomaly detection in water treatment plants. Int J Crit Infrastruct Prot 31:1–15. https://doi.org/10.1016/j.ijcip.2020.100393
Goh J, Adepu S, Tan M, Lee ZS (2017) Anomaly detection in cyber physical systems using recurrent neural networks. In: Proceedings of the 18th international symposium on high assurance systems engineering (HASE). IEEE, pp 140–145. https://doi.org/10.1109/HASE.2017.36
Loukas G, Vuong T, Heartfield R, Sakellari G, Yoon Y, Gan D (2018) Cloud-based cyber-physical intrusion detection for vehicles using deep learning. IEEE Access 6:3491–3508. https://doi.org/10.1109/ACCESS.2017.2782159
Hu Y, Wong Y, Wei W, Du Y, Kankanhalli M, Geng W (2018) A novel attention-based hybrid CNN-RNN architecture for sEMG-based gesture recognition. PLoS ONE 13(10):1–18. https://doi.org/10.1371/journal.pone.0206049
Sundermeyer M, Schlüter R, Ney H (2012) LSTM neural networks for language modeling. In: Proceedings of the 13th annual conference of the international speech communication association (INTERSPEECH 2012). ISCA, pp 194–197
Xiao Y, Yin Y (2019) Hybrid LSTM neural network for short-term traffic flow prediction. Information 10(105):1–22. https://doi.org/10.3390/info10030105
Kingma DP, Ba J (2014) Adam: a method for stochastic optimization. In: Proceedings of the 4th International conference on learning representations (ICLR), pp 1–15. arXiv:1412.6980
Choi S, Yun JH, Kim SK (2018) A comparison of ICS datasets for security research based on attack paths. In: Luiijf E, Žutautaitė I, Hämmerli B (eds) Critical information infrastructures security. CRITIS 2018. Lecture notes in computer science. Springer, Cham, pp 154–166. https://doi.org/10.1007/978-3-030-05849-4_12
Ferri C, Hernández-Orallo J, Modroiu R (2009) An experimental comparison of performance measures for classification. Pattern Recognit Lett 30(1):27–38. https://doi.org/10.1016/j.patrec.2008.08.010
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Alguliyev, R., Imamverdiyev, Y. & Sukhostat, L. Hybrid DeepGCL model for cyber-attacks detection on cyber-physical systems. Neural Comput & Applic 33, 10211–10226 (2021). https://doi.org/10.1007/s00521-021-05785-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00521-021-05785-2