Newly Engineered Energy-based Features for Supervised Anomaly Detection in a Physical Model of a Water Supply System,Ad Hoc Networks

当前位置： X-MOL 学术 › Ad Hoc Netw. › 论文详情

Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)

Newly Engineered Energy-based Features for Supervised Anomaly Detection in a Physical Model of a Water Supply System
Ad Hoc Networks ( IF 4.4 ) Pub Date : 2021-06-16 , DOI: 10.1016/j.adhoc.2021.102590
Andres Robles-Durazno , Naghmeh Moradpoor , James McWhinnie , Gordon Russell , Zhiyuan Tan

Industrial Control Systems (ICS) are hardware, network, and software, upon which a facility depends to allow daily operations to function. In most cases society takes the operation of such systems, for example public transport, tap water or electricity, for granted. However, the disruption of those systems might have serious consequences across different sectors. In this paper, we propose a supervised energy-based approach for anomaly detection in a clean water supply system using a new dataset which is physically modelled in the Festo MPA workstation rig. The novelty relies on the set of engineered features collected from the testbed, including voltage, current and power from the sensors that compose the ICS. These values are obtained from independent current sensors that we have physically wired to the testbed. Five machine learning algorithms; Support Vector Machine, k-Nearest Neighbours, Multilayer Perceptron, Decision Tree and Random Forest are employed to evaluate the effectiveness of our proposed features. The metrics used to present the performance of the selected machine learning algorithms are F1-Score, G-Mean, False Positive Rate (FPR) and False Negative Rate (FNR). The results show that machine learning algorithms can classify the variations of energy produced by the execution of cyber-attacks as anomalous by achieving 95.5% F1-Score, and 6.8% FNR with the Multilayer Perceptron classifier.

中文翻译：

新设计的基于能量的特征，用于供水系统物理模型中的监督异常检测

工业控制系统 (ICS) 是硬件、网络和软件，设施依赖于这些硬件、网络和软件来实现日常运营。在大多数情况下，社会认为此类系统的运行是理所当然的，例如公共交通、自来水或电力。但是，这些系统的中断可能会对不同部门产生严重后果。在本文中，我们提出了一种基于能量的监督式方法，使用在 Festo MPA 工作站钻机中物理建模的新数据集，用于清洁供水系统中的异常检测。新颖性依赖于从测试台收集的一组工程特征，包括来自构成 ICS 的传感器的电压、电流和功率。这些值是从我们物理连接到测试台的独立电流传感器中获得的。五种机器学习算法；支持向量机、k-最近邻、多层感知器、决策树和随机森林被用来评估我们提出的特征的有效性。用于展示所选机器学习算法性能的指标是 F1-Score、G-Mean、误报率 (FPR) 和误报率 (FNR)。结果表明，机器学习算法可以通过使用多层感知器分类器实现 95.5% 的 F1-Score 和 6.8% 的 FNR，将执行网络攻击所产生的能量变化归类为异常。假阳性率 (FPR) 和假阴性率 (FNR)。结果表明，机器学习算法可以通过使用多层感知器分类器实现 95.5% 的 F1-Score 和 6.8% 的 FNR，将执行网络攻击所产生的能量变化归类为异常。假阳性率 (FPR) 和假阴性率 (FNR)。结果表明，机器学习算法可以通过使用多层感知器分类器实现 95.5% 的 F1-Score 和 6.8% 的 FNR，将执行网络攻击所产生的能量变化归类为异常。

更新日期：2021-06-16

点击分享查看原文

点击收藏

阅读更多本刊最新论文本刊介绍/投稿指南11