Real-Time Identification of Cyber-Physical Attacks on Water Distribution Systems via Machine Learning-Based Anomaly Detection Techniques

Smart water infrastructures are prone to cyber-physical attacks that can disrupt their operations or damage their assets. An algorithm was developed to identify suspicious behaviors in the different cyber-physical components of a smart water distribution system. The algorithm incorporated multiple modules of anomaly-detection techniques to recognize different types of anomalies in the real-time monitoring and control data. Trained artificial neural networks were used to detect unusual patterns that do not conform to normal operational behavior. Principal component analysis was conducted to decompose the high-dimensional space occupied by the sensory data to uncover global anomalies. The algorithm was trained using a historical data set of trusted observations and tested against a validation and a test data set, both featuring a group of simulated attack scenarios. The proposed approach successfully identified all the attacks featured in the Battle of the Attack Detection Algorithms (BATADAL) data sets with high sensitivity and specificity. Nevertheless, the performance was sensitive to high background noise in the sensory data. (C) 2018 American Society of Civil Engineers.