Unsupervised Anomaly Detection for Network Data Streams in Industrial Control Systems

被引:7
作者
Liu, Limengwei [1 ]
Hu, Modi [1 ]
Kang, Chaoqun [2 ]
Li, Xiaoyong [1 ]
机构
[1] Beijing Univ Posts & Telecommun, Key Lab Trustworthy Distributed Comp & Serv, Beijing 100876, Peoples R China
[2] China Elect Power Res Inst, Beijing 100192, Peoples R China
来源
INFORMATION | 2020年 / 11卷 / 02期
关键词
anomaly detection; industrial control systems; data streams; incremental learning;
D O I
10.3390/info11020105
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The development and integration of information technology and industrial control networks have expanded the magnitude of new data; detecting anomalies or discovering other valid information from them is of vital importance to the stable operation of industrial control systems. This paper proposes an incremental unsupervised anomaly detection method that can quickly analyze and process large-scale real-time data. Our evaluation on the Secure Water Treatment dataset shows that the method is converging to its offline counterpart for infinitely growing data streams.
引用
收藏
页数:14
相关论文
共 23 条
  • [1] The Cohomology of Non-Locality and Contextuality
    Abramsky, Samson
    Mansfield, Shane
    Barbosa, Rui Soares
    [J]. ELECTRONIC PROCEEDINGS IN THEORETICAL COMPUTER SCIENCE, 2012, (95): : 1 - 14
  • [2] CORGIDS: A Correlation-based Generic Intrusion Detection System
    Aggarwal, Ekta
    Karimibiuki, Mehdi
    Pattabiraman, Karthik
    Ivanov, Andre
    [J]. CPS-SPC'18: PROCEEDINGS OF THE 2018 WORKSHOP ON CYBER-PHYSICAL SYSTEMS SECURITY AND PRIVACY, 2018, : 24 - 35
  • [3] Increasing availability of industrial systems through data stream mining
    Alzghoul, Ahmad
    Lofstrand, Magnus
    [J]. COMPUTERS & INDUSTRIAL ENGINEERING, 2011, 60 (02) : 195 - 205
  • [4] Babcock Brian, 2002, PODS, P1, DOI DOI 10.1145/543613.543615
  • [5] A Review on Ensembles for the Class Imbalance Problem: Bagging-, Boosting-, and Hybrid-Based Approaches
    Galar, Mikel
    Fernandez, Alberto
    Barrenechea, Edurne
    Bustince, Humberto
    Herrera, Francisco
    [J]. IEEE TRANSACTIONS ON SYSTEMS MAN AND CYBERNETICS PART C-APPLICATIONS AND REVIEWS, 2012, 42 (04): : 463 - 484
  • [6] Goh J., 2016, INT C CRIT INF INFR, P88
  • [7] Golab L, 2003, SIGMOD REC, V32, P5, DOI 10.1145/776985.776986
  • [8] SENAMI: Selective Non-Invasive Active Monitoring for ICS Intrusion Detection
    Jardine, William
    Frey, Sylvain
    Green, Benjamin
    Rashid, Awais
    [J]. CPS-SPC'16: PROCEEDINGS OF THE 2ND ACM WORKSHOP ON CYBER-PHYSICAL SYSTEMS SECURITY & PRIVACY, 2016, : 23 - 34
  • [9] Intrusion Detection in Cyber Physical Systems Based on Process Modelling
    Holczer, Tamas
    Gazdag, Andras
    Miru, Gyorgy
    [J]. PROCEEDINGS OF THE 15TH EUROPEAN CONFERENCE ON CYBER WARFARE AND SECURITY (ECCWS 2016), 2016, : 127 - 135
  • [10] Knuth D.E., 1988, SORTING SEARCHING AR
123