Analytical modelling of cyber-physical systems: applying kinetic gas theory to anomaly detection in networks

被引:0
作者
Paul Tavolato
Hubert Schölnast
Christina Tavolato-Wötzl
机构
[1] UAS St. Pölten,Institute for IT Security Research
[2] MeteoServe Wetterdienst GmbH,undefined
来源
Journal of Computer Virology and Hacking Techniques | 2020年 / 16卷
关键词
Cyber-physical system; Anomaly detection; Security; Analytical modelling; Kinetic theory;
D O I
暂无
中图分类号
学科分类号
摘要
In connection with anomaly detection in cyber-physical systems, we suggest in this paper a new way of modelling large systems consisting of a huge number of sensors, actuators and controllers. We base the approach on analytical methods usually used in kinetic gas theory, where one tries to describe the overall behavior of a gas without looking at each molecule separately. We model the system as a multi-agent network and derive predictions on the behavior of the network as a whole. These predictions can then be used to monitor the operation of the system. If the deviation between the predictions and the measured attributes of the operational cyber-physical system is sufficiently large, the monitoring system can raise an alarm. This way of modelling the normal behavior of a cyber-physical system has the advantage over machine learning methods mainly used for this purpose, that it is not based on the effective operation of the system during a training phase, but rather on the specification of the system and its intended use. It will detect anomalies in the system’s operation independent of their source—may it be an attack, a malfunction or a faulty implementation.
引用
收藏
页码:93 / 101
页数:8
相关论文
共 72 条
  • [1] Sridhar S(2011)Cyberphysical system security for the electric power grid Proc. IEEE 100 210-224
  • [2] Hahn A(2013)Challenges and opportunities for securing intelligent transportation system IEEE J. Emerg. Sel. Top. Circuits Syst. 3 96-105
  • [3] Govindarasu M(2014)Review of cyber-physical system in healthcare Int. J. Distrib. Sens. Netw 10 217-415
  • [4] Zhao M(2016)Analysis of the cyber attack on the Ukrainian power grid SANS Ind. Control Syst. 223 212-223
  • [5] Walker J(2009)Anomaly detection: a survey ACM Comput. Surv. (CSUR) 41 15-336
  • [6] Wang CC(2013)Network anomaly detection: methods, systems and tools IEEE Commun. Surv. Tutor. 16 303-31
  • [7] Haque SA(2016)A survey of network anomaly detection techniques J. Netw. Comput. Appl. 60 19-489
  • [8] Aziz SM(2019)A comprehensive survey on network anomaly detection Telecommun. Syst. 70 447-3213
  • [9] Rahman M(2007)Detecting Denial-of-service attacks using the wavelet transform Comput. Commun. 30 3203-169
  • [10] Lee RM(2007)Covariance-matrix modeling and detecting various flooding attacks IEEE Trans. Syst. Man Cybern. Part A Syst. Hum. 37 157-27
12345678