Learning-based Simultaneous Detection and Characterization of Time Delay Attack in Cyber-Physical Systems

Prakhar Ganesh, Xin Lou, Yao Chen, Rui Tan, David K.Y. Yau, Deming Chen, Marianne Winslett

Research output: Contribution to journalArticlepeer-review

Abstract

Control and communication technologies are key building blocks of cyber-physical systems (CPSes) that can improve the efficiency of the physical processes. However, they also make a CPS vulnerable to cyberattacks that can cause disruptions or even severe damage. This paper focuses on one particular type of CPS cyberattack, namely the time delay attack (TDA), which exploits vulnerabilities in the communication channels to cause potentially serious harm to the system. Much work proposed for TDA detection is tested offline only and under strong assumptions. In order to construct a practical solution to deal with real-world scenarios, we propose a deep learning based method to detect and characterize TDA. Specifically, we design a hierarchical long short-term memory model to process raw data streams from relevant CPS sensors online and continually monitor embedded signals in the data to detect and characterize the attack. Moreover, various strategies of interpreting the outputs of the model are proposed, which allow the user to tune the performance based on different objectives. We evaluate our model on two representative types of CPS, namely power plant control system (PPCS) and automatic generation control (AGC)Code and dataset can be found at:. For TDA detection, our solution achieves an accuracy of 92% in PPCS, compared with 81% by random forests (RFs) and 72% by k-nearest neighbours (kNNs). For AGC, our solution achieves 98% accuracy, compared with 74% by RFs and 71% by kNNs. It also reduces the mean absolute error in the delay value characterization from about six to two seconds in the PPCS, and from about three seconds to half a second in the AGC, with about 3x to 4x shorter reaction latency in both systems.

Original languageEnglish (US)
JournalIEEE Transactions on Smart Grid
DOIs
StateAccepted/In press - 2021

Keywords

  • attack characterization
  • attack detection
  • Automatic generation control
  • Computational modeling
  • Computer crime
  • cyber-physical system
  • Cyber-physical systems
  • deep learning.
  • Delays
  • Generators
  • Mathematical model
  • Smart grid
  • time delay attack

ASJC Scopus subject areas

  • Computer Science(all)

Fingerprint Dive into the research topics of 'Learning-based Simultaneous Detection and Characterization of Time Delay Attack in Cyber-Physical Systems'. Together they form a unique fingerprint.

Cite this