research-article

A Data Mining-based Intrusion Detection System for Cyber Physical Power Systems

Authors:

Khalil Guibene,

Marwane Ayaida,

Lyes KhoukhiAuthors Info & Claims

Q2SWinet '22: Proceedings of the 18th ACM International Symposium on QoS and Security for Wireless and Mobile Networks

Pages 55 - 62

https://doi.org/10.1145/3551661.3561367

Published: 24 October 2022 Publication History

Abstract

The implication of Cyber-physical systems into smart grids has introduced some security breaches due to the lack of security mechanisms. This paper aims to come up with a novel methodology to detect false data injection attacks on cyber-physical power systems. To reach this goal, we propose an efficient anomaly-based approach for detecting false data injection attacks against cyber-physical power systems. Particularly, we use Sequential Pattern Mining techniques, which are commonly used for learning most important patterns of a system. In our case, the frequent pattern learning algorithm is used to create a database corresponding to the normal operation of the system, then, this database is fed into an attack detection algorithm in order to alert the user whenever an attack is occurring. The extensive simulations prove that our attack detection approach is able to detect attacks with a great accuracy.

References

[1]

Y. Zhou, F. R. Yu, J. Chen, and Y. Kuo, ''Cyber-physical-social systems: A state-of-the-art survey, challenges and opportunities," IEEE Communications Surveys Tutorials, vol. 22, no. 1, pp. 389--425, 2020.

[2]

A. Humayed, J. Lin, F. Li, and B. Luo, ''Cyber-physical systems security-a survey," IEEE Internet of Things Journal, vol. 4, no. 6, pp. 1802--1831, 2017.

[3]

S. Tan, J. M. Guerrero, P. Xie, R. Han, and J. C. Vasquez, ''Brief survey on attack detection methods for cyber-physical systems," IEEE Systems Journal, vol. 14, no. 4, pp. 5329--5339, 2020.

[4]

A. S. Musleh, G. Chen, and Z. Y. Dong, ''A survey on the detection algorithms for false data injection attacks in smart grids," IEEE Transactions on Smart Grid, vol. 11, no. 3, pp. 2218--2234, 2020.

[5]

D. Ding, Q.-L. Han, Y. Xiang, X. Ge, and X.-M. Zhang, ''A survey on security control and attack detection for industrial cyber-physical systems," Neurocomputing, vol. 275, pp. 1674--1683, 2018.

[6]

S. Challa, A. K. Das, P. Gope, N. Kumar, F. Wu, and A. V. Vasilakos, ''Design and analysis of authenticated key agreement scheme in cloud-assisted cyber--physical systems," Future Generation Computer Systems, vol. 108, pp. 1267 -- 1286, 2020.

[7]

R. Moslemi, A. Mesbahi, and J. M. Velni, ''A fast, decentralized covariance selection-based approach to detect cyber attacks in smart grids," IEEE Trans- actions on Smart Grid, vol. 9, no. 5, pp. 4930--4941, 2018.

[8]

Y. Chen, S. Huang, F. Liu, Z. Wang, and X. Sun, ''Evaluation of reinforcement learning-based false data injection attack to automatic voltage control," IEEE Transactions on Smart Grid, vol. 10, no. 2, pp. 2158--2169, 2019.

[9]

B. Tang, J. Yan, S. Kay, and H. He, ''Detection of false data injection attacks in smart grid under colored gaussian noise," in 2016 IEEE Conference on Communications and Network Security (CNS), pp. 172--179, 2016.

[10]

H. Hadeli, R. Schierholz, M. Braendle, and C. Tuduce, ''Leveraging determinism in industrial control systems for advanced anomaly detection and reliable security configuration," in 2009 IEEE Conference on Emerging Technologies Factory Automation, pp. 1--8, 2009.

[11]

B. Kailkhura, S. Brahma, and P. K. Varshney, ''Data falsification attacks on consensus-based detection systems," IEEE Transactions on Signal and Information Processing over Networks, vol. 3, no. 1, pp. 145--158, 2017.

[12]

A. Chattopadhyay and U. Mitra, ''Security against false data-injection attack in cyber-physical systems," IEEE Transactions on Control of Network Systems, vol. 7, no. 2, pp. 1015--1027, 2020.

[13]

Y. Mo, S. Weerakkody, and B. Sinopoli, ''Physical authentication of control systems: Designing watermarked control inputs to detect counterfeit sensor outputs," IEEE Control Systems Magazine, vol. 35, no. 1, pp. 93--109, 2015.

[14]

R. Bekrar, N. Messai, N. Essounbouli, A. Hamzaoui, and B. Riera, ''Off-line identification for a class of discrete event systems using safe petri nets," IFAC Proceedings Volumes, vol. 39, no. 17, pp. 221--226, 2006. 3rd IFAC Workshop on Discrete-Event System Design.

[15]

K. Guibene, M. Ayaida, L. Khoukhi, and N. MESSAI, ''Black-box system identification of cps protected by a watermark-based detector," in 2020 IEEE 45th Conference on Local Computer Networks (LCN), pp. 341--344, 2020.

[16]

Y. He, G. J. Mendis, and J. Wei, ''Real-time detection of false data injection attacks in smart grid: A deep learning-based intelligent mechanism," IEEE Transactions on Smart Grid, vol. 8, no. 5, pp. 2505--2516, 2017.

[17]

K. Nakayama, N. Muralidhar, C. Jin, and R. Sharma, ''Detection of false data injection attacks in cyber-physical systems using dynamic invariants," in 2019 18th IEEE International Conference On Machine Learning And Applications (ICMLA), pp. 1023--1030, 2019.

[18]

X. Zhou, Y. Hu, W. Liang, J. Ma, and Q. Jin, ''Variational lstm enhanced anomaly detection for industrial big data," IEEE Transactions on Industrial Informatics, vol. 17, no. 5, pp. 3469--3477, 2021.

[19]

K. Xylogiannopoulos, P. Karampelas, and R. Alhajj, ''Early ddos detection based on data mining techniques," in Information Security Theory and Practice. Securing the Internet of Things (D. Naccache and D. Sauveron, eds.), (Berlin, Heidelberg), pp. 190--199, Springer Berlin Heidelberg, 2014.

[20]

D. Huang, X. Shi, and W.-A. Zhang, ''False data injection attack detection for industrial control systems based on both time- and frequency-domain analysis of sensor data," IEEE Internet of Things Journal, vol. 8, no. 1, pp. 585--595, 2021.

[21]

M. K. J. Han and J. Pei, ''Data mining concepts and techniques," in 3rd ed. Burlington, MA, USA: Morgan Kaufmann, 2012, pp. 1--1, 2012.

[22]

A. Sahu, Z. Mao, P. Wlazlo, H. Huang, K. Davis, A. Goulart, and S. Zonouz, ''Cyber-physical dataset for mitm attacks in power systems," 2021.

Cited By

Guibene KMessai NAyaida M(2023)Surviving False Data Injection Attacks: An Effective Recovery Scheme for Resilient CPSGLOBECOM 2023 - 2023 IEEE Global Communications Conference10.1109/GLOBECOM54140.2023.10437740(1801-1806)Online publication date: 4-Dec-2023
https://doi.org/10.1109/GLOBECOM54140.2023.10437740
Guibene KMessai NAyaida M(2023)Securing Cyber-Physical Industrial Systems Against False Data Injection Attacks: A Hybrid Detection Approach2023 Fifth International Conference on Blockchain Computing and Applications (BCCA)10.1109/BCCA58897.2023.10338925(142-149)Online publication date: 24-Oct-2023
https://doi.org/10.1109/BCCA58897.2023.10338925

Index Terms

A Data Mining-based Intrusion Detection System for Cyber Physical Power Systems
1. Security and privacy
  1. Systems security
    1. Distributed systems security

Recommendations

POSTER: Defense against False Data Injection Attack in a Cyber-Physical System
ASIA CCS '24: Proceedings of the 19th ACM Asia Conference on Computer and Communications Security

Cyber-physical systems (CPSs) are closed-loop feedback systems that efficiently control the physical processes through cyber-systems. Security threats like false data injection (FDI) attacks are increasing in CPSs. FDI attacks disrupt the system's ...
On the Sequential Pattern and Rule Mining in the Analysis of Cyber Security Alerts
ARES '17: Proceedings of the 12th International Conference on Availability, Reliability and Security

Data mining is well-known for its ability to extract concealed and indistinct patterns in the data, which is a common task in the field of cyber security. However, data mining is not always used to its full potential among cyber security community. In ...
SRID: State Relation Based Intrusion Detection for False Data Injection Attacks in SCADA
Computer Security - ESORICS 2014
Abstract
Advanced false data injection attack in targeted malware intrusion is becoming an emerging severe threat to the Supervisory Control And Data Acquisition (SCADA) system. Several intrusion detection schemes have been proposed previously [1, 2]. ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

Q2SWinet '22: Proceedings of the 18th ACM International Symposium on QoS and Security for Wireless and Mobile Networks

October 2022

145 pages

ISBN:9781450394819

DOI:10.1145/3551661

General Chair:
Azzedine Boukerche
University of Ottawa, Canada
,
Program Chair:
Peng Sun
Duke Kunshan University, China

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSIM: ACM Special Interest Group on Simulation and Modeling

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 October 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

MSWiM '22

Sponsor:

SIGSIM

MSWiM '22: Int'l ACM Conference on Modeling Analysis and Simulation of Wireless and Mobile Systems

October 24 - 28, 2022

Quebec, Montreal, Canada

Acceptance Rates

Q2SWinet '22 Paper Acceptance Rate 16 of 47 submissions, 34%;

Overall Acceptance Rate 46 of 131 submissions, 35%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
96
Total Downloads

Downloads (Last 12 months)24
Downloads (Last 6 weeks)1

Reflects downloads up to 10 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Guibene KMessai NAyaida M(2023)Surviving False Data Injection Attacks: An Effective Recovery Scheme for Resilient CPSGLOBECOM 2023 - 2023 IEEE Global Communications Conference10.1109/GLOBECOM54140.2023.10437740(1801-1806)Online publication date: 4-Dec-2023
https://doi.org/10.1109/GLOBECOM54140.2023.10437740
Guibene KMessai NAyaida M(2023)Securing Cyber-Physical Industrial Systems Against False Data Injection Attacks: A Hybrid Detection Approach2023 Fifth International Conference on Blockchain Computing and Applications (BCCA)10.1109/BCCA58897.2023.10338925(142-149)Online publication date: 24-Oct-2023
https://doi.org/10.1109/BCCA58897.2023.10338925

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents