Anomaly detection based on zone partition for security protection of industrial cyber-physical systems
journal contributionposted on 08.12.2017, 14:34 by Jun Yang, Chunjie Zhou, Shuang-Hua Yang, Haizhou Xu, Bowen Hu
A developing trend of traditional industrial systems is the integration of the cyber and physical domain to improve flexibility and the efficiency of supervision, management and control. But, the deep integration of these Industrial Cyber-Physical Systems (ICPSs), increases the potential for security threats. Attack detection, which forms initial protective barrier, plays an important role in overall security protection. However, most traditional methods focused on cyber information and ignored any limitations that might arise from the characteristics of the physical domain. In this paper, an anomaly detection approach based on zone partition is designed for ICPSs. In detail, initially an automated zone partition method ensuring crucial system states can be observed in more than one zone is designed. Then, methods of building zone function model which do not require any prior knowledge of the physical system are presented before analyzing the anomaly based on zone information. Finally, an experimental rig is constructed to verify the effectiveness of the proposed approach. The results demonstrate that the approach presents a high accuracy solution which also performs effectively in realtime.
This work was supported in part by National Science Foundation of China under grants 61433006 and 61272204 to author C. Zhou.
- Computer Science