doi: 10.17586/2226-1494-2022-22-6-1150-1158


Method for monitoring the state of elements of cyber-physical systems based on time series analysis

V. V. Semenov


Read the full article  ';
Article in Russian

For citation:
Semenov V.V. Method for monitoring the state of elements of cyber-physical systems based on time series analysis. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2022, vol. 22, no. 6,
pp. 1150–1158 (in Russian). doi: 10.17586/2226-1494-2022-22-6-1150-1158


Abstract
The wide spread of cyber-physical systems, as well as the widespread integration of computing resources into physical entities, have led to an increase in the risks of deliberate and accidental security incidents. In this regard, the development of new methods and tools and improvement of the existing ones for monitoring such systems is of particular relevance. The methods being created and modernized should have increased recall and precision of identification, especially for critical infrastructure objects. An original method for processing data for monitoring the state of cyber-physical systems based on time series analysis using significance weights as a post-processing of classification results was proposed. The method differs from the existing ones by the combined approach that combines the use events of information security and functional safety in monitoring systems. It is characterized by the use of an ensemble of decision trees as well as parallel classifiers and Fishburn weight coefficients in the analysis of the set of the most informative features obtained from time series. The applicability of the method was substantiated by conducting of a computational experiment on a known data set which characterizes the functioning of the information and physical components in the implementation of various types of attacks on the components of the experimental stand of the cyber-physical water treatment system. When using the developed method, the identification precision increased by 1.45 % compared to the best approaches presented in other scientific works, and the recall increased by 4.45 % and amounted to 99.85 % for both indicators. The results obtained are adapted for practical use in systems for identifying the state of cyber-physical systems. The theoretical significance lies in the possibility of using the results of the study in the design of systems for monitoring the information security and functional safety of cyber-physical systems.

Keywords: monitoring systems, time series analysis, cyber-physical systems, identification of anomalies, information security, functional safety, decision trees

References
  1. Shukalov A.V., Zakoldaev D.A., Zharinov I.O., Zharinov O.O. Control, computing and communication in industrial cyberphysical systems with feedback. Journal of Physics: Conference Series, 2021, vol. 2094,no. 4,pp. 042036. https://doi.org/10.1088/1742-6596/2094/4/042036
  2. KotenkoI.V., KribelA.M., LautaO.S., SaenkoI.B. Analysis of the process of selfsimilarity of network traffic as anapp roach todetecting cyber attack so ncomp ter networks. Electrosvyaz Magazine, 2020, no. 12, pp. 54–59. (inRussian). https://doi.org/10.34832/ELSV.2020.13.12.008
  3. VasilyevV.I., VulfinA.M., GvozdevV.E., KartakV.M. AtarskayaE.A. Ensuring information security of cyber-physica lobjects based on predicting and detecting anomalies int heir state. Systems of Control, Communication and Security, 2021, no. 6, pp. 90–119. (in Russian). https://doi.org/10.24412/2410-9916-2021-6-90-119
  4. ZegzhdaD.P., PavlenkoE.Y. Homeostaticsecurityofcyber-physicalsystems. Information Security Problems. Computer Systems, 2017, no. 3, pp. 9–23.(in Russian)
  5. Zaitceva E.A., Zegzhda D.P., Poltavtseva M.A. Applying of graph representation and case-based reasoning for security evaluation of computer systems. Information Security Problems. Computer Systems,2019, no. 2, pp. 136–148. (in Russian)
  6. Lavrova D.S. An approach to developing the SIEM system for the Internet of Things. Automatic Control and Computer Sciences, 2016,vol. 50, no. 8, pp. 673–681. https://doi.org/10.3103/S0146411616080125
  7. VasilievY.S., ZegzhdaP.D., ZegzhdaD.P. Providing security for automated process controlsy stemsathy dropowerengineering facilities. Thermal Engineering, 2016, vol. 63, no. 13, pp. 948–956. https://doi.org/10.1134/S0040601516130073
  8. Semenov V.V. An approach to the identification of the state of elements in cyber-physical systems based on principal component analysis. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2021, vol. 21, no. 6, pp. 887–894. (inRussian). https://doi.org/10.17586/2226-1494-2021-21-6-887-894
  9. Semenov V.V. Assessment of information security state based on analysis of time series. Scientific and Technical Volga region Bulletin, 2021, no. 10, pp. 127–129. (in Russian)
  10. Kruegel C., Toth T. Using decision trees to improve signature-based intrusion detection.Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2003, vol. 2820, pp. 173–191. https://doi.org/10.1007/978-3-540-45248-5_10
  11. Cagli E., Dumas C., Prouff E. Convolutional neural networks with data augmentation against jitter-based countermeasures. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2017, vol. 10529, pp. 45–68. https://doi.org/10.1007/978-3-319-66787-4_3
  12. Goh J., Adepu S., Junejo K.N., Mathur A. A dataset to support research in the design of secure water treatment systems. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2017, vol. 10242, pp. 88–99. https://doi.org/10.1007/978-3-319-71368-7_8
  13. Kravchik M., Shabtai A. Detecting cyber attacks in industrial control systems using convolutional neural networks. Proc. of the 47th Workshop on Cyber-Physical Systems Security and PrivaCy, 2018, pp. 72–83. https://doi.org/10.1145/3264888.3264896
  14. Shalyga D., Filonov P., Lavrentyev A. Anomaly detection for water treatment system based on neural network with automatic architecture optimization. arXiv, 2018, arXiv:1807.07282. https://doi.org/10.48550/arXiv.1807.07282
  15. Inoue J., Yamagata Y., Chen Y., Poskitt C.M., Sun J. Anomaly detection for a water treatment system using unsupervised machine learning. Proc. of the 17th IEEE International Conference on Data Mining Workshops (ICDMW), 2017, pp. 1058–1065. https://doi.org/10.1109/ICDMW.2017.149
  16. Kravchik M., Shabtai A. Efficient cyber attack detection in industrial control systems using lightweight neural networks and PCA. IEEE Transactions on Dependable and Secure Computing, 2022, vol. 19, no. 4, pp. 2179–2197. https://doi.org/10.1109/TDSC.2021.3050101
  17. Elnour M., Meskin N., Khan K., Jain R. A dual-isolation-forests-based attack detection framework for industrial control systems. IEEE Access, 2020, vol. 8, pp. 36639–36651. https://doi.org/10.1109/ACCESS.2020.2975066
  18. Li D., Chen D., Jin B., Shi L., Goh J., Ng S.-K. MAD-GAN: Multivariate anomaly detection for time series data with generative adversarial networks. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2019, vol. 11730, pp. 703–716. https://doi.org/10.1007/978-3-030-30490-4_56
  19. Gómez A., Maimó L., Celdrán A., Clemente F. MADICS: A methodology for anomaly detection in industrial control systems. Symmetry, 2020, vol. 12, no. 10, pp. 1583. https://doi.org/10.3390/sym12101583
  20. Gaifulina D.A., Kotenko I.V. Analysis of deep learning models for network anomaly detection in Internet of Things. Informatsionno-Upravliaiushchie Sistemy, 2021, no. 1, pp. 28–37. (in Russian). https://doi.org/10.31799/1684-8853-2021-1-28-37


Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License
Copyright 2001-2024 ©
Scientific and Technical Journal
of Information Technologies, Mechanics and Optics.
All rights reserved.

Яндекс.Метрика