仿真
信息物理系统
计算机科学
过程(计算)
入侵检测系统
计算机安全
异常检测
钥匙(锁)
关键基础设施
网络攻击
分布式计算
数据挖掘
操作系统
经济
经济增长
作者
Andrés Murillo,Riccardo Taormina,Nils Ole Tippenhauer,Stefano Galelli
标识
DOI:10.1061/jwrmd5.wreng-5854
摘要
A fundamental problem in the realm of cyber-physical security of smart water networks is attack detection, a key step towards designing adequate countermeasures. This task is typically carried out by algorithms that analyze time series of process data. However, the nature of the data available to develop these algorithms limits their capabilities: by relying on process data only, one cannot distinguish a cyber-attack from the failure of a system's component or identify the root cause of an attack. Here, we show that these limitations can be addressed through the joint analysis of process and network data—with the latter representing the information exchanged between the components constituting the Industrial Control System, such as sensors and Programmable Logic Controllers (PLCs). For this purpose, we utilize a dataset generated by digital hydraulic simulator (DHALSIM)—a numerical modelling platform built on a two-way interaction between EPANET version 2.2 and a network emulation tool—which is extended here to include a framework for launching cyber-physical attacks. This paper presents a dataset with realistic network information of a smart water network under cyber-physical attacks and presents an analysis of how that information can enable the development of better intrusion detection systems that can localize and identify attacks. Through this analysis, the dataset provided here, and the open-source availability of DHALSIM, our work paves the way to a novel class of analytics for actionable detection.
科研通智能强力驱动
Strongly Powered by AbleSci AI