Abstract
Cyber-Physical Systems (CPS) are characterized by a wide range of complex multi-tasking components with close interaction that leads to integrating cyber sections into the physical world. Considering the significant growth of cyber-physical systems and due to the widespread use of smart features and communication tools, new challenges have emerged. In this regard, a new generation of CPSs such as the smart grid are facing different vulnerabilities and many threats and attacks. Therefore, the most important challenges for these systems are security and privacy. Anomaly detection is an important data analysis task as one of the approaches for CPSs security. As different anomaly detection methods are presented, it is difficult to compare the advantages and disadvantages of these techniques. Finally, in this chapter Machine Learning (ML) methods for detection of anomalies are presented through a case study which demonstrates the effectiveness of machine learning techniques at classifying False Data Injection (FDI) attacks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
V. Gunes, S. Peter, T. Givargis, et al., A Survey on Concepts, Applications, and Challenges in Cyber-Physical Systems. Citeseer (2014). http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.717.3807&rep=rep1&type=pdf
J. Goh, S. Adepu, M. Tan, et al., Anomaly Detection in Cyber Physical Systems Using Recurrent Neural Networks (2017). Ieeexplore.Ieee.Org . https://ieeexplore.ieee.org/abstract/document/7911887/
A. Jones, Z. Kong, C. Belta, Anomaly detection in cyber-physical systems: a formal methods approach, in 53rd IEEE Conference on Decision and Control (2014). Ieeexplore.Ieee.Org . https://ieeexplore.ieee.org/abstract/document/7039487/
M. Cintuglu, O. Mohammed, K. Akkaya, A.S. Uluagac, A Survey on Smart Grid Cyber-Physical System Testbeds (2016). Ieeexplore.Ieee.Org. https://ieeexplore.ieee.org/abstract/document/7740849/
T. Agarwal, P. Niknejad, A. Rahimnejad, M.R. Barzegaran, L. Vanfretti, Cyber–physical microgrid components fault prognosis using electromagnetic sensors. IET Cyber-Phys Syst Theory Appl 4(2), 173–178 (2019). https://doi.org/10.1049/iet-cps.2018.5043
H.M. Ruzbahani, H. Karimipour, Optimal incentive-based demand response management of smart households, in 2018 IEEE/IAS 54th Industrial and Commercial Power Systems Technical Conference (I&CPS) (2018), pp. 1–7. https://doi.org/10.1109/ICPS.2018.8369971
H.M. Ruzbahani, A. Rahimnejad, H. Karimipour, Smart households demand response management with micro grid, in 2019 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT) (2019), pp. 1–5. https://doi.org/10.1109/ISGT.2019.8791595
C.K. Keerthi, M.A. Jabbar, B. Seetharamulu, Cyber Physical Systems (CPS): security issues, challenges and solutions, in 2017 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC) (2017), pp. 1–4. https://doi.org/10.1109/ICCIC.2017.8524312
A. Rahimneiad, I. Al-Omari, R. Barzegaran, H. Karimipour, Hybrid harmonic estimation based on least square method and bacterial foraging optimization, in 2018 IEEE Electrical Power and Energy Conference (EPEC) (2018), pp. 1–6. https://doi.org/10.1109/EPEC.2018.8598450
A. Azmoodeh, A. Dehghantanha, K.-K.R. Choo, Robust malware detection for internet of (battlefield) things devices using deep Eigenspace learning. IEEE Trans Sustain Comput 4(1), 88–95 (2019). https://doi.org/10.1109/TSUSC.2018.2809665
A. Azmoodeh, A. Dehghantanha, R.M. Parizi, H. Karimipour, E. Modiri, D.E. Newton, Fuzzy pattern tree for edge malware detection and categorization in IoT zero trust distributed computing view project naive-Bayesian-based model for interoperability among heterogeneous Systems in Intelligent Buildings View project fuzzy pattern tree for edge malware detection and categorization in IoT. J. Syst. Archit. 97, 1–7 (2019). https://doi.org/10.1016/j.sysarc.2019.01.017
H. Karimipour, A. Dehghantanha, R.M. Parizi, K.-K.R. Choo, H. Leung, A deep and scalable unsupervised machine learning system for cyber-attack detection in large-scale smart grids. IEEE Access 7, 80778 (2019). https://doi.org/10.1109/ACCESS.2019.2920326
R. Altawy, A.M. Youssef, Security tradeoffs in cyber physical systems: a case study survey on implantable medical devices. IEEE Access 4, 959–979 (2016). https://doi.org/10.1109/ACCESS.2016.2521727
C.-W. Tsai, C.-F. Lai, M.-C. Chiang, L.T. Yang, Data mining for internet of things: a survey. IEEE Commun. Surv. Tutorials 16(1), 77–97 (2014). https://doi.org/10.1109/SURV.2013.103013.00206
J. Sakhnini, H. Karimipour, A. Dehghantanha, Smart Grid Cyber Attacks Detection Using Supervised Learning and Heuristic Feature Selection (2019). http://arxiv.org/abs/1907.03313
O.M.K. Alhawi, J. Baldwin, A. Dehghantanha, Leveraging machine learning techniques for windows ransomware network traffic detection, in Cyber Threat Intelligence, (Springer, Cham, 2018), p. 70. https://doi.org/10.1007/978-3-319-73951-9_5
N. Milosevic, A. Dehghantanha, K.-K.R. Choo, Machine learning aided android malware classification. Comput. Elect. Eng. 61, 266–274 (2017). https://doi.org/10.1016/J.COMPELECENG.2017.02.013
A. Shalaginov, S. Banin, et al., Machine Learning Aided Static Malware Analysis: A Survey and Tutorial (Springer, Berlin, 2018). https://link.springer.com/chapter/10.1007/978-3-319-73951-9_2
A. Shalaginov, S. Banin, A. Dehghantanha, K. Franke, Machine Learning Aided Static Malware Analysis: A Survey and Tutorial (2018). https://doi.org/10.1007/978-3-319-73951-9_2
V. Chandola, A. Banerjee, V. Kumar, Anomaly detection. ACM Comput. Surv. 41(3), 1–58 (2009). https://doi.org/10.1145/1541880.1541882
S. Mohammadi, H. Mirvaziri, M. Ghazizadeh-Ahsaee, H. Karimipour, Cyber intrusion detection by combined feature selection algorithm. J. Inform. Secur. Appl. 44, 80–88 (2019). https://doi.org/10.1016/J.JISA.2018.11.007
M. Conti, S. Das, C. Bisdikian, M. Kumar, et al., Looking ahead in pervasive computing: challenges and opportunities in the era of cyber–physical convergence. Pervasive Mob. Comput. 8, 2–21 (2012). https://www.sciencedirect.com/science/article/pii/S1574119211001271
I. Horvath, B.H. Gerritsen, Cyber-Physical Systems: Concepts, Technologies and Implementation Principles (2012). Researchgate.Net. https://www.researchgate.net/profile/Imre_Horvath/publication/229441298_CYBER-PHYSICAL_SYSTEMS_CONCEPTS_TECHNOLOGIES_AND_IMPLEMENTATION_PR INCIPLES/links/0912f500e60008cd01000000.pdf
L. Miclea, et al., About Dependability in Cyber-Physical Systems (2011). Ieeexplore.Ieee.Org. https://ieeexplore.ieee.org/abstract/document/6116428/
J. Shi, J. Wan, H. Yan, H. Suo, A survey of cyber-physical systems, in 2011 International Conference on Wireless Communications and Signal Processing (WCSP) (2011), pp. 1–6. https://doi.org/10.1109/WCSP.2011.6096958
F. Ghalavand, B. Alizade, H. Gaber, H. Karimipour, Microgrid islanding detection based on mathematical morphology. Energies 11(10), 2696 (2018). https://doi.org/10.3390/en11102696
F. Ghalavand, B. Alizade, H. Gaber, H. Karimipour, F. Ghalavand, B.A.M. Alizade, et al., Microgrid islanding detection based on mathematical morphology. Energies 11(10), 2696 (2018). https://doi.org/10.3390/en11102696
H. Karimipour, V. Dinavahi, On false data injection attack against dynamic state estimation on smart power grids, in 2017 IEEE International Conference on Smart Energy Grid Engineering (SEGE) (2017), pp. 388–393. https://doi.org/10.1109/SEGE.2017.8052831
H. Karimipour, V. Dinavahi, Robust massively parallel dynamic state estimation of power systems against cyber-attack. IEEE Access 6, 2984–2995 (2018). https://doi.org/10.1109/ACCESS.2017.2786584
S. Geris, H. Karimipour, A feature selection-based approach for joint cyber-attack detection and state estimation, in IEEE International Conference on Smart Energy Grid Engineering (SEGE) (2019), pp. 1–5. https://www.scpslab.org/publications.html
S. Mohammadi, V. Desai, H. Karimipour, Multivariate mutual information feature selection for intrusion detection, in IEEE Canada Electrical Power and Energy Conference (EPEC) (2018), pp. 1–6. https://www.scpslab.org/publications.html
H. Karimipour, S. Geris, A. Dehghantanha, Anomaly detection for large-scale smart grids (2019), pp. 1–4. https://www.scpslab.org/publications.html
M.R. Begli, F. Derakhshan, H. Karimipour, A layered intrusion detection system for critical infrastructure using machine learning, in A Layered Intrusion Detection System for Critical Infrastructure Using Machine Learning (2019), pp. 1–5. https://www.scpslab.org/publications.html
H. Pajouh, R. Javidan, et al., A Two-Layer Dimension Reduction and Two-Tier Classification Model for Anomaly-Based Intrusion Detection in IoT Backbone Networks (2016). Ieeexplore.Ieee.Org. https://ieeexplore.ieee.org/abstract/document/7762123/
G. Sebestyen, A. Hangan, et al., A Taxonomy and Platform for Anomaly Detection (2018). Ieeexplore.Ieee.Org. https://ieeexplore.ieee.org/abstract/document/8402710/
A. Patcha, J.-M. Park, An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput. Netw. 51(12), 3448–3470 (2007). https://doi.org/10.1016/J.COMNET.2007.02.001
N. Ye, Q. Chen, An anomaly detection technique based on a chi-square statistic for detecting intrusions into information systems. Qual. Reliab. Eng. Int. 17(2), 105–112 (2001). https://doi.org/10.1002/qre.392
P. García-Teodoro, J. Díaz-Verdejo, G. Maciá-Fernández, E. Vázquez, Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28(1–2), 18–28 (2009). https://doi.org/10.1016/J.COSE.2008.08.003
C.-I. Chang, S.-S. Chiang, Anomaly detection and classification for hyperspectral imagery. IEEE Trans. Geosci. Remote Sens. 40(6), 1314–1325 (2002). https://doi.org/10.1109/TGRS.2002.800280
M. Ahmed, A. Mahmood, J. Hu, A survey of network anomaly detection techniques. J. Network Comput. Appl. 60, 19–31 (2016). https://www.sciencedirect.com/science/article/pii/S1084804515002891
W. Lee, X. Dong, Information-theoretic measures for anomaly detection, in Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 (2000), pp. 130–143. https://doi.org/10.1109/SECPRI.2001.924294
I. Steinwart, D. Hush, C. Scovel, A classification framework for anomaly detection. J. Mach. Learn. Res. 6(Feb), 211–232 (2005). http://www.jmlr.org/papers/v6/steinwart05a.html
V. Estivil-Castro, ACM Digital Library, Proceedings of the twenty-eighth australasian conference on computer science, Newcastle, Australia, in Proceedings of the Twenty-eighth Australasian Conference on Computer Science, vol 38 (2005). https://dl.acm.org/citation.cfm?id=1082198
L. Portnoy, Intrusion Detection with Unlabeled Data Using Clustering (2000). https://doi.org/10.7916/D8MP5904
F. Zhouyu, W. Hu, T. Tan, Similarity based vehicle trajectory clustering and anomaly detection, in IEEE International Conference on Image Processing 2005 (2005), pp. II–602. https://doi.org/10.1109/ICIP.2005.1530127
M. Ahmed, A. N. Mahmood, & M. J. Maher (2015). Heart Disease Diagnosis Using Co-clustering. https://doi.org/10.1007/978-3-319-16868-5_6
S. Agrawal, J. Agrawal, Survey on anomaly detection using data mining techniques. Proc. Comput. Sci. 60, 708–713 (2015). https://www.sciencedirect.com/science/article/pii/S1877050915023479
M. Gupta, J. Gao, et al., Outlier Detection for Temporal Data: A Survey (2013). Ieeexplore.Ieee.Org . https://ieeexplore.ieee.org/abstract/document/6684530/
N. Laptev, S. Amizadeh, et al., Generic and Scalable Framework for Automated Time-Series Anomaly Detection (2015). Dl.Acm.Org. https://dl.acm.org/citation.cfm?id=2788611
S.-W. Joo, R. Chellappa, Attribute grammar-based event recognition and anomaly detection, in 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW’06) (2016), p. 107. https://doi.org/10.1109/CVPRW.2006.32
L. Lankewicz, M. Benard, Real-time anomaly detection using a nonparametric pattern recognition approach, in Proceedings Seventh Annual Computer Security Applications Conference (n.d.), pp. 80–89. https://doi.org/10.1109/CSAC.1991.213016
M. Kakavand, M. Dabbagh, et al., Application of Machine Learning Algorithms for Android Malware Detection (2018). Researchgate.Net. https://www.researchgate.net/profile/Mohammad_Dabbagh3/publication/331216763_Application_of_Machine_Learning_Algorithms_for_Android_Malware_Detection/links/5c74adcb92851c69504146a9/Application-of-Machine-Learning-Algorithms-for-Android-Malware-Detection.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Mohammadi Rouzbahani, H., Karimipour, H., Rahimnejad, A., Dehghantanha, A., Srivastava, G. (2020). Anomaly Detection in Cyber-Physical Systems Using Machine Learning. In: Choo, KK., Dehghantanha, A. (eds) Handbook of Big Data Privacy. Springer, Cham. https://doi.org/10.1007/978-3-030-38557-6_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-38557-6_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-38556-9
Online ISBN: 978-3-030-38557-6
eBook Packages: Computer ScienceComputer Science (R0)