Abstract
Networks of sensors and Internet of Things have led to an ever-increasing amount of data that is now more commonly available in streaming settings. Often it is assumed that the process generating these streams is stationary, however, in real world scenarios, systems are evolving and dynamic in nature. This results in degradation of trained model predictions and decision making process. Thus, methods and approaches to be able to detect when there is a change or drift in the environment are necessary. In this research project, we proposed a change detection framework and analyzed various data distribution-based change detection algorithms for real-time analysis and change detection in Secure Water Treatment. Results show that the framework is promising, able to effectively monitor the cyber-physical system, and out of the algorithms we experimented with, the Kolmogorov-Smirnov WINdowing algorithm performed better in terms of changes detected and detection delay, albeit with a high false alarm rate.
Supported by Eötvös Loránd Tudományegyetem.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Available at https://github.com/mitre/menelaus.
- 2.
Available at https://github.com/online-ml/river.
- 3.
Available at https://github.com/mateotis/swat-change-detection.
References
Callegari, C., Giordano, S., Pagano, M., Pepe, T.: WAVE-CUSUM: Improving cusum performance in network anomaly detection by means of wavelet analysis. Comput. Secur. 31(5), 727–735 (2012). ISSN 0167-4048. https://doi.org/10.1016/j.cose.2012.05.001, URL https://www.sciencedirect.com/science/article/pii/S0167404812000788
Zhou, C., van Nooijen, R., Kolechkina, A., Hrachowitz, M.: Comparative analysis of nonparametric change-point detectors commonly used in hydrology. Hydrol. Sci. J. 64(14), 1690–1710 (2019). https://doi.org/10.1080/02626667.2019.1669792, URL https://doi.org/10.1080/02626667.2019.1669792
Dasu, T., Krishnan, S., Venkatasubramanian, S., Yi, K.: An information-theoretic approach to detecting changes in multi-dimensional data streams. In: Proc. Symposium on the Interface of Statistics, Computing Science, and Applications (Interface) (2006)
Ditzler, G., Roveri, M., Alippi, C., Polikar, R.: Learning in nonstationary environments: a survey. IEEE Comput. Intell. Mag. 10(4), 12–25 (2015). https://doi.org/10.1109/MCI.2015.2471196
Flynn, T., Yoo, S.: Change detection with the kernel cumulative sum algorithm. In: 2019 IEEE 58th Conference on Decision and Control (CDC), pp. 6092–6099 (2019). https://doi.org/10.1109/CDC40024.2019.9029854
Gama, J., Žliobaitė, I., Bifet, A., Pechenizkiy, M., Bouchachia, A.: A survey on concept drift adaptation. ACM Comput. Surv. 46(4) (2014), ISSN 0360-0300. https://doi.org/10.1145/2523813
Goh, J., Adepu, S., Junejo, K.N., Mathur, A.: A dataset to support research in the design of secure water treatment systems. In: Havarneanu, G., Setola, R., Nassopoulos, H., Wolthusen, S. (eds.) Critical Information Infrastructures Security, pp. 88–99. Springer International Publishing, Cham (2017), ISBN 978-3-319-71368-7
Hu, H., Kantardzic, M., Sethi, T.S.: No free lunch theorem for concept drift detection in streaming data classification: a review. WIREs Data Min. Knowl. Discovery 10(2), e1327 (2020)
Krawczyk, B., Woźniak, M.: One-class classifiers with incremental learning and forgetting for data streams with concept drift. Soft. Comput. 19(12), 3387–3400 (2015)
Lamshöft, K., Neubert, T., Krätzer, C., Vielhauer, C., Dittmann, J.: Information hiding in cyber physical systems: challenges for embedding, retrieval and detection using sensor data of the swat dataset. In: Proceedings of the 2021 ACM Workshop on Information Hiding and Multimedia Security, pp. 113-124. IH &MMSec ’21, Association for Computing Machinery, New York, NY, USA (2021), ISBN 9781450382953. https://doi.org/10.1145/3437880.3460413
Lu, J., Liu, A., Dong, F., Gu, F., Gama, J., Zhang, G.: Learning under concept drift: a review. IEEE Trans. Knowl. Data Eng. 31(12), 2346–2363 (2019). https://doi.org/10.1109/TKDE.2018.2876857
Qahtan, A.A., Alharbi, B., Wang, S., Zhang, X.: A PCA-based change detection framework for multidimensional data streams: change detection in multidimensional data streams. In: Proceedings of the 21th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 935-944, KDD ’15, Association for Computing Machinery, New York, NY, USA (2015), ISBN 9781450336642. https://doi.org/10.1145/2783258.2783359
Vaswani, N.: The modified CUSUM algorithm for slow and drastic change detection in general HMMs with unknown change parameters. In: Proceedings. (ICASSP ’05). IEEE International Conference on Acoustics, Speech, and Signal Processing, 2005, vol. 4, pp. iv/701–iv/704 (2005). https://doi.org/10.1109/ICASSP.2005.1416105
Yoong, C.H., Heng, J.: Framework for continuous system security protection in swat. In: Proceedings of the 2019 3rd International Symposium on Computer Science and Intelligent Control, ISCSIC 2019, Association for Computing Machinery, New York, NY, USA (2020), ISBN 9781450376617, https://doi.org/10.1145/3386164.3387297
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Hekfusz, M., Mahajan, V., Kamuzora, A., Lendák, I. (2024). Data Distribution-Based Change Detection Framework in SWaT Security Monitoring. In: Nguyen, NT., et al. Advances in Computational Collective Intelligence. ICCCI 2024. Communications in Computer and Information Science, vol 2166. Springer, Cham. https://doi.org/10.1007/978-3-031-70259-4_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-70259-4_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-70258-7
Online ISBN: 978-3-031-70259-4
eBook Packages: Computer ScienceComputer Science (R0)