Advanced search

Anomaly detection using isomorphic analysis for false data injection attacks in industrial control systems

Download
[thumbnail of Isomorphic_Analysis_final.pdf]
Preview
Text - Accepted Version
· Available under License Creative Commons Attribution Non-commercial No Derivatives.
· Please see our End User Agreement before downloading. | Preview
Available under license: Creative Commons Attribution Non-commercial No Derivatives
Advice

Please see our End User Agreement.

It is advisable to refer to the publisher's version if you intend to cite from this work. See Guidance on citing.

Tools
Add to AnyAdd to TwitterAdd to FacebookAdd to LinkedinAdd to PinterestAdd to Email
Lists

Zhang, X., Jiang, Z., Ding, Y., Ngai, E. C.H. and Yang, S.-H. orcid id iconORCID: https://orcid.org/0000-0003-0717-5009 (2024) Anomaly detection using isomorphic analysis for false data injection attacks in industrial control systems. Journal of the Franklin Institute, 361 (13). 107000. ISSN 1879-2693 doi: 10.1016/j.jfranklin.2024.107000

Abstract/Summary

As the Industrial Internet-of-Things (IIoT) evolves, a growing number of industrial control systems (ICSs) are connecting to the Internet, making them more vulnerable to malicious attacks. This paper addresses the detection of false data injection (FDI) attacks, a prevalent threat to open ICSs. We introduce an innovative anomaly detection technique using isomorphic analysis to safeguard ICSs against FDI attacks. Isomorphic analysis involves comparing transmitted signals with their expected values, which are derived from mathematical models or isomorphic components. For a comprehensive defense mechanism, we incorporate three specific detectors: the control signal detector, the actuating signal detector, and the sensor reading detector. Designed to detect FDI attacks across various parts of the ICS, these detectors ensure the integrity of all transmitted signals throughout the physical control system. While the control signal detector adopts a threshold method, the other two rely on statistical approaches. If an attack is detected, the detectors can correct tampered signals before they reach downstream components, enhancing the system’s overall resilience and fault tolerance. The effectiveness of these detectors is supported by rigorous mathematical proofs. Moreover, our experimental findings further reveal the superiority of the isomorphic strategy over prior work in terms of detection rate, detection time delay, and system resilience.

Altmetric Badge

Item Type Article
URI https://reading-clone.eprints-hosting.org/id/eprint/119781
Identification Number/DOI 10.1016/j.jfranklin.2024.107000
Refereed Yes
Divisions Science > School of Mathematical, Physical and Computational Sciences > Department of Computer Science
Publisher Elsevier
Download/View statistics View download statistics for this item
Download Statistics

Downloads

Downloads per month over past year

Deposit Details

University Staff: Request a correction | Centaur Editors: Update this record

Search Google Scholar