ACADSTAFF UGM
| Title | : | Detection of Cyber-Physical Attacks Using Physical Model with Nonparametric EWMA Detector |
| Author | : |
JOKO SUPRIYADI (1) Prof. Dr. Ir. Jazi Eko Istiyanto, M.Sc. (2) Dr. Agfianto Eko Putra, M.Si. (3) |
| Date | : | 0 2022 |
| Keyword | : | Industrial control systems; Cyber-physical attacks; Physical model, dynamic mode decomposition method with control (DMDc), Nonparametric Exponentially Weighted Moving Average (EWMA) Industrial control systems; Cyber-physical attacks; Physical model, dynamic mode decomposition method with control (DMDc), Nonparametric Exponentially Weighted Moving Average (EWMA) |
| Abstract | : | Industrial Control Systems (ICS) can suffer from cyber-physical attacks resulting in accidents, damage, or financial loss. The attacks can be detected in the ICS's physical space andcyberspace. The detection in physical space can be based on physical models of the system. This study uses a data-driven modelling approach to model the physical system as an alternative to the analytic one. This study model the system using the dynamic mode decomposition method with control (DMDc), assuming a complete state measurement. The attack detector used in some research with predictive physical models is the cumulative sum (CUSUM), which only applies to distributing residual data normally. This research uses a non-parametric exponentially weighted moving average (EWMA) detector to detect any cyberphysical attack. This study uses data set from a testbed of Secure Water Treatment (SWaT). The approach used in this study was successful in detecting 8 out of 10 attacks on the first SWaT subsystem. This study demonstrates that DMDc used in this study results in better goodness of fit. The non-parametric EWMA can be used as an alternative detector when residual data do not follow a normal distribution. |
| Group of Knowledge | : | Ilmu Komputer |
| Original Language | : | English |
| Level | : | Internasional |
| Status | : |
Published
|