TY - GEN
T1 - Anomaly detection in liquid pipelines using modeling, co-simulation and dynamical estimation
AU - Alajlouni, Saed
AU - Rao, Vittal
N1 - Funding Information:
This research was supported by the National Science Foundation under MRI Grant No. ECCS-1040161.
Publisher Copyright:
© IFIP International Federation for Information Processing 2013.
PY - 2013
Y1 - 2013
N2 - Historically, supervisory control and data acquisition (SCADA) systems have relied on obscurity to safeguard against attacks. Indeed, external attackers lacked knowledge about proprietary system designs and software to access systems and execute attacks. The trend to interconnect to the Internet and incorporate standardized protocols, however, has resulted in an increase in the attack surface – attackers can now target SCADA systems and proceed to impact the physical systems they control. Dynamical estimation can be used to identify anomalies and attempts to maliciously affect controlled physical systems. This paper describes an intrusion detection method based on the dynamical estimation of systems. A generic water pipeline system is modeled using state space equations, and a discrete-time Kalman filter is used to estimate operational characteristics for anomaly-based intrusion detection. The effectiveness of the method is evaluated against deception attacks that target the water pipeline system. A co-simulation that integrates computational fluid dynamics software and MATLAB/Simulink is employed to simulate attacks and develop detection schemes.
AB - Historically, supervisory control and data acquisition (SCADA) systems have relied on obscurity to safeguard against attacks. Indeed, external attackers lacked knowledge about proprietary system designs and software to access systems and execute attacks. The trend to interconnect to the Internet and incorporate standardized protocols, however, has resulted in an increase in the attack surface – attackers can now target SCADA systems and proceed to impact the physical systems they control. Dynamical estimation can be used to identify anomalies and attempts to maliciously affect controlled physical systems. This paper describes an intrusion detection method based on the dynamical estimation of systems. A generic water pipeline system is modeled using state space equations, and a discrete-time Kalman filter is used to estimate operational characteristics for anomaly-based intrusion detection. The effectiveness of the method is evaluated against deception attacks that target the water pipeline system. A co-simulation that integrates computational fluid dynamics software and MATLAB/Simulink is employed to simulate attacks and develop detection schemes.
KW - Anomaly detection
KW - Dynamical estimation
KW - Liquid pipelines
UR - http://www.scopus.com/inward/record.url?scp=84954548217&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-45330-4_8
DO - 10.1007/978-3-642-45330-4_8
M3 - Conference contribution
AN - SCOPUS:84954548217
SN - 9783642453298
T3 - IFIP Advances in Information and Communication Technology
SP - 111
EP - 124
BT - Critical Infrastructure Protection VII - 7th IFIP WG 11.10 International Conference, ICCIP 2013, Revised Selected Papers
A2 - Shenoi, Sujeet
A2 - Butts, Jonathan
PB - Springer New York LLC
T2 - 7th IFIP WG 11.10 International Conference on Critical Infrastructure Protection, ICCIP 2013
Y2 - 18 March 2013 through 20 March 2013
ER -