A Variational Autoencoder Framework for Robust, Physics-Informed Cyberattack Recognition in Industrial Cyber-Physical Systems

TL;DR

This paper introduces a hybrid variational autoencoder-based framework for detecting, diagnosing, and localizing covert cyberattacks in industrial control systems, effectively distinguishing them from equipment faults using temporal sensor data.

Contribution

It presents a novel hybrid deep learning framework combining VAE, RNN, and DNN for robust cyberattack detection and localization in ICS, addressing the challenge of differentiating attacks from faults.

Findings

The proposed method outperforms traditional model-based approaches in detection accuracy.

It effectively distinguishes cyberattacks from equipment faults using temporal sensor data.

Simulation results demonstrate high efficacy in a power transmission system example.

Abstract

Cybersecurity of Industrial Cyber-Physical Systems is drawing significant concerns as data communication increasingly leverages wireless networks. A lot of data-driven methods were develope for detecting cyberattacks, but few are focused on distinguishing them from equipment faults. In this paper, we develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on networked industrial control systems. The framework has a hybrid design that combines a variational autoencoder (VAE), a recurrent neural network (RNN), and a Deep Neural Network (DNN). This data-driven framework considers the temporal behavior of a generic physical system that extracts features from the time series of the sensor measurements that can be used for detecting covert attacks, distinguishing them from equipment faults, as well as localize the attack/fault. We evaluate the performance of the proposed method through a realistic simulation study on a networked power transmission system as a typical example of ICS. We compare the performance of the proposed method with the traditional model-based method to show its applicability and efficacy.