Industrial Cyber-Physical System Defense Resource Allocation Using Distributed Anomaly Detection

An industrial cyber-physical system (ICPS) tightly integrating both physical processes and information and communication technologies (ICTs) leads to increasing cyberspace threats and attacks for the critical electrical infrastructure. With the limited defense resources availability, the efficient t...

Full description

Saved in:
Bibliographic Details
Published in:IEEE internet of things journal 2022-11, Vol.9 (22), p.22304-22314
Main Authors: Hao, Weijie, Yao, Pengchao, Yang, Tao, Yang, Qiang
Format: Article
Language:English
Subjects:
Anomalies
Anomaly detection
Communications traffic
Computer networks
Cyber-physical systems
Cybersecurity
Defense
defense resource allocation
distributed anomaly detection
industrial cyber–physical system (ICPS)
Infrastructure
Internet
Monitoring
Multiple objective analysis
network traffic analysis
Pareto optimization
Power system dynamics
Resource allocation
Resource management
Scalability
Security
Telecommunication traffic
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:An industrial cyber-physical system (ICPS) tightly integrating both physical processes and information and communication technologies (ICTs) leads to increasing cyberspace threats and attacks for the critical electrical infrastructure. With the limited defense resources availability, the efficient threat perception and mitigation of potential impacts of cyber attacks are essential to enhance the ICPS operational security. This article proposes an optimal defense resource allocation solution to prioritize the ICPS asset protection based on the distributed network traffic anomaly detection. The traffic anomalies and attack paths can be timely detected simultaneously over multiple security zones of the electrical infrastructure through local computing devices. The defense resource allocation is formulated as a multiobjective optimization (MOO) problem considering the tradeoff among the asset vulnerability, cost, and criticality, and solved by the Pareto optimal solution generation approach. The proposed solution is extensively evaluated using a realistic electrical CPS (ECPS) testbed for a range of cyber-attack scenarios. The numerical results confirm the effectiveness of the proposed distributed anomaly detection model and defense resource allocation strategy for varying defense resource availabilities.
ISSN:2327-4662
2327-4662
DOI:10.1109/JIOT.2021.3088337