66,390 research outputs found
Image-based Deep Learning for Smart Digital Twins: a Review
Smart Digital twins (SDTs) are being increasingly used to virtually replicate
and predict the behaviors of complex physical systems through continual data
assimilation enabling the optimization of the performance of these systems by
controlling the actions of systems. Recently, deep learning (DL) models have
significantly enhanced the capabilities of SDTs, particularly for tasks such as
predictive maintenance, anomaly detection, and optimization. In many domains,
including medicine, engineering, and education, SDTs use image data
(image-based SDTs) to observe and learn system behaviors and control their
behaviors. This paper focuses on various approaches and associated challenges
in developing image-based SDTs by continually assimilating image data from
physical systems. The paper also discusses the challenges involved in designing
and implementing DL models for SDTs, including data acquisition, processing,
and interpretation. In addition, insights into the future directions and
opportunities for developing new image-based DL approaches to develop robust
SDTs are provided. This includes the potential for using generative models for
data augmentation, developing multi-modal DL models, and exploring the
integration of DL with other technologies, including 5G, edge computing, and
IoT. In this paper, we describe the image-based SDTs, which enable broader
adoption of the digital twin DT paradigms across a broad spectrum of areas and
the development of new methods to improve the abilities of SDTs in replicating,
predicting, and optimizing the behavior of complex systems.Comment: 12 pages, 2 figures, and 3 table
Multi-Source Data Fusion for Cyberattack Detection in Power Systems
Cyberattacks can cause a severe impact on power systems unless detected
early. However, accurate and timely detection in critical infrastructure
systems presents challenges, e.g., due to zero-day vulnerability exploitations
and the cyber-physical nature of the system coupled with the need for high
reliability and resilience of the physical system. Conventional rule-based and
anomaly-based intrusion detection system (IDS) tools are insufficient for
detecting zero-day cyber intrusions in the industrial control system (ICS)
networks. Hence, in this work, we show that fusing information from multiple
data sources can help identify cyber-induced incidents and reduce false
positives. Specifically, we present how to recognize and address the barriers
that can prevent the accurate use of multiple data sources for fusion-based
detection. We perform multi-source data fusion for training IDS in a
cyber-physical power system testbed where we collect cyber and physical side
data from multiple sensors emulating real-world data sources that would be
found in a utility and synthesizes these into features for algorithms to detect
intrusions. Results are presented using the proposed data fusion application to
infer False Data and Command injection-based Man-in- The-Middle (MiTM) attacks.
Post collection, the data fusion application uses time-synchronized merge and
extracts features followed by pre-processing such as imputation and encoding
before training supervised, semi-supervised, and unsupervised learning models
to evaluate the performance of the IDS. A major finding is the improvement of
detection accuracy by fusion of features from cyber, security, and physical
domains. Additionally, we observed the co-training technique performs at par
with supervised learning methods when fed with our features
Stealthy Deception Attacks Against SCADA Systems
SCADA protocols for Industrial Control Systems (ICS) are vulnerable to
network attacks such as session hijacking. Hence, research focuses on network
anomaly detection based on meta--data (message sizes, timing, command
sequence), or on the state values of the physical process. In this work we
present a class of semantic network-based attacks against SCADA systems that
are undetectable by the above mentioned anomaly detection. After hijacking the
communication channels between the Human Machine Interface (HMI) and
Programmable Logic Controllers (PLCs), our attacks cause the HMI to present a
fake view of the industrial process, deceiving the human operator into taking
manual actions. Our most advanced attack also manipulates the messages
generated by the operator's actions, reversing their semantic meaning while
causing the HMI to present a view that is consistent with the attempted human
actions. The attacks are totaly stealthy because the message sizes and timing,
the command sequences, and the data values of the ICS's state all remain
legitimate.
We implemented and tested several attack scenarios in the test lab of our
local electric company, against a real HMI and real PLCs, separated by a
commercial-grade firewall. We developed a real-time security assessment tool,
that can simultaneously manipulate the communication to multiple PLCs and cause
the HMI to display a coherent system--wide fake view. Our tool is configured
with message-manipulating rules written in an ICS Attack Markup Language (IAML)
we designed, which may be of independent interest. Our semantic attacks all
successfully fooled the operator and brought the system to states of blackout
and possible equipment damage
- …