FALCON: Framework for Anomaly Detection in Industrial Control Systems

Industrial Control Systems (ICS) are used to control physical processes in critical infrastructure. These systems are used in a wide variety of operations such as water treatment, power generation and distribution, and manufacturing. While the safety and security of these systems are of serious concern, recent reports have shown an increase in targeted attacks aimed at manipulating physical processes to cause catastrophic consequences. This trend emphasizes the need for algorithms and tools that provide resilient and smart attack detection mechanisms to protect ICS. In this paper, we propose an anomaly detection framework for ICS based on a deep neural network. The proposed methodology uses dilated convolution and long short-term memory (LSTM) layers to learn temporal as well as long term dependencies within sensor and actuator data in an ICS. The sensor/actuator data are passed through a unique feature engineering pipeline where wavelet transformation is applied to the sensor signals to extract features that are fed into the model. Additionally, this paper explores four variations of supervised deep learning models, as well as an unsupervised support vector machine (SVM) model for this problem. The proposed framework is validated on Secure Water Treatment testbed results. This framework detects more attacks in a shorter period of time than previously published methods

FALCON: Framework for Anomaly Detection In Industrial Control Systems

Industrial Control Systems (ICS) are used to control physical processes in the nation\u27s critical infrastructures. They are composed of subsystems that control physical processes by analyzing the information received from the sensors. Based on the state of the process, the controller issues control commands to the actuators. These systems are utilized in a wide variety of operations such as water treatment plants, power, and manufacturing, etc. While the safety and security of these systems are of high concern, recent reports have shown an increase in targeted attacks that are aimed at manipulating the physical processes to cause catastrophic consequences. This emphasizes the need for algorithms and tools that provide resilient and smart attack detection, as well as risk analysis mechanisms to protect the ICS. To address this need for resiliency, this thesis designs and develops an anomaly detection and risk analysis framework for ICS. The proposed anomaly detection methodology utilizes dilated Convolution and Long-Short Term Memory (LSTM) layers to learn temporal as well as long term dependencies from sensors/actuators data in ICS. This data is passed through a unique feature engineering pipeline where wavelet transformation is utilized on the sensor signals to extract additional features. Additionally, this thesis explores four different variations of supervised deep learning models, as well as an unsupervised one class Support Vector Machine (SVM) model for this problem. Furthermore, an empirical analysis of a single monolithic model for all sensors/actuators in ICS vs distributed models for each segmented process is carried out. The proposed methodology is validated utilizing sensors/actuators normal and attack data from a miniature water treatment plant known as Secure Water Treatment (SWaT) testbed. The results of our experiments show improvement over existing state-of-the-art anomaly detection algorithms with higher performance than the baselines set previously. In addition, this thesis provides evidence on monolithic models trained on entire processes in ICS performing better than the distributed models due to their ability to learn global relationships within the data. Along with an anomaly detection methodology, this thesis also presents a Colored Petri Net (PN) model for simulating the physical processes based on control code, and modeling risks within the system

FALCON: Framework for Anomaly Detection in Industrial Control Systems

Industrial Control Systems (ICS) are used to control physical processes in critical infrastructure. These systems are used in a wide variety of operations such as water treatment, power generation and distribution, and manufacturing. While the safety and security of these systems are of serious concern, recent reports have shown an increase in targeted attacks aimed at manipulating physical processes to cause catastrophic consequences. This trend emphasizes the need for algorithms and tools that provide resilient and smart attack detection mechanisms to protect ICS. In this paper, we propose an anomaly detection framework for ICS based on a deep neural network. The proposed methodology uses dilated convolution and long short-term memory (LSTM) layers to learn temporal as well as long term dependencies within sensor and actuator data in an ICS. The sensor/actuator data are passed through a unique feature engineering pipeline where wavelet transformation is applied to the sensor signals to extract features that are fed into the model. Additionally, this paper explores four variations of supervised deep learning models, as well as an unsupervised support vector machine (SVM) model for this problem. The proposed framework is validated on Secure Water Treatment testbed results. This framework detects more attacks in a shorter period of time than previously published methods

Evaluation of Botanical Powders for the Management of Rice Weevil (Sitophilus oryzae L. Coleoptera: Curculionidae) in Rupandehi, Nepal

An experiment to manage rice weevil (Sitophilus oryzae L. Coleoptera: Curculionidae) in wheat (Triticum aestivum L. Gramineae) was carried out at Institute of Agriculture and Animal Science (IAAS), Paklihawa Campus, Rupandehi, Nepal. The experiment was conducted under completely randomized design (CRD) with seven treatments viz. neem leaf dust (Azadirachta indica A. Juss) 15 g/kg, tobacco leaf dust (Nicotiana tabacum L.) 10 g/kg, ginger rhizome powder (Zingiber officinale Roscoe) 20 g/kg, garlic cloves powder (Allium sativum L.) 20 g/kg, Sichuan pepper seed powder (Zanthoxylum armatum Roxb.) 10 g/kg, sweet flag rhizome dust (Acorus calamus L.) 5 g/kg, and control with three replication. Result revealed that the highest mortality of weevils was observed in the wheat seed treated with A. calamus (98.33%), followed by N. tabacum (85.67%), A. sativum (73.34%), A. indica (70.67%), Z. armatum (70.34%), and Z. officinale (58.34%). Similarly, the lowest percent weight loss (3.32%) and damage of seed (4.0%) were observed in wheat treated with A. calamus. Moreover, the highest germination (89%) was observed in seeds treated with A. calamus rhizome powder when tested at 90 days after treatment application. Based on weevil mortality and the germination test, it is found that sweet flag rhizome powder is the best treatment against rice weevil followed by tobacco leaf dust and garlic clove powder. Therefore, these botanicals could be one of the effective alternatives for the management of weevil especially to the farmers who do not use chemical insecticides in the rural areas of Nepal