Sensitivity analysis of the sequential test for detecting cyber-physical attacks. Long Do, V., Fillatre, L., & Nikiforov, I. In 2015 23rd European Signal Processing Conference (EUSIPCO), pages 2261-2265, Aug, 2015.
Paper doi abstract bibtex This paper deals with the problem of detecting cyber-physical attacks on Supervisory Control And Data Acquisition (SCADA) systems. The discrete-time state space model is used to describe the systems. The attacks are modeled as additive signals of short duration on both state evolution and sensor measurement equations. The steady-state Kalman filter is employed to generate the sequence of innovations. Next, these independent random variables are used as entries of the Variable Threshold Window Limited CUmulative SUM (VTWL CUSUM) test. It has been shown that the optimal choice of thresholds with respect to (w.r.t.) the transient change detection criterion leads to the Finite Moving Average (FMA) test. The main contribution of this paper is a sensitivity analysis of the FMA test. This analysis is based on a numerical calculation of the probabilities of wrong decision under the variation of operational parameters. Theoretical results are applied to the detection of an attack scenario on a SCADA water network.
@InProceedings{7362787,
author = {V. {Long Do} and L. Fillatre and I. Nikiforov},
booktitle = {2015 23rd European Signal Processing Conference (EUSIPCO)},
title = {Sensitivity analysis of the sequential test for detecting cyber-physical attacks},
year = {2015},
pages = {2261-2265},
abstract = {This paper deals with the problem of detecting cyber-physical attacks on Supervisory Control And Data Acquisition (SCADA) systems. The discrete-time state space model is used to describe the systems. The attacks are modeled as additive signals of short duration on both state evolution and sensor measurement equations. The steady-state Kalman filter is employed to generate the sequence of innovations. Next, these independent random variables are used as entries of the Variable Threshold Window Limited CUmulative SUM (VTWL CUSUM) test. It has been shown that the optimal choice of thresholds with respect to (w.r.t.) the transient change detection criterion leads to the Finite Moving Average (FMA) test. The main contribution of this paper is a sensitivity analysis of the FMA test. This analysis is based on a numerical calculation of the probabilities of wrong decision under the variation of operational parameters. Theoretical results are applied to the detection of an attack scenario on a SCADA water network.},
keywords = {feature extraction;Kalman filters;moving average processes;SCADA systems;security of data;sensitivity analysis;state-space methods;sensitivity analysis;cyber-physical attack detection;supervisory control and data acquisition;SCADA system;discrete-time state space model;Kalman filter;variable threshold window limited cumulative sum;VTWL CUSUM test;transient change detection criterion;finite moving average;FMA;Transient analysis;Technological innovation;Kalman filters;SCADA systems;Steady-state;Signal processing algorithms;Europe;Transient change detection;Window Limited CUSUM test;FMA test;cyber-physical attacks;SCADA systems},
doi = {10.1109/EUSIPCO.2015.7362787},
issn = {2076-1465},
month = {Aug},
url = {https://www.eurasip.org/proceedings/eusipco/eusipco2015/papers/1570102655.pdf},
}
Downloads: 0
{"_id":"tEKto8mFs3bZRyx3H","bibbaseid":"longdo-fillatre-nikiforov-sensitivityanalysisofthesequentialtestfordetectingcyberphysicalattacks-2015","authorIDs":[],"author_short":["Long Do, V.","Fillatre, L.","Nikiforov, I."],"bibdata":{"bibtype":"inproceedings","type":"inproceedings","author":[{"firstnames":["V."],"propositions":[],"lastnames":["Long Do"],"suffixes":[]},{"firstnames":["L."],"propositions":[],"lastnames":["Fillatre"],"suffixes":[]},{"firstnames":["I."],"propositions":[],"lastnames":["Nikiforov"],"suffixes":[]}],"booktitle":"2015 23rd European Signal Processing Conference (EUSIPCO)","title":"Sensitivity analysis of the sequential test for detecting cyber-physical attacks","year":"2015","pages":"2261-2265","abstract":"This paper deals with the problem of detecting cyber-physical attacks on Supervisory Control And Data Acquisition (SCADA) systems. The discrete-time state space model is used to describe the systems. The attacks are modeled as additive signals of short duration on both state evolution and sensor measurement equations. The steady-state Kalman filter is employed to generate the sequence of innovations. Next, these independent random variables are used as entries of the Variable Threshold Window Limited CUmulative SUM (VTWL CUSUM) test. It has been shown that the optimal choice of thresholds with respect to (w.r.t.) the transient change detection criterion leads to the Finite Moving Average (FMA) test. The main contribution of this paper is a sensitivity analysis of the FMA test. This analysis is based on a numerical calculation of the probabilities of wrong decision under the variation of operational parameters. Theoretical results are applied to the detection of an attack scenario on a SCADA water network.","keywords":"feature extraction;Kalman filters;moving average processes;SCADA systems;security of data;sensitivity analysis;state-space methods;sensitivity analysis;cyber-physical attack detection;supervisory control and data acquisition;SCADA system;discrete-time state space model;Kalman filter;variable threshold window limited cumulative sum;VTWL CUSUM test;transient change detection criterion;finite moving average;FMA;Transient analysis;Technological innovation;Kalman filters;SCADA systems;Steady-state;Signal processing algorithms;Europe;Transient change detection;Window Limited CUSUM test;FMA test;cyber-physical attacks;SCADA systems","doi":"10.1109/EUSIPCO.2015.7362787","issn":"2076-1465","month":"Aug","url":"https://www.eurasip.org/proceedings/eusipco/eusipco2015/papers/1570102655.pdf","bibtex":"@InProceedings{7362787,\n author = {V. {Long Do} and L. Fillatre and I. Nikiforov},\n booktitle = {2015 23rd European Signal Processing Conference (EUSIPCO)},\n title = {Sensitivity analysis of the sequential test for detecting cyber-physical attacks},\n year = {2015},\n pages = {2261-2265},\n abstract = {This paper deals with the problem of detecting cyber-physical attacks on Supervisory Control And Data Acquisition (SCADA) systems. The discrete-time state space model is used to describe the systems. The attacks are modeled as additive signals of short duration on both state evolution and sensor measurement equations. The steady-state Kalman filter is employed to generate the sequence of innovations. Next, these independent random variables are used as entries of the Variable Threshold Window Limited CUmulative SUM (VTWL CUSUM) test. It has been shown that the optimal choice of thresholds with respect to (w.r.t.) the transient change detection criterion leads to the Finite Moving Average (FMA) test. The main contribution of this paper is a sensitivity analysis of the FMA test. This analysis is based on a numerical calculation of the probabilities of wrong decision under the variation of operational parameters. Theoretical results are applied to the detection of an attack scenario on a SCADA water network.},\n keywords = {feature extraction;Kalman filters;moving average processes;SCADA systems;security of data;sensitivity analysis;state-space methods;sensitivity analysis;cyber-physical attack detection;supervisory control and data acquisition;SCADA system;discrete-time state space model;Kalman filter;variable threshold window limited cumulative sum;VTWL CUSUM test;transient change detection criterion;finite moving average;FMA;Transient analysis;Technological innovation;Kalman filters;SCADA systems;Steady-state;Signal processing algorithms;Europe;Transient change detection;Window Limited CUSUM test;FMA test;cyber-physical attacks;SCADA systems},\n doi = {10.1109/EUSIPCO.2015.7362787},\n issn = {2076-1465},\n month = {Aug},\n url = {https://www.eurasip.org/proceedings/eusipco/eusipco2015/papers/1570102655.pdf},\n}\n\n","author_short":["Long Do, V.","Fillatre, L.","Nikiforov, I."],"key":"7362787","id":"7362787","bibbaseid":"longdo-fillatre-nikiforov-sensitivityanalysisofthesequentialtestfordetectingcyberphysicalattacks-2015","role":"author","urls":{"Paper":"https://www.eurasip.org/proceedings/eusipco/eusipco2015/papers/1570102655.pdf"},"keyword":["feature extraction;Kalman filters;moving average processes;SCADA systems;security of data;sensitivity analysis;state-space methods;sensitivity analysis;cyber-physical attack detection;supervisory control and data acquisition;SCADA system;discrete-time state space model;Kalman filter;variable threshold window limited cumulative sum;VTWL CUSUM test;transient change detection criterion;finite moving average;FMA;Transient analysis;Technological innovation;Kalman filters;SCADA systems;Steady-state;Signal processing algorithms;Europe;Transient change detection;Window Limited CUSUM test;FMA test;cyber-physical attacks;SCADA systems"],"metadata":{"authorlinks":{}}},"bibtype":"inproceedings","biburl":"https://raw.githubusercontent.com/Roznn/EUSIPCO/main/eusipco2015url.bib","creationDate":"2021-02-13T17:31:52.546Z","downloads":0,"keywords":["feature extraction;kalman filters;moving average processes;scada systems;security of data;sensitivity analysis;state-space methods;sensitivity analysis;cyber-physical attack detection;supervisory control and data acquisition;scada system;discrete-time state space model;kalman filter;variable threshold window limited cumulative sum;vtwl cusum test;transient change detection criterion;finite moving average;fma;transient analysis;technological innovation;kalman filters;scada systems;steady-state;signal processing algorithms;europe;transient change detection;window limited cusum test;fma test;cyber-physical attacks;scada systems"],"search_terms":["sensitivity","analysis","sequential","test","detecting","cyber","physical","attacks","long do","fillatre","nikiforov"],"title":"Sensitivity analysis of the sequential test for detecting cyber-physical attacks","year":2015,"dataSources":["eov4vbT6mnAiTpKji","knrZsDjSNHWtA9WNT"]}