Affiliation:
1. Simula Research Laboratory, Norway and University of Oslo, Norway
2. Simula Research Laboratory, Norway
Abstract
Anomaly detection is critical to ensure the security of
cyber-physical systems (CPS)
. However, due to the increasing complexity of attacks and CPS themselves, anomaly detection in CPS is becoming more and more challenging. In our previous work, we proposed a digital twin-based anomaly detection method, called ATTAIN, which takes advantage of both historical and real-time data of CPS. However, such data vary significantly in terms of difficulty. Therefore, similar to human learning processes, deep learning models (e.g., ATTAIN) can benefit from an easy-to-difficult curriculum. To this end, in this paper, we present a novel approach, named
digitaL twin-based Anomaly deTecTion wIth Curriculum lEarning (
LATTICE
)
, which extends ATTAIN by introducing curriculum learning to optimize its learning paradigm.
LATTICE
attributes each sample with a difficulty score, before being fed into a training scheduler. The training scheduler samples batches of training data based on these difficulty scores such that learning from easy to difficult data can be performed. To evaluate LATTICE, we use five publicly available datasets collected from five real-world CPS testbeds. We compare
LATTICE
with ATTAIN and two other state-of-the-art anomaly detectors. Evaluation results show that
LATTICE
outperforms the three baselines and ATTAIN by 0.906%-2.367% in terms of the F1 score.
LATTICE
also, on average, reduces the training time of ATTAIN by 4.2% on the five datasets and is on par with the baselines in terms of detection delay time.
Funder
Research Council of Norway
Norwegian Ministry of Education and Research
European Commission
Publisher
Association for Computing Machinery (ACM)
Cited by
5 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Anomaly diagnosis of connected autonomous vehicles: A survey;Information Fusion;2024-05
2. KDDT: Knowledge Distillation-Empowered Digital Twin for Anomaly Detection;Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering;2023-11-30
3. Security through Digital Twin-Based Intrusion Detection: A SWaT Dataset Analysis;2023 16th International Conference on Information Security and Cryptology (ISCTürkiye);2023-10-18
4. A Model-Driven Platform for Engineering Holistic Digital Twins;2023 ACM/IEEE International Conference on Model Driven Engineering Languages and Systems Companion (MODELS-C);2023-10-01
5. Evolve the Model Universe of a System Universe;2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE);2023-09-11