Affiliation:
1. San Mateo, CA
2. United Technologies Research Center, East Hartford, CT
Abstract
Anomalies in cyber-physical systems may arise due to malicious cyber attacks or operational faults in the physical devices. Accurately detecting the anomalies and isolating their root-causes is important for identifying appropriate reactive and preventive measures and building resilient cyber-physical systems. Anomaly detection and isolation in cyber-physical systems is challenging, because the impact of a cyber attack on the operation of a physical system may manifest itself only after some time. In this paper, we present a Bayesian network approach for learning the causal relations between cyber and physical variables as well as their temporal correlations from unlabeled data. We describe the data transformations that we performed to deal with the heterogeneous characteristics of the cyber and physical data, so that the integrated dataset can be used to learn the Bayesian network structure and parameters. We then present scalable algorithms to detect different anomalies and isolate their respective root-cause using a Bayesian network. We also present results from evaluating our algorithms on an unlabeled dataset consisting of anomalies due to cyber attacks and physical faults in a commercial building system.
Publisher
American Society of Mechanical Engineers
Cited by
9 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献