Abstract
Anomaly detection is crucial to ensure the security of cyber-physical systems (CPS). However, due to the increasing complexity of CPSs and more sophisticated attacks, conventional anomaly detection methods, which face the growing volume of data and need domain-specific knowledge, cannot be directly applied to address these challenges. To this end, deep learning-based anomaly detection (DLAD) methods have been proposed. In this article, we review state-of-the-art DLAD methods in CPSs. We propose a taxonomy in terms of the type of anomalies, strategies, implementation, and evaluation metrics to understand the essential properties of current methods. Further, we utilize this taxonomy to identify and highlight new characteristics and designs in each CPS domain. Also, we discuss the limitations and open problems of these methods. Moreover, to give users insights into choosing proper DLAD methods in practice, we experimentally explore the characteristics of typical neural models, the workflow of DLAD methods, and the running performance of DL models. Finally, we discuss the deficiencies of DL approaches, our findings, and possible directions to improve DLAD methods and motivate future research.
- Sebastian Berg. 2020. NumPy. https://numpy.org/.Google Scholar
- Chuadhry Mujeeb Ahmed, Gauthama Raman M. R., and Aditya P. Mathur. 2020. Challenges in machine learning based approaches for real-time anomaly detection in industrial control systems. In Proceedings of the 6th ACM on Cyber-Physical System Security Workshop (Taipei, Taiwan) (CPSS ’20). Association for Computing Machinery, New York, NY, 23--29. DOI:https://doi.org/10.1145/3384941.3409588Google Scholar
- Salman Ahmed, Ya Xiao, Kevin Z. Snow, Gang Tan, Fabian Monrose, and Danfeng (Daphne) Yao. 2020. Methodologies for quantifying (re-)randomization security and timing under JIT-ROP. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’20). Association for Computing Machinery, New York, NY, 1803--1820. DOI:https://doi.org/10.1145/3372297.3417248Google ScholarDigital Library
- Luai Al Shalabi and Zyad Shaaban. 2006. Normalization as a preprocessing engine for data mining and the approach of preference matrix. In Proceedings of the International Conference on Dependability of Computer Systems. IEEE, 207--214.Google ScholarDigital Library
- Mario Almeida, Stefanos Laskaridis, Ilias Leontiadis, Stylianos I. Venieris, and Nicholas D. Lane. 2019. EmBench: Quantifying performance variations of deep neural networks across modern commodity devices. In Proceedings of the 3rd International Workshop on Deep Learning for Mobile Systems and Applications. 1--6.Google Scholar
- Kasun Amarasinghe and Milos Manic. 2018. Improving user trust on deep neural networks based intrusion detection systems. In Proceedings of the 44th Conference of the IEEE Industrial Electronics Society. IEEE, 3262--3268.Google ScholarCross Ref
- CNN. 2020. Car assembly line robot kills worker in Germany. Retrieved from: https://www.cnn.com/2015/07/02/europe/germany-volkswagen-robot-kills-worker/index.html.Google Scholar
- T. Athay, R. Podmore, and S. Virmani. 1979. A practical method for the direct analysis of transient stability. IEEE Trans. Pow. Apparat. Syst.2 (1979), 573--584.Google ScholarCross Ref
- Arian Bär, Alessandro Finamore, Pedro Casas, Lukasz Golab, and Marco Mellia. 2014. Large-scale network traffic monitoring with DBStream, a system for rolling big data analysis. In Proceedings of the IEEE International Conference on Big Data (Big Data’14). IEEE, 165--170.Google ScholarCross Ref
- Sagnik Basumallik, Rui Ma, and Sara Eftekharnejad. 2019. Packet-data anomaly detection in PMU-based state estimator using convolutional neural network. Int. J. Electric. Power Energy Syst. 107 (2019), 690--702.Google ScholarCross Ref
- Debby Bezzina and James Sayer. 2014. Safety pilot model deployment: Test conductor team report. Report No. DOT HS 812 (2014), 171.Google Scholar
- Karl Biron, Wael Bazzaza, Khalid Yaqoob, Amjad Gawanmeh, and Claude Fachkha. 2020. A big data fusion to profile CPS security threats against operational technology. In Proceedings of the IEEE 21st International Symposium on A World of Wireless, Mobile and Multimedia Networks (WoWMoM’20). IEEE, 397--402.Google ScholarCross Ref
- Andrea Borghesi, Andrea Bartolini, Michele Lombardi, Michela Milano, and Luca Benini. 2019. Anomaly detection using autoencoders in high performance computing systems. In Proceedings of the AAAI Conference on Artificial Intelligence, Vol. 33. 9428--9433.Google ScholarDigital Library
- Markus M. Breunig, Hans-Peter Kriegel, Raymond T. Ng, and Jörg Sander. 2000. LOF: Identifying density-based local outliers. In Proceedings of the ACM SIGMOD International Conference on Management of Data. 93--104.Google ScholarDigital Library
- Mikel Canizo, Isaac Triguero, Angel Conde, and Enrique Onieva. 2019. Multi-head CNN–RNN for multi-time series anomaly detection: An industrial case study. Neurocomputing 363 (2019), 246--260.Google ScholarDigital Library
- Z. Berkay Celik, Earlence Fernandes, Eric Pauley, Gang Tan, and Patrick McDaniel. 2019. Program analysis of commodity IoT applications for security and privacy: Challenges and opportunities. ACM Comput. Surv. 52, 4 (2019), 1--30.Google ScholarDigital Library
- Raghavendra Chalapathy and Sanjay Chawla. 2019. Deep learning for anomaly detection: A survey. arXiv preprint arXiv:1901.03407 (2019).Google Scholar
- Varun Chandola, Arindam Banerjee, and Vipin Kumar. 2009. Anomaly detection: A survey. ACM Comput. Surv. 41, 3 (2009), 15.Google ScholarDigital Library
- Long Cheng, Ke Tian, and Danfeng Yao. 2017. Orpheus: Enforcing cyber-physical execution semantics to defend against data-oriented attacks. In Proceedings of the 33rd Computer Security Applications Conference. 315--326.Google ScholarDigital Library
- Yulia Cherdantseva, Pete Burnap, Andrew Blyth, Peter Eden, Kevin Jones, Hugh Soulsby, and Kristan Stoddart. 2016. A review of cyber security risk assessment methods for SCADA systems. Comput. Secur. 56 (2016), 1--27.Google ScholarDigital Library
- Kyong-Tak Cho and Kang G. Shin. 2016. Fingerprinting electronic control units for vehicle intrusion detection. In Proceedings of the 25th USENIX Security Symposium (USENIX Security’16). 911--927.Google Scholar
- Alysha M. De Livera, Rob J. Hyndman, and Ralph D. Snyder. 2011. Forecasting time series with complex seasonal patterns using exponential smoothing. J. Amer. Statist. Assoc. 106, 496 (2011), 1513--1527.Google ScholarCross Ref
- Qingyu Deng and Jian Sun. 2018. False data injection attack detection in a power grid using RNN. In Proceedings of the 44th Conference of the IEEE Industrial Electronics Society. IEEE, 5983--5988.Google ScholarCross Ref
- Min Du, Feifei Li, Guineng Zheng, and Vivek Srikumar. 2017. DeepLog: Anomaly detection and diagnosis from system logs through deep learning. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 1285--1298.Google ScholarDigital Library
- Benedikt Eiteneuer, Nemanja Hranisavljevic, and Oliver Niggemann. 2019. Dimensionality reduction and anomaly detection for CPPS data using autoencoder. DOI:https://doi.org/10.1109/ICIT.2019.8755116Google Scholar
- Mellitus Ezeme, Akramul Azim, and Qusay H. Mahmoud. 2017. An imputation-based augmented anomaly detection from large traces of operating system events. In Proceedings of the 4th IEEE/ACM International Conference on Big Data Computing, Applications and Technologies. 43--52.Google Scholar
- Mellitus O. Ezeme, Qusay H. Mahmoud, and Akramul Azim. 2018. Hierarchical attention-based anomaly detection model for embedded operating systems. In Proceedings of the IEEE 24th International Conference on Embedded and Real-time Computing Systems and Applications (RTCSA’18). IEEE, 225--231.Google ScholarCross Ref
- Okwudili M. Ezeme, Michael Lescisin, Qusay H. Mahmoud, and Akramul Azim. 2019. DeepAnom: An ensemble deep framework for anomaly detection in system processes. In Proceedings of the Canadian Conference on Artificial Intelligence. Springer, 549--555.Google ScholarDigital Library
- Okwudili M. Ezeme, Qusay H. Mahmoud, and Akramul Azim. 2019. Dream: Deep recursive attentive model for anomaly detection in kernel events. IEEE Access 7 (2019), 18860--18870.Google ScholarCross Ref
- Cheng Fan, Fu Xiao, Yang Zhao, and Jiayuan Wang. 2018. Analytical investigation of autoencoder-based methods for unsupervised anomaly detection in building energy data. Appl. Energy 211 (2018), 1123--1135.Google ScholarCross Ref
- Cheng Feng, Tingting Li, and Deeph Chana. 2017. Multi-level anomaly detection in industrial control systems via package signatures and LSTM networks. In Proceedings of the 47th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’17). IEEE, 261--272.Google ScholarCross Ref
- P. Ferrari, S. Rinaldi, E. Sisinni, F. Colombo, F. Ghelfi, D. Maffei, and M. Malara. 2019. Performance evaluation of full-cloud and edge-cloud architectures for industrial IoT anomaly detection based on deep learning. In Proceedings of the Workshop on Metrology for Industry 4.0 and IoT (MetroInd4.0 & IoT’19). IEEE, 420--425.Google Scholar
- FireEye. 2020. A View into the Top 20 Cyber Attacks on ICS Networks | FireEye. Retrieved from: https://www.fireeye.com/solutions/industrial-systems-and-critical-infrastructure-security/wp-top-20-cyberattacks.html.Google Scholar
- Flightradar24. 2019. Live Flight Tracker - Real-Time Flight Tracker Map. Retrieved from: https://www.flightradar24.com/.Google Scholar
- Amin Ghafouri, Waseem Abbas, Aron Laszka, Yevgeniy Vorobeychik, and Xenofon Koutsoukos. 2016. Optimal thresholds for anomaly-based intrusion detection in dynamical environments. In Proceedings of the International Conference on Decision and Game Theory for Security. Springer, 415--434.Google ScholarDigital Library
- Jairo Giraldo, David Urbina, Alvaro Cardenas, Junia Valente, Mustafa Faisal, Justin Ruths, Nils Ole Tippenhauer, Henrik Sandberg, and Richard Candell. 2018. A survey of physics-based attack detection in cyber-physical systems. ACM Comput. Surv. 51, 4 (2018), 1--36.Google ScholarDigital Library
- Ioana Giurgiu and Anika Schumann. 2019. Additive explanations for anomalies detected from multivariate temporal data. In Proceedings of the 28th ACM International Conference on Information and Knowledge Management. 2245--2248.Google ScholarDigital Library
- Jonathan Goh, Sridhar Adepu, Khurum Nazir Junejo, and Aditya Mathur. 2016. A dataset to support research in the design of secure water treatment systems. In Proceedings of the International Conference on Critical Information Infrastructures Security. Springer, 88--99.Google Scholar
- Jonathan Goh, Sridhar Adepu, Marcus Tan, and Zi Shan Lee. 2017. Anomaly detection in cyber physical systems using recurrent neural networks. In Proceedings of the IEEE 18th International Symposium on High Assurance Systems Engineering (HASE’17). IEEE, 140--145.Google ScholarCross Ref
- Dong Gong, Lingqiao Liu, Vuong Le, Budhaditya Saha, Moussa Reda Mansour, Svetha Venkatesh, and Anton van den Hengel. 2019. Memorizing normality to detect anomaly: Memory-augmented deep autoencoder for unsupervised anomaly detection. In Proceedings of the IEEE International Conference on Computer Vision. 1705--1714.Google Scholar
- Lachlan Gunn, Peter Smet, Edward Arbon, and Mark D. McDonnell. 2018. Anomaly detection in satellite communications systems using LSTM networks. In Proceedings of the Military Communications and Information Systems Conference (MilCIS’18). IEEE, 1--6.Google Scholar
- Edan Habler and Asaf Shabtai. 2018. Using LSTM encoder-decoder algorithm for detecting anomalous ADS-B messages. Comput. Secur. 78 (2018), 155--173.Google ScholarCross Ref
- Waqas Haider, Jiankun Hu, Yi Xie, Xinghuo Yu, and Qianhong Wu. 2017. Detecting anomalous behavior in cloud servers by nested arc hidden SEMI-Markov model with state summarization. IEEE Trans. Big Data 5, 3 (2017).Google Scholar
- Y. He, G. Meng, K. Chen, X. Hu, and J. He. 2020. Towards security threats of deep learning systems: A survey. IEEE Trans. Softw. Eng. (Nov. 2020). DOI:https://doi.org/10.1109/TSE.2020.3034721Google Scholar
- Ryan Heartfield, George Loukas, Sanja Budimir, Anatolij Bezemskij, Johnny R. J. Fontaine, Avgoustinos Filippoupolitis, and Etienne Roesch. 2018. A taxonomy of cyber-physical threats and impact in the smart home. Comput. Secur. 78 (2018), 398--428.Google ScholarCross Ref
- Yi Huang, Mohammad Esmalifalak, Huy Nguyen, Rong Zheng, Zhu Han, Husheng Li, and Lingyang Song. 2013. Bad data injection in smart grid: Attack and defense mechanisms. IEEE Commun. Mag. 51, 1 (2013), 27--33.Google ScholarCross Ref
- Kyle Hundman, Valentino Constantinou, Christopher Laporte, Ian Colwell, and Tom Soderstrom. 2018. Detecting spacecraft anomalies using LSTMs and nonparametric dynamic thresholding. In Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. ACM, 387--395.Google ScholarDigital Library
- Jun Inoue, Yoriyuki Yamagata, Yuqi Chen, Christopher M. Poskitt, and Jun Sun. 2017. Anomaly detection for a water treatment system using unsupervised machine learning. In Proceedings of the IEEE International Conference on Data Mining Workshops (ICDMW’17). IEEE, 1058--1065.Google ScholarCross Ref
- Aya Abdelsalam Ismail, Mohamed Gunady, Hector Corrada Bravo, and Soheil Feizi. 2020. Benchmarking deep learning interpretability in time series predictions. Adv. Neural Inf. Proc. Syst. 33 (2020).Google Scholar
- iTrust Labs. 2019. iTrust Labs_Dataset Info. Retrieved from: https://itrust.sutd.edu.sg/itrust_labs_datasets/dataset_info/#swat.Google Scholar
- Camil Jichici, Bogdan Groza, and Pal-Stefan Murvay. 2018. Examining the use of neural networks for intrusion detection in controller area networks. In Proceedings of the International Conference on Security for Information Technology and Communications. Springer, 109--125.Google Scholar
- Kaspersky. 2019. Threat landscape for industrial automation systems, H1 2019. Retrieved from: https://ics-cert.kaspersky.com/reports/2019/09/30/threat-landscape-for-industrial-automation-systems-h1-2019/.Google Scholar
- Haider Adnan Khan, Nader Sehatbakhsh, Luong N. Nguyen, Milos Prvulovic, and Alenka Zajić. 2019. Malware detection in embedded systems using neural network model for electromagnetic side-channel signals. J. Hardw. Syst. Secur. 3, 4 (2019), 305--318.Google ScholarCross Ref
- Eshaan Khanapuri, Tarun Chintalapati, Rajnikant Sharma, and Ryan Gerdes. 2019. Learning-based adversarial agent detection and identification in cyber physical systems applied to autonomous vehicular platoon. In Proceedings of the IEEE/ACM 5th International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS’19). IEEE, 39--45.Google ScholarDigital Library
- Tung Kieu, Bin Yang, and Christian S. Jensen. 2018. Outlier detection for multidimensional time series using deep neural networks. In Proceedings of the 19th IEEE International Conference on Mobile Data Management (MDM’18). IEEE, 125--134.Google Scholar
- Diederik P. Kingma and Max Welling. 2013. Auto-encoding variational bayes. arXiv preprint arXiv:1312.6114 (2013).Google Scholar
- Oliver Kosut, Liyan Jia, Robert J. Thomas, and Lang Tong. 2011. Malicious data attacks on the smart grid. IEEE Trans. Smart Grid 2, 4 (2011), 645--658.Google ScholarCross Ref
- Moshe Kravchik and Asaf Shabtai. 2018. Detecting cyber attacks in industrial control systems using convolutional neural networks. In Proceedings of the Workshop on Cyber-physical Systems Security and PrivaCy. ACM, 72--83.Google ScholarDigital Library
- Adrien Legrand, Brad Niepceron, Alain Cournier, and Harold Trannois. 2018. Study of autoencoder neural networks for anomaly detection in connected buildings. In Proceedings of the IEEE Global Conference on Internet of Things (GCIoT’18). IEEE, 1--5.Google ScholarCross Ref
- Dan Li, Dacheng Chen, Baihong Jin, Lei Shi, Jonathan Goh, and See-Kiong Ng. 2019. MAD-GAN: Multivariate anomaly detection for time series data with generative adversarial networks. In Proceedings of the International Conference on Artificial Neural Networks. Springer, 703--716.Google ScholarDigital Library
- Yidong Li, Li Zhang, Zhuo Lv, and Wei Wang. 2021. Detecting anomalies in intelligent vehicle charging and station power supply systems with multi-head attention models. IEEE Trans. Intell. Transport. Syst. 22, 1 (2021), 555--564.Google ScholarDigital Library
- Zhe Li, Jingyue Li, Yi Wang, and Kesheng Wang. 2019. A deep learning approach for anomaly detection based on SAE and LSTM in mechanical equipment. Int. J. Adv. Manuf. Technol. 103, 1 (2019), 499--510.Google ScholarCross Ref
- Benjamin Lindemann, Fabian Fesenmayr, Nasser Jazdi, and Michael Weyrich. 2019. Anomaly detection in discrete manufacturing using self-learning approaches. Procedia CIRP 79 (2019), 313--318.Google ScholarCross Ref
- Yao Liu, Peng Ning, and Michael K. Reiter. 2011. False data injection attacks against state estimation in electric power grids. ACM Trans. Inf. Syst. Secur. 14, 1 (2011), 13.Google ScholarDigital Library
- Yuriy Zacchia Lun, Alessandro D’Innocenzo, Francesco Smarra, Ivano Malavolta, and Maria Domenica Di Benedetto. 2019. State of the art of cyber-physical systems security: An automatic control perspective. J. Syst. Softw. 149 (2019), 174--216.Google ScholarCross Ref
- Larry M. Manevitz and Malik Yousef. 2001. One-class SVMs for document classification. J. Mach. Learn. Res. 2, Dec. (2001), 139--154.Google Scholar
- Aditya P. Mathur and Nils Ole Tippenhauer. 2016. SWaT: A water treatment testbed for research and training on ICS security. In Proceedings of the International Workshop on Cyber-physical Systems for Smart Water Networks (CySWater’16). IEEE, 31--36.Google Scholar
- MATPOWER. 2019. Open-source tools for electric power system simulation and optimization. Retrieved from: https://matpower.org/.Google Scholar
- Dongyu Meng and Hao Chen. 2017. Magnet: A two-pronged defense against adversarial examples. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 135--147.Google ScholarDigital Library
- Robert Mitchell and Ing-Ray Chen. 2014. A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surv. 46, 4 (2014), 1--29.Google ScholarDigital Library
- Yilin Mo and Bruno Sinopoli. 2010. False data injection attacks in control systems. In Preprints of the 1st Workshop on Secure Control Systems. 1--6.Google Scholar
- Yilin Mo and Bruno Sinopoli. 2012. Integrity attacks on cyber-physical systems. In Proceedings of the 1st International Conference on High Confidence Networked Systems. 47--54.Google ScholarDigital Library
- Mehdi Mohammadi, Ala Al-Fuqaha, Sameh Sorour, and Mohsen Guizani. 2018. Deep learning for IoT big data and streaming analytics: A survey. IEEE Commun. Surv. Tutor. 20, 4 (2018), 2923--2960.Google ScholarDigital Library
- Khosrow Moslehi and Ranjit Kumar. 2010. A reliability perspective of the smart grid. IEEE Trans. Smart Grid 1, 1 (2010), 57--64.Google ScholarCross Ref
- Anvardh Nanduri and Lance Sherry. 2016. Anomaly detection in aircraft data using recurrent neural networks (RNN). In Proceedings of the Integrated Communications Navigation and Surveillance (ICNS’16). IEEE, 5C2--1.Google ScholarCross Ref
- Sandeep Nair Narayanan, Anupam Joshi, and Ranjan Bose. 2020. ABATe: Automatic behavioral abstraction technique to detect anomalies in smartcyber-physical systems. IEEE Trans. Depend. Sec. Comput. (2020). DOI:10.1109/TDSC.2020.3034331Google Scholar
- Sajid Nazir, Shushma Patel, and Dilip Patel. 2017. Assessing and augmenting SCADA cyber security: A survey of techniques. Comput. Secur. 70 (2017), 436--454.Google ScholarCross Ref
- Xiangyu Niu, Jiangnan Li, Jinyuan Sun, and Kevin Tomsovic. 2019. Dynamic detection of false data injection attack in smart grid using deep learning. In Proceedings of the IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT’19). IEEE, 1--6.Google ScholarCross Ref
- Daehyung Park, Yuuna Hoshi, and Charles C. Kemp. 2018. A multimodal anomaly detector for robot-assisted feeding using an LSTM-based variational autoencoder. IEEE Robot. Automat. Lett. 3, 3 (2018), 1544--1551.Google ScholarCross Ref
- Neehar Peri, Pirazh Khorramshahi, Sai Saketh Rambhatla, Vineet Shenoy, Saumya Rawat, Jun-Cheng Chen, and Rama Chellappa. 2020. Towards real-time systems for vehicle re-identification, multi-camera tracking, and anomaly detection. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops. 622--623.Google ScholarCross Ref
- Eric Ras, Fridolin Wild, Christoph Stahl, and Alexandre Baudet. 2017. Bridging the skills gap of workers in Industry 4.0 by human performance augmentation tools: Challenges and roadmap. In Proceedings of the 10th International Conference on PErvasive Technologies Related to Assistive Environments. 428--432.Google ScholarDigital Library
- Orbis Research. 2020. Global Cyber Physical System Market 2020 by Company, Regions, Type and Application, Forecast to 2025 | Orbis Research. Retrieved from: https://www.orbisresearch.com/reports/index/global-cyber-physical-system-market-2020-by-company-regions-type-and-application-forecast-to-2025.Google Scholar
- Danilo Jimenez Rezende and Shakir Mohamed. 2015. Variational inference with normalizing flows. arXiv preprint arXiv:1505.05770 (2015).Google Scholar
- Michele Russo, Maxime Labonne, Alexis Olivereau, and Mohammad Rmayti. 2018. Anomaly detection in vehicle-to-infrastructure communications. In Proceedings of the IEEE 87th Vehicular Technology Conference (VTC Spring’18). IEEE, 1--6.Google ScholarCross Ref
- Ahmed Salem, Apratim Bhattacharya, Michael Backes, Mario Fritz, and Yang Zhang. 2020. Updates-leak: Data set inference and reconstruction attacks in online learning. In Proceedings of the 29th USENIX Security Symposium (USENIX Security’20). 1291--1308.Google Scholar
- Mahmoud Salem, Mark Crowley, and Sebastian Fischmeister. 2016. Anomaly detection using inter-arrival curves for real-time systems. In Proceedings of the 28th Euromicro Conference on Real-Time Systems (ECRTS’16). IEEE, 97--106.Google ScholarCross Ref
- Jürgen Schmidhuber. 2015. Deep learning in neural networks: An overview. Neural Netw. 61 (2015), 85--117.Google ScholarDigital Library
- Peter Schneider and Konstantin Böttinger. 2018. High-performance unsupervised anomaly detection for cyber-physical system networks. In Proceedings of the Workshop on Cyber-physical Systems Security and PrivaCy. ACM, 1--12.Google ScholarDigital Library
- Xiaokui Shu, Danfeng Yao, and Naren Ramakrishnan. 2015. Unearthing stealthy program attacks buried in extremely long execution paths. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 401--413.Google ScholarDigital Library
- Alban Siffer, Pierre-Alain Fouque, Alexandre Termier, and Christine Largouet. 2017. Anomaly detection in streams with extreme value theory. In Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 1067--1075.Google ScholarDigital Library
- Prabhu Teja Sivaprasad, Florian Mai, Thijs Vogels, Martin Jaggi, and Francois Fleuret. 2020. Optimizer benchmarking needs to account for hyperparameter tuning. In Proceedings of the International Conference on Machine Learning. PMLR, 9036--9045.Google Scholar
- Ya Su, Youjian Zhao, Chenhao Niu, Rong Liu, Wei Sun, and Dan Pei. 2019. Robust anomaly detection for multivariate time series through stochastic recurrent neural network. In Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. ACM, 2828--2837.Google ScholarDigital Library
- Shahroz Tariq, Sangyup Lee, Youjin Shin, Myeong Shin Lee, Okchul Jung, Daewon Chung, and Simon S. Woo. 2019. Detecting anomalies in space using multivariate convolutional LSTM with mixtures of probabilistic PCA. In Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. ACM, 2123--2133.Google Scholar
- Norman L. Tasfi, Wilson A. Higashino, Katarina Grolinger, and Miriam A. M. Capretz. 2017. Deep neural networks with confidence sampling for electrical anomaly detection. In Proceedings of the IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). IEEE, 1038--1045.Google Scholar
- Adrian Taylor, Sylvain Leblanc, and Nathalie Japkowicz. 2016. Anomaly detection in automobile control network data with long short-term memory networks. In Proceedings of the IEEE International Conference on Data Science and Advanced Analytics (DSAA’16). IEEE, 130--139.Google ScholarCross Ref
- Keras Team. 2019. Keras documentation: About Keras. Retrieved from https://keras.io/about/.Google Scholar
- Franco van Wyk, Yiyang Wang, Anahita Khojandi, and Neda Masoud. 2019. Real-time sensor anomaly detection and identification in automated vehicles. IEEE Trans. Intell. Transport. Syst. 21, 3 (2019), 1264--1276.Google ScholarCross Ref
- Eric Veith, Lars Fischer, Martin Tröschel, and Astrid Nieße. 2019. Analyzing cyber-physical systems from the perspective of artificial intelligence. arXiv preprint arXiv:1908.11779 (2019).Google Scholar
- Bolun Wang, Yuanshun Yao, Bimal Viswanath, Haitao Zheng, and Ben Y. Zhao. 2018. With great training comes great vulnerability: Practical attacks against transfer learning. In Proceedings of the 27th USENIX Security Symposium (USENIXSecurity’18). 1281--1297.Google Scholar
- Huaizhi Wang, Jiaqi Ruan, Zhengwei Ma, Bin Zhou, Xueqian Fu, and Guangzhong Cao. 2019. Deep learning aided interval state prediction for improving cyber security in energy internet. Energy 174 (2019), 1292--1304.Google ScholarCross Ref
- Jingyu Wang, Dongyuan Shi, Yinhong Li, Jinfu Chen, Hongfa Ding, and Xianzhong Duan. 2018. Distributed framework for detecting PMU data manipulation attacks with deep autoencoders. IEEE Trans. Smart Grid 10, 4 (2018), 4401--4410.Google ScholarCross Ref
- Wenye Wang and Zhuo Lu. 2013. Cyber security in the smart grid: Survey and challenges. Comput. Netw. 57, 5 (2013), 1344--1371.Google ScholarCross Ref
- Xiaofei Wang, Yiwen Han, Chenyang Wang, Qiyang Zhao, Xu Chen, and Min Chen. 2019. In-edge AI: Intelligentizing mobile edge computing, caching and communication by federated learning. IEEE Netw. 33, 5 (2019), 156--165.Google ScholarDigital Library
- Yawei Wang, Donghui Chen, Cheng Zhang, Xi Chen, Baogui Huang, and Xiuzhen Cheng. 2019. Wide and recurrent neural networks for detection of false data injection in smart grids. In Proceedings of the International Conference on Wireless Algorithms, Systems, and Applications. Springer, 335--345.Google ScholarCross Ref
- Wikipedia. 2020. December 2015 Ukraine power grid cyberattack. Retrieved from: https://en.wikipedia.org/w/index.php?title=December_2015_Ukraine_power_grid_cyberattack&oldid=920905638.Google Scholar
- Wikipedia. 2020. List of self-driving car fatalities. Retrieved from: https://en.wikipedia.org/w/index.php?title=List_of_self-driving_car_fatalities&oldid=928100815.Google Scholar
- Wikipedia. 2020. Stuxnet. Retrieved from: https://en.wikipedia.org/w/index.php?title=Stuxnet&oldid=939556423.Google Scholar
- Zhenyu Wu, Yang Guo, Wenfang Lin, Shuyang Yu, and Yang Ji. 2018. A weighted deep representation learning model for imbalanced fault diagnosis in cyber-physical systems. Sensors 18, 4 (2018), 1096.Google ScholarCross Ref
- Yu-jun Xiao, Wen-yuan Xu, Zhen-hua Jia, Zhuo-ran Ma, and Dong-lian Qi. 2017. NIPAD: A non-invasive power-based anomaly detection scheme for programmable logic controllers. Front. Inf. Technol. Electron. Eng. 18, 4 (2017), 519--534.Google ScholarCross Ref
- Le Xie, Yilin Mo, and Bruno Sinopoli. 2010. False data injection attacks in electricity markets. In Proceedings of the 1st IEEE International Conference on Smart Grid Communications. IEEE, 226--231.Google ScholarCross Ref
- Guowen Xu, Hongwei Li, Hao Ren, Kan Yang, and Robert H. Deng. 2019. Data security issues in deep learning: Attacks, countermeasures, and opportunities. IEEE Commun. Mag. 57, 11 (2019), 116--122.Google ScholarDigital Library
- Kui Xu, Ke Tian, Danfeng Yao, and Barbara G. Ryder. 2016. A sharper sense of self: Probabilistic reasoning of program behaviors for anomaly detection with context sensitivity. In Proceedings of the 46th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’16). IEEE, 467--478.Google Scholar
- Danfeng Yao, Xiaokui Shu, Long Cheng, and Salvatore J. Stolfo. 2017. Anomaly detection as a service: Challenges, advances, and opportunities. Synth. Lect. Inf. Secur., Priv., Trust 9, 3 (2017), 1--173.Google ScholarCross Ref
- Houssam Zenati, Chuan Sheng Foo, Bruno Lecouat, Gaurav Manek, and Vijay Ramaseshan Chandrasekhar. 2018. Efficient GAN-based anomaly detection. arXiv preprint arXiv:1802.06222 (2018).Google Scholar
- Chuxu Zhang, Dongjin Song, Yuncong Chen, Xinyang Feng, Cristian Lumezanu, Wei Cheng, Jingchao Ni, Bo Zong, Haifeng Chen, and Nitesh V. Chawla. 2019. A deep neural network for unsupervised anomaly detection and diagnosis in multivariate time series data. In Proceedings of the AAAI Conference on Artificial Intelligence. 1409--1416.Google Scholar
- Hao Zhang, Danfeng Daphne Yao, Naren Ramakrishnan, and Zhibin Zhang. 2016. Causality reasoning about network events for detecting stealthy malware activities. Comput. Secur. 58 (2016), 180--198.Google ScholarDigital Library
- Mu Zhang, Chien-Ying Chen, Bin-Chou Kao, Yassine Qamsane, Yuru Shao, Yikai Lin, Elaine Shi, Sibin Mohan, Kira Barton, James Moyne et al. 2019. Towards automated safety vetting of PLC code in real-world plants. In Proceedings of the IEEE Symposium on Security and Privacy (SP’19). IEEE, 522--538.Google ScholarCross Ref
- Xinyang Zhang, Ningfei Wang, Hua Shen, Shouling Ji, Xiapu Luo, and Ting Wang. 2020. Interpretable deep learning under fire. In Proceedings of the 29th USENIX Security Symposium (USENIX Security’20).Google ScholarDigital Library
- Y. Zhang, V. V. G. Krishnan, J. Pi, K. Kaur, A. Srivastava, A. Hahn, and S. Suresh. 2019. Cyber physical security analytics for transactive energy systems. IEEE Trans. Smart Grid 11, 2 (2019), 931--941.Google ScholarCross Ref
- Konglin Zhu, Zhicheng Chen, Yuyang Peng, and Lin Zhang. 2019. Mobile edge assisted literal multi-dimensional anomaly detection of in-vehicle network using LSTM. IEEE Trans.Vehic. Technol. 68, 5 (2019), 4275--4284.Google ScholarCross Ref
- Zahra Zohrevand, Uwe Glässer, Mohammad A. Tayebi, Hamed Yaghoubi Shahir, Mehdi Shirmaleki, and Amir Yaghoubi Shahir. 2017. Deep learning based forecasting of critical infrastructure data. In Proceedings of the ACM on Conference on Information and Knowledge Management. ACM, 1129--1138.Google ScholarDigital Library
- Bo Zong, Qi Song, Martin Renqiang Min, Wei Cheng, Cristian Lumezanu, Daeki Cho, and Haifeng Chen. 2018. Deep autoencoding Gaussian mixture model for unsupervised anomaly detection. In Proceedings of the 6th International Conference on Learning Representations (ICLR'18).Google Scholar
Index Terms
- Deep Learning-based Anomaly Detection in Cyber-physical Systems: Progress and Opportunities
Recommendations
Time Series Anomaly Detection for Cyber-physical Systems via Neural System Identification and Bayesian Filtering
KDD '21: Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data MiningRecent advances in AIoT technologies have led to an increasing popularity of utilizing machine learning algorithms to detect operational failures for cyber-physical systems (CPS). In its basic form, an anomaly detection module monitors the sensor ...
Deep Learning for Anomaly Detection: Challenges, Methods, and Opportunities
WSDM '21: Proceedings of the 14th ACM International Conference on Web Search and Data MiningIn this tutorial we aim to present a comprehensive survey of the advances in deep learning techniques specifically designed for anomaly detection (deep anomaly detection for short). Deep learning has gained tremendous success in transforming many data ...
Deep Learning for Anomaly Detection
WSDM '20: Proceedings of the 13th International Conference on Web Search and Data MiningAnomaly detection has been widely studied and used in diverse applications. Building an effective anomaly detection system requires the researchers/developers to learn the complex structure from noisy data, identify the dynamic anomaly patterns and ...
Comments