EA-GAT: Event aware graph attention network on cyber-physical systems

IF 8.2 1区 计算机科学 Q1 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS
Mehmet Yavuz Yağci, Muhammed Ali Aydin
{"title":"EA-GAT: Event aware graph attention network on cyber-physical systems","authors":"Mehmet Yavuz Yağci,&nbsp;Muhammed Ali Aydin","doi":"10.1016/j.compind.2024.104097","DOIUrl":null,"url":null,"abstract":"<div><p>Anomaly detection with high accuracy, recall, and low error rate is critical for the safe and uninterrupted operation of cyber-physical systems. However, detecting anomalies in multimodal time series with different modalities obtained from cyber-physical systems is challenging. Although deep learning methods show very good results in anomaly detection, they fail to detect anomalies according to the requirements of cyber-physical systems. In the use of graph-based methods, data loss occurs during the conversion of time series into graphs. The fixed window size used to transform time series into graphs causes a loss of spatio-temporal correlations. In this study, we propose an Event Aware Graph Attention Network (EA-GAT), which can detect anomalies by event-based cyber-physical system analysis. EA-GAT detects and tracks the sensors in cyber-physical systems and the correlations between them. The system analyzes and models the relationship between the components during the marked periods as a graph. Anomalies in the system are found through the created graph models. Experiments show that the EA-GAT technique is more effective than other deep learning methods on SWaT, WADI, MSL datasets used in various studies. The event-based dynamic approach is significantly superior to the fixed-size sliding window technique, which uses the same learning structure. In addition, anomaly analysis is used to identify the attack target and the affected components. At the same time, with the slip subsequence module, the data is divided into subgroups and processed simultaneously.</p></div>","PeriodicalId":55219,"journal":{"name":"Computers in Industry","volume":"159 ","pages":"Article 104097"},"PeriodicalIF":8.2000,"publicationDate":"2024-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers in Industry","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0166361524000253","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}
引用次数: 0

Abstract

Anomaly detection with high accuracy, recall, and low error rate is critical for the safe and uninterrupted operation of cyber-physical systems. However, detecting anomalies in multimodal time series with different modalities obtained from cyber-physical systems is challenging. Although deep learning methods show very good results in anomaly detection, they fail to detect anomalies according to the requirements of cyber-physical systems. In the use of graph-based methods, data loss occurs during the conversion of time series into graphs. The fixed window size used to transform time series into graphs causes a loss of spatio-temporal correlations. In this study, we propose an Event Aware Graph Attention Network (EA-GAT), which can detect anomalies by event-based cyber-physical system analysis. EA-GAT detects and tracks the sensors in cyber-physical systems and the correlations between them. The system analyzes and models the relationship between the components during the marked periods as a graph. Anomalies in the system are found through the created graph models. Experiments show that the EA-GAT technique is more effective than other deep learning methods on SWaT, WADI, MSL datasets used in various studies. The event-based dynamic approach is significantly superior to the fixed-size sliding window technique, which uses the same learning structure. In addition, anomaly analysis is used to identify the attack target and the affected components. At the same time, with the slip subsequence module, the data is divided into subgroups and processed simultaneously.

EA-GAT:网络物理系统中的事件感知图关注网络
高准确率、高召回率和低错误率的异常检测对于网络物理系统的安全和不间断运行至关重要。然而,从网络物理系统中获取的不同模态的多模态时间序列中检测异常是一项挑战。虽然深度学习方法在异常检测方面取得了很好的效果,但它们无法按照网络物理系统的要求检测异常。在使用基于图形的方法时,在将时间序列转换为图形的过程中会出现数据丢失。用于将时间序列转换为图形的固定窗口大小会造成时空相关性的丢失。在本研究中,我们提出了一种事件感知图注意网络(EA-GAT),它可以通过基于事件的网络物理系统分析来检测异常。EA-GAT 可检测和跟踪网络物理系统中的传感器以及它们之间的关联。该系统以图表的形式分析和模拟标记期间各组件之间的关系。通过创建的图形模型,可以发现系统中的异常情况。实验表明,在各种研究中使用的 SWaT、WADI 和 MSL 数据集上,EA-GAT 技术比其他深度学习方法更有效。基于事件的动态方法明显优于使用相同学习结构的固定大小滑动窗口技术。此外,异常分析还可用于识别攻击目标和受影响的组件。同时,利用滑动子序列模块,将数据分成子组并同时进行处理。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Computers in Industry
Computers in Industry 工程技术-计算机:跨学科应用
CiteScore
18.90
自引率
8.00%
发文量
152
审稿时长
22 days
期刊介绍: The objective of Computers in Industry is to present original, high-quality, application-oriented research papers that: • Illuminate emerging trends and possibilities in the utilization of Information and Communication Technology in industry; • Establish connections or integrations across various technology domains within the expansive realm of computer applications for industry; • Foster connections or integrations across diverse application areas of ICT in industry.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信