{"title":"基于有限自动机的多重攻击异常检测与异常定位模型","authors":"Y. Ikeda, K. Sawada","doi":"10.1109/ICCE53296.2022.9730574","DOIUrl":null,"url":null,"abstract":"In control systems, the operation of the system after an incident occurs is important. This paper proposes to design a whitelist model that can detect anomalies and identify locations of anomalous actuators using finite automata during multiple actuators attack. By applying this model and comparing the whitelist model with the operation data, the monitoring system detects anomalies and identifies anomaly locations of actuator that deviate from normal operation. We propose to construct a whitelist model focusing on the order of the control system operation using binary search trees, which can grasp the state of the system when anomalies occur. We also apply combinatorial compression based on BDD (Binary Decision Diagram) to the model to speed up querying and identification of abnormalities. Based on the model designed in this study, we aim to construct a secured control system that selects and executes an appropriate fallback operation based on the state of the system when anomaly is detected.","PeriodicalId":350644,"journal":{"name":"2022 IEEE International Conference on Consumer Electronics (ICCE)","volume":"91 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Anomaly Detection and Anomaly Location Model for Multiple Attacks Using Finite Automata\",\"authors\":\"Y. Ikeda, K. Sawada\",\"doi\":\"10.1109/ICCE53296.2022.9730574\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In control systems, the operation of the system after an incident occurs is important. This paper proposes to design a whitelist model that can detect anomalies and identify locations of anomalous actuators using finite automata during multiple actuators attack. By applying this model and comparing the whitelist model with the operation data, the monitoring system detects anomalies and identifies anomaly locations of actuator that deviate from normal operation. We propose to construct a whitelist model focusing on the order of the control system operation using binary search trees, which can grasp the state of the system when anomalies occur. We also apply combinatorial compression based on BDD (Binary Decision Diagram) to the model to speed up querying and identification of abnormalities. Based on the model designed in this study, we aim to construct a secured control system that selects and executes an appropriate fallback operation based on the state of the system when anomaly is detected.\",\"PeriodicalId\":350644,\"journal\":{\"name\":\"2022 IEEE International Conference on Consumer Electronics (ICCE)\",\"volume\":\"91 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-01-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE International Conference on Consumer Electronics (ICCE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCE53296.2022.9730574\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE International Conference on Consumer Electronics (ICCE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCE53296.2022.9730574","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Anomaly Detection and Anomaly Location Model for Multiple Attacks Using Finite Automata
In control systems, the operation of the system after an incident occurs is important. This paper proposes to design a whitelist model that can detect anomalies and identify locations of anomalous actuators using finite automata during multiple actuators attack. By applying this model and comparing the whitelist model with the operation data, the monitoring system detects anomalies and identifies anomaly locations of actuator that deviate from normal operation. We propose to construct a whitelist model focusing on the order of the control system operation using binary search trees, which can grasp the state of the system when anomalies occur. We also apply combinatorial compression based on BDD (Binary Decision Diagram) to the model to speed up querying and identification of abnormalities. Based on the model designed in this study, we aim to construct a secured control system that selects and executes an appropriate fallback operation based on the state of the system when anomaly is detected.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
