An Integrated Framework for Privacy-Preserving Based Anomaly Detection for Cyber-Physical Systems

Marwa Keshk, Elena Sitnikova, Nour Moustafa, Jiankun Hu, Ibrahim Khalil

Research output: Contribution to journalArticlepeer-review

84 Citations (Scopus)

Abstract

Protecting Cyber-physical Systems (CPSs) is highly important for preserving sensitive information and detecting cyber threats. Developing a robust privacy-preserving anomaly detection method requires physical and network data about the systems, such as Supervisory Control and Data Acquisition (SCADA), for protecting original data and recognising cyber-attacks. In this paper, a new privacy-preserving anomaly detection framework, so-called PPAD-CPS, is proposed for protecting confidential information and discovering malicious observations in power systems and their network traffic. The framework involves two main modules. First, a data pre-processing module is suggested for filtering and transforming original data into a new format that achieves the target of privacy preservation. Second, an anomaly detection module is suggested using a Gaussian Mixture Model (GMM) and Kalman Filter (KF) for precisely estimating the posterior probabilities of legitimate and anomalous events. The performance of the PPAD-CPS framework is assessed using two public datasets, namely the Power System and UNSW-NB15 dataset. The experimental results show that the framework is more effective than four recent techniques for obtaining high privacy levels. Moreover, the framework outperforms seven peer anomaly detection techniques in terms of detection rate, false positive rate, and computational time.

Original languageEnglish
Article number8673653
Pages (from-to)66-79
Number of pages14
JournalIEEE Transactions on Sustainable Computing
Volume6
Issue number1
DOIs
Publication statusPublished - Jan 2021
Externally publishedYes

Keywords

  • anomaly detection
  • CPS
  • cyber-attacks
  • Gaussian mixture
  • Kalman filter
  • power systems
  • Privacy preservation
  • SCADA

Fingerprint

Dive into the research topics of 'An Integrated Framework for Privacy-Preserving Based Anomaly Detection for Cyber-Physical Systems'. Together they form a unique fingerprint.

Cite this