Domain-Based Fuzzing for Supervised Learning of Anomaly Detection in Cyber-Physical Systems

Herman Wijaya, Maurício Aniche, Aditya Mathur

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

29 Downloads (Pure)

Abstract

A novel approach is proposed for constructing models of anomaly detectors using supervised learning from the traces of normal and abnormal operations of an Industrial Control System (ICS). Such detectors are of value in detecting process anomalies in complex critical infrastructure such as power generation and water treatment systems. The traces are obtained by systematically “fuzzing”, i.e., manipulating the sensor readings and actuator actions in accordance with the boundaries/partitions that define the system's state. The proposed approach is tested in a Secure Water Treatment (SWaT) testbed – a replica of a real-world water purification plant, located at the Singapore University of Technology and Design. Multiple supervised classifiers are trained using the traces obtained from SWaT. The efficacy of the proposed approach is demonstrated through empirical evaluation of the supervised classifiers under various performance metrics. Lastly, it is shown that the supervised approach results in significantly lower false positive rates as compared to the unsupervised ones.
Original languageEnglish
Title of host publicationEEE/ACM 42nd International Conference on Software Engineering Workshops
Subtitle of host publicationThe 1st International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS)
ISBN (Electronic)978-1-4503-7963-2
DOIs
Publication statusAccepted/In press - 2020

Keywords

  • fuzzing
  • domain testing
  • security
  • cyber physical systems
  • supervised learning
  • anomaly detection

Fingerprint Dive into the research topics of 'Domain-Based Fuzzing for Supervised Learning of Anomaly Detection in Cyber-Physical Systems'. Together they form a unique fingerprint.

  • Cite this

    Wijaya, H., Aniche, M., & Mathur, A. (Accepted/In press). Domain-Based Fuzzing for Supervised Learning of Anomaly Detection in Cyber-Physical Systems. In EEE/ACM 42nd International Conference on Software Engineering Workshops : The 1st International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) https://doi.org/10.1145/3387940.3391486