Domain-Based Fuzzing for Supervised Learning of Anomaly Detection in Cyber-Physical Systems

Herman Wijaya, Maurício Aniche, Aditya Mathur

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

8 Citations (Scopus)
199 Downloads (Pure)

Abstract

A novel approach is proposed for constructing models of anomaly detectors using supervised learning from the traces of normal and abnormal operations of an Industrial Control System (ICS). Such detectors are of value in detecting process anomalies in complex critical infrastructure such as power generation and water treatment systems. The traces are obtained by systematically “fuzzing”, i.e., manipulating the sensor readings and actuator actions in accordance with the boundaries/partitions that define the system's state. The proposed approach is tested in a Secure Water Treatment (SWaT) testbed – a replica of a real-world water purification plant, located at the Singapore University of Technology and Design. Multiple supervised classifiers are trained using the traces obtained from SWaT. The efficacy of the proposed approach is demonstrated through empirical evaluation of the supervised classifiers under various performance metrics. Lastly, it is shown that the supervised approach results in significantly lower false positive rates as compared to the unsupervised ones.
Original languageEnglish
Title of host publicationICSEW'20
Subtitle of host publicationProceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops
Place of PublicationNew York
PublisherAssociation for Computing Machinery (ACM)
Pages237-244
Number of pages8
ISBN (Print)978-1-4503-7963-2
DOIs
Publication statusPublished - 2020
EventICSEW'20: The IEEE/ACM 42nd International Conference on Software Engineering Workshops - Seoul, Korea, Republic of
Duration: 23 May 202029 May 2020

Conference

ConferenceICSEW'20
Country/TerritoryKorea, Republic of
CitySeoul
Period23/05/2029/05/20

Keywords

  • fuzzing
  • domain testing
  • security
  • cyber physical systems
  • supervised learning
  • anomaly detection

Fingerprint

Dive into the research topics of 'Domain-Based Fuzzing for Supervised Learning of Anomaly Detection in Cyber-Physical Systems'. Together they form a unique fingerprint.

Cite this