TY - GEN
T1 - ECADA
T2 - 19th International Conference on Mobility, Sensing and Networking, MSN 2023
AU - Sang, Chao
AU - Li, Jianhua
AU - Wu, Jun
AU - Yang, Wu
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Today, with more and more devices in the industrial control system (ICS), the risk becomes higher and brings more attack surfaces. The need for reliable anomaly detection systems is increasing. Traditional SCADA-based detection systems deployed are difficult to assess large-scale control systems accurately, and novel AI-based technologies struggle to ensure timely response. In this paper, we propose an edge computing assisted delay-aware anomaly detection (ECADA) scheme for ICS, which considers both the accuracy and timeliness, and ensures that abnormal conditions can be accurately detected and handled in a short time. First, we model the components in ICS as three layers, taking network resources, delay, and reliability into consideration. Second, we convert the anomaly detection procedure into a decision making problem. By dividing the warning capabilities into various levels, the flexibility of the anomaly detection system is enhanced. Third, we cast a mixed-integer linear programming (MILP) problem to find the efficient anomaly detection mechanism, so that it can be dynamically scheduled to achieve the tradeoff between reliability and timeliness. We use an real-world industrial system dataset for experimental evaluation. By comparing with various traditional anomaly detection methods, it is proved that ECADA can always ensure reliable response of anomaly detection system in various network environments.
AB - Today, with more and more devices in the industrial control system (ICS), the risk becomes higher and brings more attack surfaces. The need for reliable anomaly detection systems is increasing. Traditional SCADA-based detection systems deployed are difficult to assess large-scale control systems accurately, and novel AI-based technologies struggle to ensure timely response. In this paper, we propose an edge computing assisted delay-aware anomaly detection (ECADA) scheme for ICS, which considers both the accuracy and timeliness, and ensures that abnormal conditions can be accurately detected and handled in a short time. First, we model the components in ICS as three layers, taking network resources, delay, and reliability into consideration. Second, we convert the anomaly detection procedure into a decision making problem. By dividing the warning capabilities into various levels, the flexibility of the anomaly detection system is enhanced. Third, we cast a mixed-integer linear programming (MILP) problem to find the efficient anomaly detection mechanism, so that it can be dynamically scheduled to achieve the tradeoff between reliability and timeliness. We use an real-world industrial system dataset for experimental evaluation. By comparing with various traditional anomaly detection methods, it is proved that ECADA can always ensure reliable response of anomaly detection system in various network environments.
UR - http://www.scopus.com/inward/record.url?scp=85197505159&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85197505159&partnerID=8YFLogxK
U2 - 10.1109/MSN60784.2023.00042
DO - 10.1109/MSN60784.2023.00042
M3 - Conference contribution
AN - SCOPUS:85197505159
T3 - Proceedings - 2023 19th International Conference on Mobility, Sensing and Networking, MSN 2023
SP - 215
EP - 222
BT - Proceedings - 2023 19th International Conference on Mobility, Sensing and Networking, MSN 2023
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 14 December 2023 through 16 December 2023
ER -