skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


This content will become publicly available on January 1, 2026

Title: A Convolutional Neural Network-LSTM Based Physical Sensor Anomaly Detector for Interdependent SCADA Controllers
This study outlines a novel intrusion detection system (IDS) to detect compromised sensor data anomalies in interdependent industrial processes. The IDS used a peer-to-peer communication framework which allowed multiple programmable logic controllers (PLCs) to communicate and share sensor data. Utilizing the shared sensor data, state estimators used a long short-term memory (LSTM) machine learning algorithm to identify anomalous sensor readings connected to neighboring PLCs controlling an interdependent physical process. This study evaluated the performance of the IDS on three industrial operations aligning to a midstream oil terminal. The framework successfully detected several multi-sensor compromises during mid-stream oil terminal operations. A set of performance evaluations also showed no impact on the real-time operations of the PLC and outlined the prediction latencies of the framework.  more » « less
Award ID(s):
1753900
PAR ID:
10642697
Author(s) / Creator(s):
 ;  ;  
Publisher / Repository:
IntechOpen
Date Published:
Journal Name:
AI, Computer Science and Robotics Technology
Volume:
4
ISSN:
2754-6292
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ; ; ; ; (, 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019))
    null (Ed.)
    Ensuring the integrity of embedded programmable logic controllers (PLCs) is critical for safe operation of industrial control systems. In particular, a cyber-attack could manipulate control logic running on the PLCs to bring the process of safety-critical application into unsafe states. Unfortunately, PLCs are typically not equipped with hardware support that allows the use of techniques such as remote attestation to verify the integrity of the logic code. In addition, so far remote attestation is not able to verify the integrity of the physical process controlled by the PLC. In this work, we present PAtt, a system that combines remote software attestation with control process validation. PAtt leverages operation permutations—subtle changes in the operation sequences based on integrity measurements—which do not affect the physical process but yield unique traces of sensor readings during execution. By encoding integrity measurements of the PLC’s memory state (software and data) into its control operation, our system allows to remotely verify the integrity of the control logic based on the resulting sensor traces. We implement the proposed system on a real PLC controlling a robot arm, and demonstrate its feasibility. Our implementation enables the detection of attackers that manipulate the PLC logic to change process state and/or report spoofed sensor readings (with an accuracy of 97% against tested attacks). 
    more » « less
  2. ; ; ; ; (, IEEE Big Data 2023)
    With the growing adoption of unmanned aerial vehicles (UAVs) across various domains, the security of their operations is paramount. UAVs, heavily dependent on GPS navigation, are at risk of jamming and spoofing cyberattacks, which can severely jeopardize their performance, safety, and mission integrity. Intrusion detection systems (IDSs) are typically employed as defense mechanisms, often leveraging traditional machine learning techniques. However, these IDSs are susceptible to adversarial attacks that exploit machine learning models by introducing input perturbations. In this work, we propose a novel IDS for UAVs to enhance resilience against such attacks using generative adversarial networks (GAN). We also comprehensively study several evasion-based adversarial attacks and utilize them to compare the performance of the proposed IDS with existing ones. The resilience is achieved by generating synthetic data based on the identified weak points in the IDS and incorporating these adversarial samples in the training process to regularize the learning. The evaluation results demonstrate that the proposed IDS is significantly robust against adversarial machine learning based attacks compared to the state-of-the-art IDSs while maintaining a low false positive rate. 
    more » « less
  3. ; ; ; (, Electronics)
    null (Ed.)
    Industrial Control Systems (ICS) are used to control physical processes in critical infrastructure. These systems are used in a wide variety of operations such as water treatment, power generation and distribution, and manufacturing. While the safety and security of these systems are of serious concern, recent reports have shown an increase in targeted attacks aimed at manipulating physical processes to cause catastrophic consequences. This trend emphasizes the need for algorithms and tools that provide resilient and smart attack detection mechanisms to protect ICS. In this paper, we propose an anomaly detection framework for ICS based on a deep neural network. The proposed methodology uses dilated convolution and long short-term memory (LSTM) layers to learn temporal as well as long term dependencies within sensor and actuator data in an ICS. The sensor/actuator data are passed through a unique feature engineering pipeline where wavelet transformation is applied to the sensor signals to extract features that are fed into the model. Additionally, this paper explores four variations of supervised deep learning models, as well as an unsupervised support vector machine (SVM) model for this problem. The proposed framework is validated on Secure Water Treatment testbed results. This framework detects more attacks in a shorter period of time than previously published methods. 
    more » « less
  4. ; ; ; (, IEEE 18th Annual Consumer Communications & Networking Conference (CCNC))
    Modern vehicles are equipped with vehicular sensors for smart navigation, vehicle state awareness, and other intelligent operations. Despite the previous belief that the sensor operations stay within a vehicle, as it is designed to be, we study information leakage through the tire pressure monitoring system (TPMS) sensors and the corresponding privacy breach. We demonstrate that, using a low-cost and off-the-shelf software defined radio (SDR), an unauthorized attacker can track uniquely-identifiable sensor IDs up to 40 meters away from the vehicle. To address the issue and protect vehicular privacy, we also propose an effective and lightweight TPMS ID randomization scheme and analyze its security and the implementation costs. 
    more » « less
  5. ; ; ; (, IEEE International Symposium on Technologies for Homeland Security)
    Programmable Logic Controllers are an integral component for managing many different industrial processes (e.g., smart building management, power generation, water and wastewater management, and traffic control systems), and manufacturing and control industries (e.g., oil and natural gas, chemical, pharmaceutical, pulp and paper, food and beverage, automotive, and aerospace). Despite being used widely in many critical infrastructures, PLCs use protocols which make these control systems vulnerable to many common attacks, including man-in-the-middle attacks, denial of service attacks, and memory corruption attacks (e.g., array, stack, and heap overflows, integer overflows, and pointer corruption). In this paper, we propose PLC-PROV, a system for tracking the inputs and outputs of the control system to detect violations in the safety and security policies of the system. We consider a smart building as an example of a PLC-based system and show how PLC-PROV can be applied to ensure that the inputs and outputs are consistent with the intended safety and security policies. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email