Detection of Cyber Physical Attacks on Water Distribution Systems via Principal Component Analysis and Artificial Neural Networks

Ahmed A. Abokifa, Kelsey Haddad, Cynthia S. Lo, Pratim Biswas

Research output: Chapter in Book/Report/Conference proceedingConference contribution

16 Scopus citations

Abstract

Automated monitoring and operation of modern water distribution systems (WDSs) are largely dependent on an interconnected network of computers, sensors, and actuators that are jointly coordinated by a supervisory control and data acquisition (SCADA) system. Although the implementation of such embedded systems enhances the reliability of the WDS, it also exposes it to cyber-physical attacks that can disrupt the system's operation or compromise critical information. Hence, the development of attack detection algorithms that can efficiently diagnose and identify such assaults is crucial for the successful application of these automated systems. In this study, we developed an algorithm to identify anomalous behaviors of the different components of a WDS in the context of the Battle of the Attack Detection Algorithms (BATADAL). The algorithm relies on using multiple layers of anomaly detection techniques to identify both local anomalies that affect each sensor individually, as well as global anomalies that simultaneously affect more than one sensor at the same time. The first layer targets finding statistical outliers in the data using simple outlier detection techniques. The second layer employs a trained artificial neural networks (ANNs) model to detect contextual anomalies that does not conform to the normal operational behavior of the system. The third layer uses principal component analysis (PCA) to decompose the high-dimensional space occupied by the given set of sensor measurements into two sub-spaces representing normal and anomalous network operating conditions. By continuously tracking the projections of the data instances on the anomalous conditions subspace, the algorithm identifies the outliers based on their influence on the directions of the principal components. The proposed approach successfully predicted all of the pre-labeled attacks in the validation data set with high sensitivity and specificity. However, for all the detected attacks, the algorithm maintained a false "under attack" status for a few hours after the threat no longer existed.

Original languageEnglish (US)
Title of host publicationWorld Environmental and Water Resources Congress 2017
Subtitle of host publicationHydraulics and Waterways and Water Distribution Systems Analysis - Selected Papers from the World Environmental and Water Resources Congress 2017
EditorsBrian Van Weele, Christopher N. Dunn
PublisherAmerican Society of Civil Engineers (ASCE)
Pages676-691
Number of pages16
ISBN (Electronic)9780784480625
DOIs
StatePublished - 2017
Externally publishedYes
Event17th World Environmental and Water Resources Congress 2017 - Sacramento, United States
Duration: May 21 2017May 25 2017

Publication series

NameWorld Environmental and Water Resources Congress 2017: Hydraulics and Waterways and Water Distribution Systems Analysis - Selected Papers from the World Environmental and Water Resources Congress 2017

Conference

Conference17th World Environmental and Water Resources Congress 2017
Country/TerritoryUnited States
CitySacramento
Period5/21/175/25/17

ASJC Scopus subject areas

  • Environmental Science(all)

Fingerprint

Dive into the research topics of 'Detection of Cyber Physical Attacks on Water Distribution Systems via Principal Component Analysis and Artificial Neural Networks'. Together they form a unique fingerprint.

Cite this