Abstract
Security is crucial in cyber-physical systems (CPS). As a typical CPS, the communication-based train control (CBTC) system is facing increasingly serious cyber-attacks. Intrusion detection systems (IDSs) are vital to protect the system against cyber-attacks. The traditional IDS cannot distinguish between cyber-attacks and system faults. Furthermore, the design of the traditional IDS does not take the principles of CBTC systems into consideration. When deployed, it cannot effectively detect cyber-attacks against CBTC systems. In this paper, we propose a novel intrusion detection method that considers both the status of the networks and those of the equipment to identify if the abnormality is caused by cyber-attacks or by system faults. The proposed method is verified on a hardware-in-the-loop simulation platform of CBTC systems. Simulation results indicate that the proposed method has achieved 97.64% true positive rate, which can significantly improve the security protection level of CBTC systems.
Highlights
Urban rail transit plays an important role in addressing the issues of traffic congestion and environmental pollution
The network states anomaly detection (NAD) model, the device states anomaly detection (DAD) model and the hidden Markov model (HMM) classifier are compared with other approaches, respectively
A novel intrusion detection method for Communication-based train control (CBTC) based on network and device states is designed
Summary
Urban rail transit plays an important role in addressing the issues of traffic congestion and environmental pollution. Communication-based train control (CBTC) is an automated train control system using communication technologies to ensure the safe operation of rail vehicles [1]. CBTC can improve the utilization of railway infrastructure and help to provide better services to passengers. CBTC systems are typical cyber-physical systems (CPS) which bridge the computing and communication of the cyber world with the control of the physical world [2]. The extensive application of computer, communication and control technologies in CBTC has greatly improved the automation level of the system but exposed it to the threats of cyber-attack at the same time [3]. The attack caused 2112 computers to be damaged. In 2018, an unprecedented distributed denial of service attacks interfered with Danish state rail operators. Passengers across the country were prevented from buying tickets on Sunday [6]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
