A Self-Tuning Cyber-Attacks’ Location Identification Approach for Critical Infrastructures

Abstract

The integration of the communications network and the Internet of Things in today’s critical infrastructures facilitates intelligent and online monitoring of these systems. However, although critical infrastructure’s digitalization brings tremendous advantages and opportunities for remote access and control, it significantly increases cyber-attack’s vulnerability. Therefore, efficient and proper detection and localization of cyber-attack are paramount for the critical infrastructure’s reliable and secure operation. This article proposes a deep learning-based cyber-attack detection and location identification system for critical infrastructures by constructing new representations and model the system behavior using multilayer autoencoders. The results show that the new representations capture the physical relationships among the measurements and have more discriminant power in distinguishing the location of the attack. Furthermore, the proposed method has outperformed conventional machine learning models under various cyber-attack scenarios using real-world data from the gas pipeline and water distribution supervisory control and data acquisition systems.