Abstract
Water Distribution System (WDS) threats have significantly grown following the Maroochy shire incident, as evidenced by proofed attacks on water premises. As a result, in addition to traditional solutions (e.g., data encryption and authentication), attack detection is being proposed in WDS to reduce disruption cases. The attack detection system must meet two critical requirements: high accuracy and near real-time detection. This drives us to propose a two-stage detection system that uses self-supervised and unsupervised algorithms to detect Cyber-Physical (CP) attacks. Stage 1 uses heuristic adaptive self-supervised algorithms to achieve near real-time decision-making and detection sensitivity of 66% utilizing Boss. Stage 2 attempts to validate the detection of attacks using an unsupervised algorithm to maintain a detection accuracy of 94% utilizing Isolation Forest. Both stages are examined against time granularity and are empirically analyzed against a variety of performance evaluation indicators. Our findings demonstrate that the algorithms in stage 1 are less favored than those in the literature, but their existence enables near real-time decision-making and detection reliability. In stage 2, the isolation Forest algorithm, in contrast, gives excellent accuracy. As a result, both stages can collaborate to maximize accuracy in a near real-time attack detection system.
Highlights
Academic Editor: Sergei ChernyiThe significant increase of reported attacks on the Water Distribution Systems (WDS)in the last two decades, has increased the need for further advancements in technologies that can leverage security to the water systems
Because Boss, XGboost, and Random Forest (RF) have the highest normalized sensitivity of 65%, 46%, and 64%, respectively, Stage 1 intends to deliver alerts in near real-time decision-making utilizing heuristic self-supervised approaches. This is followed by a second stage of verifying attacks using Isolation Forest (iForest) as an unsupervised technique which outperformed the others in terms of accuracy with 94%
This paper proposes a two-stage detection architecture using self-supervised and unsupervised algorithms to provide CP attacks alarming and confirming systems
Summary
The significant increase of reported attacks on the Water Distribution Systems (WDS). A robust attack detection system using machine-learning technologies that operate in the absence of labeled data is of paramount importance in water systems. The usage of self-supervised and unsupervised learning are adequate with the unlabelled data especially in water systems as it lacks the availability of data that demonstrates all potential CP attacks. This is followed by novel heuristic systems that use the learned features to identify outliers ’attacks’. (RForest), Extreme Gradient Boosting (XGBoost), and Bag-of-SFA (BOSS) These heuristic algorithms can provide near real-time decision-making and reliable detection of CP attacks, but incorporating a second stage of the unsupervised algorithm
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
