Visible to the public Anomaly Detection and Anomaly Location Model for Multiple Attacks Using Finite Automata

TitleAnomaly Detection and Anomaly Location Model for Multiple Attacks Using Finite Automata
Publication TypeConference Paper
Year of Publication2022
AuthorsIkeda, Yoshiki, Sawada, Kenji
Conference Name2022 IEEE International Conference on Consumer Electronics (ICCE)
KeywordsAccesslists, actuator security, actuators, anomaly detection, Automata, Automaton, Binary Decision Diagram, composability, control system security, control systems, Metrics, pubcrawl, resilience, Resiliency, Solid modeling, Switches, Three-dimensional displays
AbstractIn control systems, the operation of the system after an incident occurs is important. This paper proposes to design a whitelist model that can detect anomalies and identify locations of anomalous actuators using finite automata during multiple actuators attack. By applying this model and comparing the whitelist model with the operation data, the monitoring system detects anomalies and identifies anomaly locations of actuator that deviate from normal operation. We propose to construct a whitelist model focusing on the order of the control system operation using binary search trees, which can grasp the state of the system when anomalies occur. We also apply combinatorial compression based on BDD (Binary Decision Diagram) to the model to speed up querying and identification of abnormalities. Based on the model designed in this study, we aim to construct a secured control system that selects and executes an appropriate fallback operation based on the state of the system when anomaly is detected.
DOI10.1109/ICCE53296.2022.9730574
Citation Keyikeda_anomaly_2022