Time-aware Anomaly Detection for Cyber-Physical System through Time-Sensitive Network Traffic Features

• Main Authors: LI, CHIH-HUNG, 李志宏
• Other Authors: CHENG, BO-CHAO
• Format: Others
• Language: zh-TW
• Published: 2019
• Online Access: http://ndltd.ncl.edu.tw/handle/n34jwj

碩士 === 國立中正大學 === 通訊工程研究所 === 107 === Cyber-Physical Systems (CPS), integrating with embedded sensors, computation, networking and physical processes together, plays an important role in intelligent manufacturing, smart city and critical infrastructures (e.g., smart grid). Although CPS allows network components connected together to perform a specified task cooperatively, it also provides hackers the opportunity to easily compromise the system. As such, CPS is no longer closed and safe! However, conventional Intrusion Detection Systems (IDSs) do not consider an important design feature, “time”, used in real-word industry control system. We propose Time-aware Anomaly Detection System (TADS) based on a set of the temporal features (such as inter frame arrival time) to investigate the suspicious traffics under a real-time transmission environment and detect the malicious attacks hidden in the encrypted traffic. The experiment results show that TADS has better detection accuracy on three types of malicious traffics: DoS attack, Injection attack and Prediction attack.