A Framework For Detecting Anomalous Behaviors in Smart Cyber-Physical Systems

Thumbnail Image

Files

Narayanan_umbc_0434D_12031.pdf (4.15 MB)

Links to Files

Permanent Link

http://hdl.handle.net/11603/20700

Collections

UMBC Theses and Dissertations
UMBC Computer Science and Electrical Engineering Department
UMBC Graduate School
UMBC Student Collection

Author/Creator

Author/Creator ORCID

Date

2019-01-01

Type of Work

dissertations
Text
application:pdf

Department

Computer Science and Electrical Engineering

Program

Computer Science

Citation of Original Publication

Rights

Distribution Rights granted to UMBC by the author.
Access limited to the UMBC community. Item may possibly be obtained via Interlibrary Loan thorugh a local library, pending author/copyright holder's permission.
This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.

Subjects

Anomaly Detection
Cyber-Physical Systems
Learning
Security

Abstract

This dissertations makes significant contributions to automatic, scalable, and data-driven approaches for securing smart cyber-physical systems (CPS). Smart CPS are increasingly embedded in our everyday life. Security incidents involving them are often high-profile because of their ability to control critical infrastructure. Stuxnet and the Ukrainian power-grid attack are some notorious attacks reported against CPS which impacted governmental programs to ordinary users. In addition to the deliberate attacks, device malfunction and human error can also result in incidents with grave consequences. Hence the detection and mitigation of abnormal behaviors resulting from security incidents is imperative for the trustworthiness and broader acceptance of smart cyber-physical systems. In this dissertations, we study the behavior of smart cyber-physical systems and develop techniques to abstract the typical behaviors in such systems using the data generated from their components and detect various abnormalities. Our initial research developed a knowledge-graph based approach which uses semantic technologies to infer complex contexts for detecting a wide range of anomalies. We also propose an automatic behavioral abstraction technique, ABATe, which automatically learns their typical behavior by finding the latent "context'" space using available operational data. The learned latent space is then used to discern anomalies. We evaluate our technique using two real-world datasets to demonstrate the multi-domain adaptability and efficacy of our approach. As a part of this dissertations, we also generated an automotive dataset to support future research in the related fields.