Aggregation of Heterogeneous Anomaly Detectors for Cyber-Physical Systems
Loading...
Date
2019-01-07
Authors
Dunne, Murray
Journal Title
Journal ISSN
Volume Title
Publisher
University of Waterloo
Abstract
Distributed, life-critical systems that bridge the gap between software and hardware
are becoming an integral part of our everyday lives. From autonomous cars to smart
electrical grids, such cyber-physical systems will soon be omnipresent. With this comes a
corresponding increase in our vulnerability to cyber-attacks. Monitoring such systems to
detect malicious actions is of critical importance.
One method of monitoring cyber-physical systems is anomaly detection: the process of
detecting when the target system is deviating from expected normal behavior. Anomaly
detection is a vibrant research area with many different viable approaches. The literature
suggests many different anomaly detection methods for the diversity and volume of data
from cyber-physical systems. We focus on aggregating the result of multiple anomaly
detection methods into a final anomalous or non-anomalous verdict.
In this thesis, we present Palisade, a distributed data collection, anomaly detection,
and aggregation framework for cyber-physical systems. We discuss various methods of
anomaly detection and aggregation and include a case study of anomaly aggregation on a
cyber-physical treadmill driving demonstrator. We conclude with a discussion of lessons
learned from the construction of Palisade, and recommendations for future research.
Description
Keywords
anomaly detection, cyber-physical systems