skip to main content
DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Learning method and system for separating independent and dependent attacks

Abstract

Streams of monitoring node signal values over time, representing a current operation of the industrial asset, are used to generate current monitoring node feature vectors. Each feature vector is compared with a corresponding decision boundary separating normal from abnormal states. When a first monitoring node passes a corresponding decision boundary, an attack is detected and classified as an independent attack. When a second monitoring node passes a decision boundary, an attack is detected and a first decision is generated based on a first set of inputs indicating if the attack is independent/dependent. From the beginning of the attack on the second monitoring node until a final time, the first decision is updated as new signal values are received for the second monitoring node. When the final time is reached, a second decision is generated based on a second set of inputs indicating if the attack is independent/dependent.

Inventors:
; ;
Issue Date:
Research Org.:
General Electric Co., Schenectady, NY (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1735308
Patent Number(s):
10785237
Application Number:
15/977,558
Assignee:
General Electric Company (Schenectady, NY)
Patent Classifications (CPCs):
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
G - PHYSICS G06 - COMPUTING G06N - COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
DOE Contract Number:  
OE0000833
Resource Type:
Patent
Resource Relation:
Patent File Date: 05/11/2018
Country of Publication:
United States
Language:
English

Citation Formats

Mestha, Lalit Keshav, Abbaszadeh, Masoud, and Giani, Annartia. Learning method and system for separating independent and dependent attacks. United States: N. p., 2020. Web.
Mestha, Lalit Keshav, Abbaszadeh, Masoud, & Giani, Annartia. Learning method and system for separating independent and dependent attacks. United States.
Mestha, Lalit Keshav, Abbaszadeh, Masoud, and Giani, Annartia. Tue . "Learning method and system for separating independent and dependent attacks". United States. https://www.osti.gov/servlets/purl/1735308.
@article{osti_1735308,
title = {Learning method and system for separating independent and dependent attacks},
author = {Mestha, Lalit Keshav and Abbaszadeh, Masoud and Giani, Annartia},
abstractNote = {Streams of monitoring node signal values over time, representing a current operation of the industrial asset, are used to generate current monitoring node feature vectors. Each feature vector is compared with a corresponding decision boundary separating normal from abnormal states. When a first monitoring node passes a corresponding decision boundary, an attack is detected and classified as an independent attack. When a second monitoring node passes a decision boundary, an attack is detected and a first decision is generated based on a first set of inputs indicating if the attack is independent/dependent. From the beginning of the attack on the second monitoring node until a final time, the first decision is updated as new signal values are received for the second monitoring node. When the final time is reached, a second decision is generated based on a second set of inputs indicating if the attack is independent/dependent.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2020},
month = {9}
}

Patent:

Save / Share:

Works referenced in this record:

Adaptive control architectures for mitigating sensor attacks in cyber-physical systems
journal, May 2016


Connection based denial of service detection
patent, May 2012


Systems and methods for secure operation of an industrial controller
patent, March 2015


Systems and methods for cyber-attack detection at sample speed
patent, March 2020


Multi-mode boundary selection for threat detection in industrial asset control system
patent, August 2019


Automated attack localization and detection
patent, September 2019


Cyber signal isolator
patent, February 2019


Threat detection for a fleet of industrial assets
patent, November 2019


Apparatus and method for analyzing and correlating events in a system using a causality matrix
patent, August 1997


Feature and boundary tuning for threat detection in industrial asset control system
patent, February 2019