Learning method and system for separating independent and dependent attacks
Abstract
Streams of monitoring node signal values over time, representing a current operation of the industrial asset, are used to generate current monitoring node feature vectors. Each feature vector is compared with a corresponding decision boundary separating normal from abnormal states. When a first monitoring node passes a corresponding decision boundary, an attack is detected and classified as an independent attack. When a second monitoring node passes a decision boundary, an attack is detected and a first decision is generated based on a first set of inputs indicating if the attack is independent/dependent. From the beginning of the attack on the second monitoring node until a final time, the first decision is updated as new signal values are received for the second monitoring node. When the final time is reached, a second decision is generated based on a second set of inputs indicating if the attack is independent/dependent.
- Inventors:
- Issue Date:
- Research Org.:
- General Electric Co., Schenectady, NY (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1735308
- Patent Number(s):
- 10785237
- Application Number:
- 15/977,558
- Assignee:
- General Electric Company (Schenectady, NY)
- Patent Classifications (CPCs):
-
G - PHYSICS G06 - COMPUTING G06N - COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- DOE Contract Number:
- OE0000833
- Resource Type:
- Patent
- Resource Relation:
- Patent File Date: 05/11/2018
- Country of Publication:
- United States
- Language:
- English
- Subject:
- 97 MATHEMATICS AND COMPUTING
Citation Formats
Mestha, Lalit Keshav, Abbaszadeh, Masoud, and Giani, Annartia. Learning method and system for separating independent and dependent attacks. United States: N. p., 2020.
Web.
Mestha, Lalit Keshav, Abbaszadeh, Masoud, & Giani, Annartia. Learning method and system for separating independent and dependent attacks. United States.
Mestha, Lalit Keshav, Abbaszadeh, Masoud, and Giani, Annartia. Tue .
"Learning method and system for separating independent and dependent attacks". United States. https://www.osti.gov/servlets/purl/1735308.
@article{osti_1735308,
title = {Learning method and system for separating independent and dependent attacks},
author = {Mestha, Lalit Keshav and Abbaszadeh, Masoud and Giani, Annartia},
abstractNote = {Streams of monitoring node signal values over time, representing a current operation of the industrial asset, are used to generate current monitoring node feature vectors. Each feature vector is compared with a corresponding decision boundary separating normal from abnormal states. When a first monitoring node passes a corresponding decision boundary, an attack is detected and classified as an independent attack. When a second monitoring node passes a decision boundary, an attack is detected and a first decision is generated based on a first set of inputs indicating if the attack is independent/dependent. From the beginning of the attack on the second monitoring node until a final time, the first decision is updated as new signal values are received for the second monitoring node. When the final time is reached, a second decision is generated based on a second set of inputs indicating if the attack is independent/dependent.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Tue Sep 22 00:00:00 EDT 2020},
month = {Tue Sep 22 00:00:00 EDT 2020}
}
Save to My Library
You must Sign In or Create an Account in order to save documents to your library.
Works referenced in this record:
Adaptive control architectures for mitigating sensor attacks in cyber-physical systems
journal, May 2016
- Yucelen, Tansel; Haddad, Wassim M.; Feron, Eric M.
- Cyber-Physical Systems, Vol. 2, Issue 1-4
Intelligent Cyberphysical Intrusion Detection and Prevention Systems and Methods for Industrial Control Systems
patent-application, September 2014
- Dixit, Paritosh; Thanos, Daniel
- US Patent Application 13/801496; 20140283047
Efficient Localization of Transmitters Within Complex Electromagnetic Environments
patent-application, May 2016
- Baxley, Robert John; Altman, Justin Trent
- US Patent Application 14/928974; 20160127931
Ineffective network equipment identification
patent-application, May 2017
- Kallos, George
- US Patent Application 15/319970; 20170142133
Industrial Control System Smart Hardware Monitoring
patent-application, December 2015
- Gendelman, Ilan
- US Patent Application 14/718192; 20150346706
Method of artificial nueral network loadflow computation for electrical power system
patent, June 2014
- Patel, Sureshchandra B.
- US Patent Document 8,756,047
Cyber security
patent-application, August 2017
- Ferguson, Matt; Kadirkamanathan, Maha
- US Patent Application 15/425903; 20170230391
Threat detection for a fleet of industrial assets
patent, November 2019
- Holzhauer, Daniel Francis; Abbaszadeh, Masoud; Mestha, Lalit Keshav
- US Patent Document 10,476,902
Method for Mitigation of Cyber Attacks on Industrial Control Systems
patent-application, February 2017
- Schneider, Omer; Giller, Nir
- US Patent Application 14/830776; 20170054751
Automated attack localization and detection
patent, September 2019
- Abbaszadeh, Masoud; Mestha, Lalit Keshav; Bushey, Cody Joe
- US Patent Document 10,417,415
System and methods for adaptive model generation for detecting intrusion in computer systems
patent-application, February 2017
- Honig, Andrew; Howard, Andrew; Eskin, Eleazar
- US Patent Application 15/291218; 20170034187
Autonomous sensor system with intrinsic asymmetric encryption
patent-application, March 2017
- Wishard, Bernard
- US Patent Application 15/272589; 20170085539
Cyber signal isolator
patent, February 2019
- Park, Daniel D.; Baggett, John Mark; Suhler, Edward C.
- US Patent Document 10,205,733
Pattern Detection in Sensor Networks
patent-application, June 2016
- Paffenroth, Randy; Du Toit, Philip; Scharf, Louis
- US Patent Application 13/564335; 20160156652
Multi-Layer Aggregation for Object Detection
patent-application, February 2016
- Nguyen, Hien; Singh, Vivek KUmar; Zheng, Yefeng
- US Patent Application 14/457381; 20160048741
System and Method for Providing Monitoring of Industrial Equipment
patent-application, August 2014
- Craig, Jason; Pugh, William; Albarran, Richard Daniel
- US Patent Application 13/776407; 20140244192
Edge-based machine learning for encoding legitimate scanning
patent-application, September 2017
- Vasseur, Jean-Philippe; Mermoud, Gregory; Savalle, Pierre-Andre
- US Patent Application 15/205732; 20170279833
System and Method for Logging Security Events for an Industrial Control System
patent-application, October 2013
- Chong, Justin Brandon; Socky, David Richard; Sahoo, Manas Ranjan
- US Patent Application 13/460779; 20130291115
Cluster-based decision boundaries for threat detection in industrial asset control system
patent-application, July 2018
- Abbaszadeh, Masoud; Bushey, Cody Joe; Mestha, Lalit Keshav
- US Patent Application 15/397062; 20180191758
Apparatus and method for detecting an abnormality sign in a control system
patent-application, October 2014
- Heo, Youngjun; Sohn, Seon-Gyoung; Kang, Dong Ho
- US Patent Application 13/927794; 20140298399
Probabilistic Model For Cyber Risk Forecasting
patent-application, December 2015
- Schultz, Craig A.; Nitao, John J.; Starr, Jeffrey M.
- US Patent Application 14/319994; 20150381649
System and Method for Maintaining the Health of a Control System
patent-application, February 2016
- T., Rvia Kumar; Banerjee, Goutam; Pai, Ramesh Brahmavar
- US Patent Application 14/448164; 20160033941
Digital information infrastructure and method for security designated data and with granular data stores
patent, June 2013
- Redlich, Ron M.; Nemzow, Martin A.
- US Patent Document 8,468,244
Automated Attack Localization and Detection
patent-application, June 2018
- Abbaszadeh, Masoud; Mestha, Lalit Keshav; Bushey, Cody
- US Patent Application 15/478425; 20180157831
Classifying Data with Deep Learning Neural Records Incrementally Refined Through Expert Input
patent-application, September 2015
- Williams, Jr., David Russell; Gutzwiller, Luke Robert; Hazen, Megan Ursula
- US Patent Application 14/639005; 20150254555
Parsimonious continuous-space phrase representations for natural language processing
patent-application, October 2016
- Bellegarda, Jerome R.
- US Patent Application 14/838323; 20160307566
Forecasting and classifying cyber-attacks using neural embeddings based on pattern of life data
patent-application, August 2017
- Ahmed, Mohamed N.; Baughman, Aaron K.; Behnken, John F.
- US Patent Application 15/019300; 20170230401
Intelligent cyberphysical intrusion detection and prevention systems and methods for industrial control systems
patent, August 2016
- Dixit, Paritosh; Thanos, Daniel
- US Patent Document 9,405,900
Method for Quantitative Resilience Estimation of Industrial Control Systems
patent-application, May 2013
- Wei, Dong; Ji, Kun
- US Patent Application 13/703158; 20130132149
Threat Detection and Localizatino for Monitoring Nodes of an Industrial Asset Control System
patent-application, December 2017
- Bushey, Cody Joe; Mestha, Lalit Keshav; Holzhauer, Daniel Francis
- US Patent Application 15/179034; 20170359366
System and Method for Detecting a Cyber-Attack at SCADA/ICS Managed Plants
patent-application, September 2018
- Arov, Michael; Ochman, Ronen; Cohen, Moshe
- US Patent Application 15/989748; 20180276375
System and method for improved production surveillance using visual pattern recognition in oil and gas upstream
patent-application, November 2016
- Rajaram, Venkatakrishnan; Kumar, Hemant
- US Patent Application 14/794424; 20160341636
Method and system for profiling network flows at a measurement point within a computer network
patent-application, March 2002
- Malan, Gerald R.; Jahanian, Farnam
- US Patent Application 09/855809; 20020032717
Semi-Automatic System with an Iterative Learning Method for Uncovering the Leading Indicators in Business Processes
patent-application, August 2008
- Peng, Wei; Rose, Philip C.; Sun, Tong
- US Patent Application 11/676816; 20080201397
Multi-mode boundary selection for threat detection in industrial asset control system
patent, August 2019
- Holzhauer, Daniel Francis; Bushey, Cody Joe; Mestha, Lalit Keshav
- US Patent Document 10,397,257
Systems and methods for providing off-line decision support for correlation analysis
patent-application, April 2003
- Grabarnik, Genady; Hellerstein, Joseph L.; Ma, Sheng
- US Patent Application 09/976540; 20030074439
Dynamic normalization of monitoring node data for threat detection in industrial asset control system
patent-application, May 2018
- Mestha, Lalit Keshav; Bushey, Cody Joe; Holzhauer, Daniel Francis
- US Patent Application 15/351809; 20180137277
Method and System for Unified Information Representation and Applications Thereof
patent-application, September 2012
- Solmer, Robert; Ruan, Wen
- US Patent Application 13/044763; 20120233127
Feature and boundary tuning for threat detection in industrial asset control system
patent, February 2019
- Bushey, Cody Joe; Mestha, Lalit Keshav; John, Justin Varkey
- US Patent Document 10,204,226
Anomaly Detection for Context-Dependent Data
patent-application, November 2016
- Bauer, Alexander; Heidtke, Nico; Niessen, Maria
- US Patent Application 14/703502; 20160328654
Apparatus and method for analyzing and correlating events in a system using a causality matrix
patent, August 1997
- Yemini, Yechiam; Yemini, Shaula; Kliger, Shmuel
- US Patent Document 5,661,668
Distributed Estimation and Detection of Anomalies in Control Systems
patent-application, April 2018
- Sun, Hongbo; Minot, Ariana
- US Patent Application 15/298392; 20180115561
Gas turbine and steam turbine combined cycle electric power generating plant having a coordinated and hybridized control system and an improved factory based method for making and testing combined cycle and other power plants and control systems therefor
patent, June 1984
- Martz, Lyle F.; Kiscaden, Roy W.; Uram, Robert
- US Patent Document 4,455,614
Differential Acoustic Model Representation and Linear Transform-Based Adaptation for Efficient User Profile Update Techniques in Automatic Speech Recognition
patent-application, May 2015
- Gollan, Christian; Willett, Daniel
- US Patent Application 14/399867; 20150149174
Connection based denial of service detection
patent, May 2012
- Dudfield, Anne Elizabeth; Poletto, Massimiliano Antonio
- US Patent Document 8,191,136
Systems and methods for secure operation of an industrial controller
patent, March 2015
- Chong, Justin Brandon; Socky, David Richard; Thakur, Pavan Kumar Singh
- US Patent Document 8,973,124
System and Method for Distributed Denial of Service Identification and Prevention
patent-application, August 2014
- Liu, Lei
- US Patent Application 13/953457; 20140223562
Systems and methods for cyber-attack detection at sample speed
patent-application, June 2018
- Mestha, Lalit Keshav; John, Justin Varkey; Yan, Weizhong
- US Patent Application 15/484282; 20180159879
Multi-mode boundary selection for threat detection in industrial asset control system
patent-application, June 2018
- Holzhauer, Daniel Francis; Bushey, Cody Joe; Mestha, Lalit Keshav
- US Patent Application 15/371723; 20180159877
Systems and methods for cyber-attack detection at sample speed
patent, March 2020
- Mestha, Lalit Keshav; John, Justin Varkey; Yan, Weizhong
- US Patent Document 10,594,712
Sequential data examination method
patent-application, March 2006
- Oka, Mizuki; Kato, Kazuhiko
- US Patent Application 11/179838; 20060069955