Reliable cyber-threat detection in rapidly changing environments
Abstract
In some embodiments, a plurality of monitoring nodes each generate a series of current monitoring node values over time that represent a current operation of the industrial asset. An attack detection computer platform may receive the series of current monitoring node values and generate a set of current feature vectors including a current feature for capturing transients (e.g., local transients and/or global transients). The attack detection computer platform may also access an attack detection model having at least one decision boundary that was created using at least one of a set of normal feature vectors and/or a set of attacked feature vectors. The attack detection model may then be executed such that an attack alert signal is transmitted by the attack detection computer platform, when appropriate, based on the set of current feature vectors (including the current feature to capture transients) and the at least one decision boundary.
- Inventors:
- Issue Date:
- Research Org.:
- General Electric Co., Schenectady, NY (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1771571
- Patent Number(s):
- 10819725
- Application Number:
- 15/964,644
- Assignee:
- General Electric Company (Schenectady, NY)
- Patent Classifications (CPCs):
-
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- DOE Contract Number:
- OE0000833
- Resource Type:
- Patent
- Resource Relation:
- Patent File Date: 04/27/2018
- Country of Publication:
- United States
- Language:
- English
Citation Formats
Abbaszadeh, Masoud, and Mestha, Lalit Keshav. Reliable cyber-threat detection in rapidly changing environments. United States: N. p., 2020.
Web.
Abbaszadeh, Masoud, & Mestha, Lalit Keshav. Reliable cyber-threat detection in rapidly changing environments. United States.
Abbaszadeh, Masoud, and Mestha, Lalit Keshav. Tue .
"Reliable cyber-threat detection in rapidly changing environments". United States. https://www.osti.gov/servlets/purl/1771571.
@article{osti_1771571,
title = {Reliable cyber-threat detection in rapidly changing environments},
author = {Abbaszadeh, Masoud and Mestha, Lalit Keshav},
abstractNote = {In some embodiments, a plurality of monitoring nodes each generate a series of current monitoring node values over time that represent a current operation of the industrial asset. An attack detection computer platform may receive the series of current monitoring node values and generate a set of current feature vectors including a current feature for capturing transients (e.g., local transients and/or global transients). The attack detection computer platform may also access an attack detection model having at least one decision boundary that was created using at least one of a set of normal feature vectors and/or a set of attacked feature vectors. The attack detection model may then be executed such that an attack alert signal is transmitted by the attack detection computer platform, when appropriate, based on the set of current feature vectors (including the current feature to capture transients) and the at least one decision boundary.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2020},
month = {10}
}
Works referenced in this record:
Detecting Software Attacks By Monitoring Electric Power Consumption Patterns
patent-application, November 2008
- Jacoby, Grant A.; Davis, Nathaniel J.; Marchany, Randolph C.
- US Patent Application 11/574619; 20080276111
Cyber threat trees for large system threat cataloging and analysis
conference, April 2010
- Ongsakorn, P.; Turney, K.; Thornton, M.
- 2010 4th Annual IEEE Systems Conference, 2010 IEEE International Systems Conference
Threat Detection and Localizatino for Monitoring Nodes of an Industrial Asset Control System
patent-application, December 2017
- Bushey, Cody Joe; Mestha, Lalit Keshav; Holzhauer, Daniel Francis
- US Patent Application 15/179034; 20170359366
Resilient Control Design or Disturbed Cyber-Physical Systems
patent-application, December 2015
- Ji, Kun
- US Patent Application 14/317321; 20150378339
A safety/security risk analysis approach of Industrial Control Systems: A cyber bowtie – combining new version of attack tree with bowtie analysis
journal, January 2018
- Abdo, H.; Kaouk, M.; Flaus, J. -M.
- Computers & Security, Vol. 72
Cyber signal isolator
patent, February 2019
- Park, Daniel D.; Baggett, John Mark; Suhler, Edward C.
- US Patent Document 10,205,733