DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Reliable cyber-threat detection in rapidly changing environments

Abstract

In some embodiments, a plurality of monitoring nodes each generate a series of current monitoring node values over time that represent a current operation of the industrial asset. An attack detection computer platform may receive the series of current monitoring node values and generate a set of current feature vectors including a current feature for capturing transients (e.g., local transients and/or global transients). The attack detection computer platform may also access an attack detection model having at least one decision boundary that was created using at least one of a set of normal feature vectors and/or a set of attacked feature vectors. The attack detection model may then be executed such that an attack alert signal is transmitted by the attack detection computer platform, when appropriate, based on the set of current feature vectors (including the current feature to capture transients) and the at least one decision boundary.

Inventors:
;
Issue Date:
Research Org.:
General Electric Co., Schenectady, NY (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1771571
Patent Number(s):
10819725
Application Number:
15/964,644
Assignee:
General Electric Company (Schenectady, NY)
Patent Classifications (CPCs):
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
DOE Contract Number:  
OE0000833
Resource Type:
Patent
Resource Relation:
Patent File Date: 04/27/2018
Country of Publication:
United States
Language:
English

Citation Formats

Abbaszadeh, Masoud, and Mestha, Lalit Keshav. Reliable cyber-threat detection in rapidly changing environments. United States: N. p., 2020. Web.
Abbaszadeh, Masoud, & Mestha, Lalit Keshav. Reliable cyber-threat detection in rapidly changing environments. United States.
Abbaszadeh, Masoud, and Mestha, Lalit Keshav. Tue . "Reliable cyber-threat detection in rapidly changing environments". United States. https://www.osti.gov/servlets/purl/1771571.
@article{osti_1771571,
title = {Reliable cyber-threat detection in rapidly changing environments},
author = {Abbaszadeh, Masoud and Mestha, Lalit Keshav},
abstractNote = {In some embodiments, a plurality of monitoring nodes each generate a series of current monitoring node values over time that represent a current operation of the industrial asset. An attack detection computer platform may receive the series of current monitoring node values and generate a set of current feature vectors including a current feature for capturing transients (e.g., local transients and/or global transients). The attack detection computer platform may also access an attack detection model having at least one decision boundary that was created using at least one of a set of normal feature vectors and/or a set of attacked feature vectors. The attack detection model may then be executed such that an attack alert signal is transmitted by the attack detection computer platform, when appropriate, based on the set of current feature vectors (including the current feature to capture transients) and the at least one decision boundary.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2020},
month = {10}
}

Works referenced in this record:

Cyber threat trees for large system threat cataloging and analysis
conference, April 2010


Cyber signal isolator
patent, February 2019