Automatic identification of integrity attacks in cyber-physical systems

• The cyber-layer existing in modern infrastructures opened the door to the emerging threat of cyber-attacks.
• This paper proposes a novel methodology for automatic identification of integrity attacks.
• The identification is performed by capturing the unique characteristics of each attack in the spectral and wavelet domains.
• The pattern of each cyber attack is captured by recognition algorithms of different modelling properties.
• The efficacy of the proposed approach is demonstrated in the Smart Grid domain.

Modern society relies on the availability and smooth operation of complex engineering systems, such as electric power systems, water distributions networks, etc. which due to the recent advancements in information and communication technologies (ICT) are usually controlled by means of a cyber-layer. This design may potentially improve the usage of the components of the cyber-physical system (CPS), however further protection is needed due to the emerging threat of cyber-attacks. These may degrade the quality of the communicated information which is of fundamental importance in the decision making process.This paper proposes a novel methodology for automatic identification of the type of the integrity attack affecting a CPS. We designed a feature set for capturing the characteristics of each attack in the spectral and wavelet domains while its distribution is learned by pattern recognition algorithms of different modelling properties customized for the specific application scenario. In addition a novelty detection component is incorporated for dealing with previously unseen types of attacks. The proposed approach is applied onto data coming from the IEEE-9 bus model achieving promising identification performance.