Mitigating Impact of Data Poisoning Attacks on CPS Anomaly Detection with Provable Guarantees
Anomaly-based attack detection methods depend on some form of machine learning to detect data falsification attacks in smart living cyber–physical systems. However, there is a lack of studies that consider the presence of attacks during the training phase and their effect on detection and false alar...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-05-01
|
| Series: | Information |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2078-2489/16/6/428 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849431806111121408 |
|---|---|
| author | Sahar Abedzadeh Shameek Bhattacharjee |
| author_facet | Sahar Abedzadeh Shameek Bhattacharjee |
| author_sort | Sahar Abedzadeh |
| collection | DOAJ |
| description | Anomaly-based attack detection methods depend on some form of machine learning to detect data falsification attacks in smart living cyber–physical systems. However, there is a lack of studies that consider the presence of attacks during the training phase and their effect on detection and false alarm performance. To improve the robustness of time series learning for anomaly detection, we propose a framework by modifying design choices such as regression error type and loss function type while learning the thresholds for an anomaly detection framework during the training phase. Specifically, we offer theoretical proofs on the relationship between poisoning attack strengths and how that informs the choice of loss functions used to learn the detection thresholds. This, in turn, leads to explainability of why and when our framework mitigates data poisoning and the trade-offs associated with such design changes. The theoretical results are backed by experimental results that prove attack mitigation performance with NIST-specified metrics for CPS, using real data collected from a smart metering infrastructure as a proof of concept. Thus, the contribution is a framework that guarantees security of ML and ML for security simultaneously. |
| format | Article |
| id | doaj-art-e46faf269d1b49ce8cca90c7509b41d4 |
| institution | Kabale University |
| issn | 2078-2489 |
| language | English |
| publishDate | 2025-05-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Information |
| spelling | doaj-art-e46faf269d1b49ce8cca90c7509b41d42025-08-20T03:27:32ZengMDPI AGInformation2078-24892025-05-0116642810.3390/info16060428Mitigating Impact of Data Poisoning Attacks on CPS Anomaly Detection with Provable GuaranteesSahar Abedzadeh0Shameek Bhattacharjee1Computer Science Department, Western Michigan University, Kalamazoo, MI 49008, USAComputer Science Department, Western Michigan University, Kalamazoo, MI 49008, USAAnomaly-based attack detection methods depend on some form of machine learning to detect data falsification attacks in smart living cyber–physical systems. However, there is a lack of studies that consider the presence of attacks during the training phase and their effect on detection and false alarm performance. To improve the robustness of time series learning for anomaly detection, we propose a framework by modifying design choices such as regression error type and loss function type while learning the thresholds for an anomaly detection framework during the training phase. Specifically, we offer theoretical proofs on the relationship between poisoning attack strengths and how that informs the choice of loss functions used to learn the detection thresholds. This, in turn, leads to explainability of why and when our framework mitigates data poisoning and the trade-offs associated with such design changes. The theoretical results are backed by experimental results that prove attack mitigation performance with NIST-specified metrics for CPS, using real data collected from a smart metering infrastructure as a proof of concept. Thus, the contribution is a framework that guarantees security of ML and ML for security simultaneously.https://www.mdpi.com/2078-2489/16/6/428anomaly detectiondata poisoning attackscyber–physical systems (CPS)machine learning robustnessML for securityresilient learning-based CPS |
| spellingShingle | Sahar Abedzadeh Shameek Bhattacharjee Mitigating Impact of Data Poisoning Attacks on CPS Anomaly Detection with Provable Guarantees Information anomaly detection data poisoning attacks cyber–physical systems (CPS) machine learning robustness ML for security resilient learning-based CPS |
| title | Mitigating Impact of Data Poisoning Attacks on CPS Anomaly Detection with Provable Guarantees |
| title_full | Mitigating Impact of Data Poisoning Attacks on CPS Anomaly Detection with Provable Guarantees |
| title_fullStr | Mitigating Impact of Data Poisoning Attacks on CPS Anomaly Detection with Provable Guarantees |
| title_full_unstemmed | Mitigating Impact of Data Poisoning Attacks on CPS Anomaly Detection with Provable Guarantees |
| title_short | Mitigating Impact of Data Poisoning Attacks on CPS Anomaly Detection with Provable Guarantees |
| title_sort | mitigating impact of data poisoning attacks on cps anomaly detection with provable guarantees |
| topic | anomaly detection data poisoning attacks cyber–physical systems (CPS) machine learning robustness ML for security resilient learning-based CPS |
| url | https://www.mdpi.com/2078-2489/16/6/428 |
| work_keys_str_mv | AT saharabedzadeh mitigatingimpactofdatapoisoningattacksoncpsanomalydetectionwithprovableguarantees AT shameekbhattacharjee mitigatingimpactofdatapoisoningattacksoncpsanomalydetectionwithprovableguarantees |