Battle of the Attack Detection Algorithms: Disclosing Cyber Attacks on Water Distribution Networks
Publication: Journal of Water Resources Planning and Management
Volume 144, Issue 8
Abstract
The BATtle of the Attack Detection ALgorithms (BATADAL) is the most recent competition on planning and management of water networks undertaken within the Water Distribution Systems Analysis Symposium. The goal of the battle was to compare the performance of algorithms for the detection of cyber-physical attacks, whose frequency has increased in the last few years along with the adoption of smart water technologies. The design challenge was set for the C-Town network, a real-world, medium-sized water distribution system operated through programmable logic controllers and a supervisory control and data acquisition (SCADA) system. Participants were provided with data sets containing (simulated) SCADA observations, and challenged to design an attack detection algorithm. The effectiveness of all submitted algorithms was evaluated in terms of time-to-detection and classification accuracy. Seven teams participated in the battle and proposed a variety of successful approaches leveraging data analysis, model-based detection mechanisms, and rule checking. Results were presented at the Water Distribution Systems Analysis Symposium (World Environmental and Water Resources Congress) in Sacramento, California on May 21–25, 2017. This paper summarizes the BATADAL problem, proposed algorithms, results, and future research directions.
Get full access to this article
View all available purchase options and get full access to this article.
Acknowledgments
Riccardo Taormina, Stefano Galelli, and Nils Ole Tippenhauer are supported by the National Research Foundation (NRF), Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2014NCR-NCR001-40). Demetrios Eliades is supported by the European Union’s Horizon 2020 research and innovation program under grant agreement No. 739551 (KIOS CoE). Mohsen Aghashahi and M. Katherine Banks are supported by Qatar National Research Fund (QNRF) under the grant NPRP8-1292-2-548. B. M. Brentan, Enrique Campbell, G. Lima, D. Manzi, D. Ayala-Cabrera, M. Herrera, I. Montalvo, J. Izquierdo, and E. Luvizotto Jr. are supported CAPES and CNPq founding agencies. The work of Marcio Giacomoni, Nikolaos Gatsis, and Ahmad Taha is supported by the US National Science Foundation under Grant No. 1728629. Ahmed Abokifa, Kelsey Haddad, Cynthia Lo, and Pratim Biswas’ work was carried out with the partial support from the Lucy and Stanley Lopata Endowment at Washington University in St. Louis.
References
Abokifa, A. A., K. Haddad, C. S. Lo, and P. Biswas. 2017. “Detection of cyber physical attacks on water distribution systems via principal component analysis and artificial neural networks.” In Proc., World Environmental and Water Resources Congress 2017, 676–691. Reston, VA: ASCE.
Adepu, S., G. Mishra, and A. Mathur. 2017. “Access control in water distribution networks: A case study.” In Proc., IEEE Int. Conf. on Software Quality, Reliability and Security (QRS), 2017, 184–191. Piscataway, NJ: IEEE.
Aghashahi, M., R. Sundararajan, M. Pourahmadi, and M. K. Banks. 2017. “Water distribution systems analysis symposium—Battle of the attack detection algorithms (BATADAL).” In Proc., World Environmental and Water Resources Congress 2017, 101–108. Reston, VA: ASCE.
Anderson, R. J. 2010. Security engineering: A guide to building dependable distributed systems. New York, NY: Wiley.
BATADAL. 2017. “The BATtle of the Attack Detection ALgorithms.” Accessed May 22, 2018. http://www.batadal.net.
Breiman, L. 2001. “Random forests.” Mach. Learn. 45 (1): 5–32. https://doi.org/10.1023/A:1010933404324.
Brentan, B. M., E. Campbell, G. Lima, D. Manzi, D. Ayala-Cabrera, M. Herrera, I. Montalvo, J. Izquierdo, and E. Luvizotto. 2017. “On-line cyber attack detection in water networks through state forecasting and control by pattern recognition.” In Proc., World Environmental and Water Resources Congress 2017, 583–592. Reston, VA: ASCE.
Cardenas, A., S. Amin, B. Sinopoli, A. Giani, A. Perrig, and S. Sastry. 2009. “Challenges for securing cyber physical systems.” In Vol. 5 of Proc., Workshop on Future Directions in Cyber-Physical Systems Security. Washington, DC: Department of Homeland Security.
Cardenas, A. A., S. Amin, and S. Sastry. 2008. “Secure control: Towards survivable cyber-physical systems.” In Proc., Conf. on Distributed Computing Systems Workshops (ICDCS), 495–500. Piscataway, NJ: IEEE.
Chandy, S. E., A. Rasekh, Z. A. Barker, B. Campbell, and M. E. Shafiee. 2017. “Detection of cyber-attacks to water systems through machine-learning-based anomaly detection in SCADA data.” In Proc., World Environmental and Water Resources Congress 2017, 611–616. Reston, VA: ASCE.
Díaz, S., J. González, and R. Mínguez. 2016. “Uncertainty evaluation for constrained state estimation in water distribution systems.” J. Water Resour. Plann. Manage. 142 (12): 06016004. https://doi.org/10.1061/(ASCE)WR.1943-5452.0000718.
Doersch, C. 2016. Tutorial on variational autoencoders. Ithaca, NY: Cornell Univ. Library.
Galelli, S., G. B. Humphrey, H. R. Maier, A. Castelletti, G. C. Dandy, and M. S. Gibbs. 2014. “An evaluation framework for input variable selection algorithms for environmental data-driven models.” Environ. Modell. Software 62: 33–51. https://doi.org/10.1016/j.envsoft.2014.08.015.
Giacomoni, M., N. Gatsis, and A. Taha. 2017. “Identification of cyber attacks on water distribution systems by unveiling low-dimensionality in the sensory data.” In Proc., World Environmental and Water Resources Congress 2017, 660–675. Reston, VA: ASCE.
Gong, W., M. A. Suresh, L. Smith, A. Ostfeld, R. Stoleru, A. Rasekh, and M. K. Banks. 2016. “Mobile sensor networks for optimal leak and backflow detection and localization in municipal water networks.” Environ. Modell. Software 80: 306–321. https://doi.org/10.1016/j.envsoft.2016.02.001.
Graham, J., R. Olson, and R. Howard. 2016. Cyber security essentials. Boca Raton, FL: CRC.
Guralnik, V., and J. Srivastava. 1999. “Event detection from time series data.” In Proc., 5th ACM SIGKDD Int. Conf. on Knowledge Discovery and Data Mining, 33–42. New York: ACM.
Hayes, M. A., and M. A. Capretz. 2015. “Contextual anomaly detection framework for big sensor data.” J. Big Data 2 (1): 2. https://doi.org/10.1186/s40537-014-0011-y.
Hill, D., B. Kerkez, A. Rasekh, A. Ostfeld, B. Minsker, and M. K. Banks. 2014. “Sensing and cyberinfrastructure for smarter water management: The promise and challenge of ubiquity.” J. Water Resour. Plann. Manage. 140 (7): 01814002. https://doi.org/10.1061/(ASCE)WR.1943-5452.0000449.
Housh, M., and Z. Ohar. 2017a. “Integrating physically based simulators with event detection systems: Multi-site detection approach.” Water Res. 110: 180–191. https://doi.org/10.1016/j.watres.2016.12.003.
Housh, M., and Z. Ohar. 2017b. “Model based approach for cyber-physical attacks detection in water distribution systems.” In Proc., World Environmental and Water Resources Congress 2017, 727–736. Reston, VA: ASCE.
Housh, M., and Z. Ohar. 2017c. “Multiobjective calibration of event-detection systems.” J. Water Resour. Plann. Manage. 143 (8): 06017004. https://doi.org/10.1061/(ASCE)WR.1943-5452.0000808.
ICS-CERT (Industrial Control Systems-Cyber Emergency Response Team). 2014. NCCIC/ICS-CERT year in review: FY 2013. Washington, DC: US Dept. of Homeland Security.
ICS-CERT (Industrial Control Systems-Cyber Emergency Response Team). 2015. NCCIC/ICS-CERT year in review: FY 2014. Washington, DC: US Dept. of Homeland Security.
ICS-CERT (Industrial Control Systems-Cyber Emergency Response Team). 2016. NCCIC/ICS-CERT year in review: FY 2015. Washington, DC: US Dept. of Homeland Security.
Karakaya, G., S. Galelli, S. D. Ahipaşaoğlu, and R. Taormina. 2016. “Identifying (quasi) equally informative subsets in feature selection problems for classification: A max-relevance min-redundancy approach.” IEEE Trans. Cybern. 46 (6): 1424–1437. https://doi.org/10.1109/TCYB.2015.2444435.
Kingma, D. P., and M. Welling. 2013. Auto-encoding variational bayes. Ithaca, NY: Cornell Univ. Library.
Lakhina, A., M. Crovella, and C. Diot. 2004. “Diagnosing network-wide traffic anomalies.” In Proc., 2004 Conf. on Applications, Technologies, Architectures, and Protocols for Computer Communications, SIGCOMM ‘04, 219–230. New York: Association for Computing Machinery’s Special Interest Group on Data Communications.
Lee, Y.-J., Y.-R. Yeh, and Y.-C. F. Wang. 2013. “Anomaly detection via online oversampling principal component analysis.” IEEE Trans. Knowl. Data Eng. 25 (7): 1460–1470. https://doi.org/10.1109/TKDE.2012.99.
Mardani, M., G. Mateos, and G. B. Giannakis. 2013. “Recovery of low-rank plus compressed sparse matrices with application to unveiling traffic anomalies.” IEEE Trans. Inf. Theory 59 (8): 5186–5205. https://doi.org/10.1109/TIT.2013.2257913.
Ostfeld, A., et al. 2008. “The battle of the water sensor networks (BWSN): A design challenge for engineers and algorithms.” J. Water Resour. Plann. Manage. 134 (6): 556–568. https://doi.org/10.1061/(ASCE)0733-9496(2008)134:6(556).
Ostfeld, A., et al. 2012. “Battle of the water calibration networks.” J. Water Resour. Plann. Manage. 138 (5): 523–532. https://doi.org/10.1061/(ASCE)WR.1943-5452.0000191.
Pasha, M. F. K., B. Kc, and S. L. Somasundaram. 2017. “An approach to detect the cyber-physical attack on water distribution system.” In Proc., World Environmental and Water Resources Congress 2017, 703–711. Reston, VA: ASCE.
Rasekh, A., A. Hassanzadeh, S. Mulchandani, S. Modi, and M. K. Banks. 2016. “Smart water networks and cyber security.” J. Water Resour. Plann. Manage. 142 (7): 01816004. https://doi.org/10.1061/(ASCE)WR.1943-5452.0000646.
Rossman, L. A. 2000. EPANET 2 users manual. Washington, DC: US Environmental Protection Agency.
Sayyed, M. A. H. A., R. Gupta, and T. T. Tanyimboh. 2015. “Noniterative application of EPANET for pressure dependent modelling of water distribution systems.” Water Resour. Manage. 29 (9): 3227–3242. https://doi.org/10.1007/s11269-015-0992-0.
Shang, F., J. G. Uber, and L. A. Rossman. 2007. “Modeling reaction and transport of multiple species in water distribution systems.” Environ. Sci. Technol. 42 (3): 808–814. https://doi.org/10.1021/es072011z.
Sokolova, M., and G. Lapalme. 2009. “A systematic analysis of performance measures for classification tasks.” Inf. Process. Manage. 45 (4): 427–437. https://doi.org/10.1016/j.ipm.2009.03.002.
Sønderlund, A. L., J. R. Smith, C. J. Hutton, Z. Kapelan, and D. Savic. 2016. “Effectiveness of smart meter-based consumption feedback in curbing household water use: Knowns and unknowns.” J. Water Resour. Plann. Manage. 142 (12): 04016060. https://doi.org/10.1061/(ASCE)WR.1943-5452.0000703.
Taormina, R. 2018. “epanetCPA: A MATLAB toolbox for assessing the impacts of cyber-physical attacks on water distribution systems.” Accessed May 22, 2018. https://github.com/rtaormina/epanetCPA.
Taormina, R., S. Galelli, N. O. Tippenhauer, E. Salomons, and A. Ostfeld. 2017. “Characterizing cyber-physical attacks on water distribution systems.” J. Water Resour. Plann. Manage. 143 (5): 04017009. https://doi.org/10.1061/(ASCE)WR.1943-5452.0000749.
The Times of Israel. 2018. “Israel tech to protect NY water systems from cyberattacks.” Accessed September 24, 2017. https://www.timesofisrael.com/israel-tech-to-protect-ny-water-systems-from-attack/.
Urbina, D., J. Giraldo, N. O. Tippenhauer, and A. Cárdenas. 2016. “Attacking fieldbus communications in ICS: Applications to the SWaT testbed.” In Proc., Singapore Cyber Security Conf. (SG-CRC). Amsterdam, Netherlands: IOS Press.
US Department of Homeland Security. 2017. “Critical infrastructure sectors.” Accessed September 24, 2017. https://www.dhs.gov/critical-infrastructure-sectors.
Information & Authors
Information
Published In
Copyright
©2018 American Society of Civil Engineers.
History
Received: Nov 5, 2017
Accepted: Feb 28, 2018
Published online: Jun 9, 2018
Published in print: Aug 1, 2018
Discussion open until: Nov 9, 2018
Authors
Metrics & Citations
Metrics
Citations
Download citation
If you have the appropriate software installed, you can download article citation data to the citation manager of your choice. Simply select your manager software from the list below and click Download.