Abstract
Most scientific contributions addressing cybersecurity issues in water distribution networks (WDNs) propose detection systems without considering the location problem. A methodology for detection and location of cyberattacks in WDNs is proposed in this paper. Structural analysis and neural networks are effectively combined with the control chart adaptive exponential weighted moving average (AEWMA). The proposed detection and location framework requires only data from normal operating conditions and knowledge about the behavioral model of the system. The validity of the methodology was demonstrated with the widely known case study Battle of the Attack Detection Algorithms (BATADAL). The detection method detected all the attacks with a false positive rate (false alarm rate) below 5% and true positive rate (TPR) (i.e., the detection rate) higher than 95%. The location method presents consistent diagnosis results while guaranteeing that the district metering area under attack always is identified.
Practical Applications
Water distribution networks are critical infrastructure for a country because they ensure the distribution of a basic element for life. The current development of electronics and communication technologies has made it possible to achieve automated management of water distribution networks, which has led to better rates of efficiency in water management and control. However, that technological development and the fact that WDNs are critical infrastructures make water distribution networks central targets for cyberattacks that seek to interrupt this basic service, temporarily or permanently affecting production and services. In this paper, a methodology is proposed for the detection and localization of cyberattacks on water distribution networks using computational intelligence tools that do not require new technological investments. The proposed methodology works with the data that the supervision and control system obtain from the real process. The results of the application of the proposed methodology will allow managers to make appropriate decisions to avoid the effects that cybertacks can produce.
Formats available
You can view the full content in the following formats:
Data Availability Statement
The data that support the findings of this study in the C-Town WDN case study are openly available in BATADAL repository at https://www.batadal.net/data.html. The E-Town WDN case study used the data sets generated by Kadosh et al. (2020). For the structural analysis, the library at https://faultdiagnosistoolbox.github.io/ was used with the parametrization indicated in the paper. For the autoencoders, the code of the function trainAutoencoder available (https://www.mathworks.com/help/deeplearning/ref/trainAutoencoder.html) was used. A detailed guide to reproducing the experiments developed in the investigation and two zipped files with all MATLAB scripts and the functions used in them are available at https://github.com/rmclaudia/cyberattacks_wdn.git.
Reproducible Results
Reviewer Ayman Nassar was able to reproduce all figures and results presented in the article.
Acknowledgments
Authors Claudia Rodrguez Martnez and Orestes Llanes-Santiago acknowledge the financial support provided by Project No. PN223LH004-023, National Program of Research and Innovation ARIA from the Ministry of Science, Technology and Environment (CITMA), Cuba.
References
Abokifa, A., K. Haddad, C. Lo, and P. Biswas. 2017. “Detection of cyber physical attacks on water distribution systems via principal component analysis and artificial neural networks.” In World environmental and water resources congress, 676–691. Reston, VA: ASCE.
Abokifa, A., K. Haddad, C. Lo, and P. Biswas. 2019. “Real-time identification of cyber-physical attacks on water distribution systems via machine learning–based anomaly detection techniques.” J. Water Plann. Manage. 145 (1): 04018089. https://doi.org/10.1061/%28ASCE%29WR.1943-5452.0001023.
Adedeji, K., and Y. Hamam. 2020. “Cyber-physical systems for water supply network management: Basics, challenges, and roadmap.” Sustainability 12 (22): 9555. https://doi.org/10.3390/su12229555.
Adepu, A., V. Palleti, G. Mishra, and A. Mathur. 2020. “Investigation of cyber attacks on a water distribution system.” In Vol. 12418 of Proc., Applied Cryptography and Network Security Workshops. ACNS 2020, 274–291. Zürich, Switzerland: Springer.
Aghashahi, M., R. Sundararajan, M. Pourahmadi, and M. Banks. 2017. “Water distribution systems analysis symposium– BATtle of the Attack Detection ALgorithms (BATADAL).” In World environmental and water resources congress, 101–108. Reston, VA: ASCE.
Ahmed, C., C. Murgia, and J. Ruths. 2017. “Model-based attack detection scheme for smart water distribution networks.” In Proc., 2017 ACM on Asia Conf. on Computer and Communications Security, 101–113. Abu Dhabi, United Arab Emirates: Association for Computing Machinery.
Aly, A., R. Hamed, and M. Mahmoud. 2015. “Optimal design of the adaptive exponentially weighted moving average control chart over a range of mean shifts.” Commun. Stat. - Simul. Comput. 46 (2): 890–902. https://doi.org/10.1080/03610918.2014.983650.
Amin, S., X. Litrico, S. Sastry, and A. Bayen. 2013. “Cyber security of water SCADA systems—Part II: Attack detection using enhanced hydrodynamic models.” IEEE Trans. Control Syst. Technol. 21 (5): 1679–1693. https://doi.org/10.1109/TCST.2012.2211874.
Baldi, P. 2012. “Autoencoders, unsupervised learning, and deep architectures.” In Proc., ICML Workshop on Unsupervised and Transfer Learning 2012 June 27, 37–49. Bellevue, WA: JMLR Workshop and Conference Proceedings.
Berglund, E., J. Pesantez, A. Rasekh, M. Shafiee, L. Sela, and T. Haxton. 2020. “Review of modeling methodologies for managing water distribution security.” J. Water Resour. Plann. Manage. 146 (8): 03120001. https://doi.org/10.1061/(ASCE)WR.1943-5452.0001265.
Blanke, M., M. Kinnaert, J. Lunze, and M. Staroswiecki. 2006. Diagnosis and fault-tolerant control. Singapore: Springer.
Brentan, B., E. Campbell, G. Lima, D. Manzi, D. Ayala-Cabrera, M. Herrera, I. Montalvo, J. Izquierdo, and L. E. Jr. 2017. “On-line cyber attack detection in water networks through state forecasting and control by pattern recognition.” In World environmental and water resources congress, 583–592. Reston, VA: ASCE.
Breuning, M., H.-P. Kriegel, R. Ng, and J. Sander. 2000. “Lof: Identifying density-based local outliers.” ACM SIGMOD Rec. 29 (2): 93–104. https://doi.org/10.1145/342009.335388.
Capizzi, G., and G. Masarotto. 2003. “An adaptive exponentially weighted moving average control chart.” Technometrics 45 (3): 199–207. https://doi.org/10.1198/004017003000000023.
Chandy, S., A. Rasekh, Z. Barker, B. Campbell, and M. Shafiee. 2017. “Detection of cyber-attacks to water systems through machine-learning-based anomaly detection in scada data.” In World environmental and water resources congress, 611–616. Reston, VA: ASCE. https://doi.org/10.1061/9780784480625.057.
Chandy, S., A. Rasekh, Z. Barker, and M. Shafiee. 2019. “Cyberattack detection using deep generative models with variational inference.” J. Water Resour. Plann. Manage. 145 (2): 04018093. https://doi.org/10.1061/(ASCE)WR.1943-5452.0001007.
Clark, R., S. Panguliri, T. Nelson, and R. Wyman. 2017. “Protecting drinking water utilities from cyberthreats.” J. AWWA 109 (2): 50–58. https://doi.org/10.5942/jawwa.2017.109.0021.
Düstegör, D., E. Frisk, V. Cocquempot, M. Krysander, and M. Staroswiecki. 2006. “Structural analysis of fault isolability in the DAMADICS benchmark.” Control Eng. Pract. 14 (6): 597–608.
Frisk, E., M. Krysander, and D. Jung. 2017. “A Toolbox for analysis and design of model based diagnosis system for large scale models.” IFAC-PapersOnLine 50 (1): 3287–3293. https://doi.org/10.1016/j.ifacol.2017.08.504.
Giacomoni, M., N. Gatsis, and A. Taha. 2017. “Identification of cyber attacks on water distribution systems by unveiling low-dimensionality in the sensory data.” In World environmental and water resources congress, 660–675. Reston, VA: ASCE.
Hassanzadeh, A., A. Rasekh, S. Galelli, M. Aghashahi, R. Taormina, A. Ostfeld, and M. Banks. 2020. “A review of cybersecurity incidents in the water sector.” J. Environ. Eng. 146 (5): 03120003. https://doi.org/10.1061/(ASCE)EE.1943-7870.0001686.
Hawkins, D. M., and D. H. Olwell. 1998. Cumulative sum charts and charting for quality improvement. New York: Springer.
Housh, M., and Z. Ohar. 2017. “Model-based approach for cyber-physical attack detection in water distribution systems.” In World environmental and water resources congress, 727–736. Reston, VA: ASCE.
Housh, M., and Z. Ohar. 2018. “Model-based approach for cyber-physical attack detection in water distribution systems.” Water Res. 139 (Aug): 132–143. https://doi.org/10.1016/j.watres.2018.03.039.
Kadosh, N., A. Frid, and M. Housh. 2020. “Detecting cyber-physical attacks in water distribution systems: One-class classifier approach.” J. Water Resour. Plann. Manage. 146 (8): 04020060. https://doi.org/10.1061/(ASCE)WR.1943-5452.0001259.
Khan, S., and M. Madden. 2014. “One-class classification: Taxonomy of study and review of techniques.” Knowl. Eng. Rev. 29 (3): 345–374. https://doi.org/10.1017/S026988891300043X.
Kriegel, H.-P., P. Kröeger, E. Schubert, and A. Zimek. 2009. “Outlier detection in axis-parallel subspaces of high dimensional data.” In Vol. 5476 of Proc., Pacific-Asia Conf. on Knowledge Discovery and Data Mining, 831–838. Berlin: Springer.
Krysander, M., J. Aslund, and M. Nyberg. 2008. “An efficient algorithm for finding minimal overconstrained subsystems for model based diagnosis.” IEEE Trans. Syst. Man Cybern. Part A Syst. Humans 38 (1): 197–206. https://doi.org/10.1109/TSMCA.2007.909555.
Krysander, M., and E. Frisk. 2008. “Sensor placement for fault diagnosis.” IEEE Trans. Syst. Man Cybern. Part A Syst. Humans 38 (6): 1398–1410. https://doi.org/10.1109/TSMCA.2008.2003968.
Leys, C., O. Klein, Y. Dominicy, and C. Ley. 2018. “Detecting multivariate outliers: Use a robust variant of the Mahalanobis distance.” J. Exp. Social Psychol. 74 (Jan): 150–156. https://doi.org/10.1016/j.jesp.2017.09.011.
Makhzani, A., and B. Frey. 2016. “k-sparse autoencoders.” Preprint, submitted December 19, 2013. https://arxiv.org/abs/1312.5663v2.
Montgomery, D. 2013. Introduction to statistical quality control. Hoboken, NJ: Wiley.
Ng, A. 2010. “Sparse Autoencoder.” Accessed February 14, 2023. https://web.stanford.edu/class/cs294a/sparseAutoencoder_2011new.pdf.
Pasha, M., B. Kc, and S. Somasundaram. 2017. “An approach to detect the cyber-physical attack on water distribution system.” In World environmental and water resources congress, 703–711. Reston, VA: ASCE.
Quiñones Grueiro, M., M. J. Ares-Milián, M. Sánchez Rivero, A. J. Silva Neto, and O. Llanes-Santiago. 2021. “Robust leak localization in water distribution networks using computational intelligence.” Neurocomputing 438 (May): 195–208.
Quiñones Grueiro, M., O. Llanes-Santiago, A. Prieto Moreno, and C. Verde. 2019. “Decision support system for cyber attack diagnosis in smart water networks.” IFAC-PapersOnLine 51 (34): 329–334.
Ramotsoela, D., G. Hancke, and A. Abu-Mahfouz. 2019. “Attack detection in water distribution systems using machine learning.” Hum.-centric Comput. Inf. Sci. 9 (13): 1–22. https://doi.org/10.1186/s13673-019-0175-8.
Rasekh, A., A. Hassanzadeh, S. Mulchandani, S. Modi, and M. K. Banks. 2016. “Smart water networks and cyber security.” J. Water Resour. Plann. Manage. 142 (7): 01816004. https://doi.org/10.1061/(ASCE)WR.1943-5452.0000646.
Roberts, S. 1959. “Control chart tests based on geometric moving averages.” Technometrics 42 (1): 239–250. https://doi.org/10.1080/00401706.1959.10489860.
Saldarriga, J., J. Bohorquez, D. Cleita, L. Vega, D. Paez, D. Savic, G. Dandy, Y. Filion, W. Grayman, and Z. Kapelan. 2019. “Battle of the water networks district metered areas.” J. Water Resour. Plann. Manage. 145 (4): 04019002. https://doi.org/10.1061/%28ASCE%29WR.1943-5452.0001035.
Salomons, E., O. Skulovich, and A. Ostfeld. 2017. “Battle of water networks DMAs: Multistage design approach.” J. Water Resour. Plann. Manage. 143 (10): 04017059. https://doi.org/10.1061/(ASCE)WR.1943-5452.0000830.
Shapira, N., O. Ayalon, A. Ostfeld, Y. Farber, and M. Housh. 2021. “Cybersecurity in water sector: Stakeholders perspective.” J. Water Resour. Plann. Manage. 147 (8): 05021008. https://doi.org/10.1061/(ASCE)WR.1943-5452.0001400.
Shmueli, G., P. Bruce, I. Yahav, N. Patel, and K. J. Lichtendahl. 2017. Data mining for business analytics: Concepts, techniques, and applications. Hoboken, NJ: Wiley.
Taormina, R., et al. 2018a. “The battle of the attack detection algorithms: Disclosing cyber attacks on water distribution networks.” J. Water Resour. Plann. Manage. 144 (8): 04018048. https://doi.org/10.1061/(ASCE)WR.1943-5452.0000969.
Taormina, R., and S. Galelli. 2018. “Deep-learning approach to the detection and localization of cyber-physical attacks on water distribution systems.” J. Water Resour. Plann. Manage. 144 (10): 04018065. https://doi.org/10.1061/(ASCE)WR.1943-5452.0000983.
Taormina, R., S. Galelli, H. C. Douglas, N. O. Tippenhauer, E. Salomons, and A. Ostfeld. 2018b. “A toolbox for assessing the impacts of cyber-physical attacks on water distribution systems.” Environ. Modell. Software 112 (Feb): 46–51. https://doi.org/10.1016/j.envsoft.2018.11.008.
Taormina, R., S. Galelli, N. Tippenhauer, A. Ostfeld, and E. Salomons. 2016. “Assessing the effect of cyber-physical attacks on water distribution systems.” In World environmental and water resources congress 2016, 436–442. Reston, VA: ASCE.
Taormina, R., S. Galelli, N. Tippenhauer, E. Salomons, and A. Ostfeld. 2017. “Characterizing cyber-physical attacks on water distribution systems.” J. Water Resour. Plann. Manage. 143 (5): 04017009. https://doi.org/10.1061/%28ASCE%29WR.1943-5452.0000749.
Tuptuk, N., P. Hazell, J. Watson, and S. Hailes. 2021. “A systematic review of the state of cyber-security in water systems.” Water 13 (1): 81.
Wheeler, D. J. 2000. Understanding variation: The key to managing chaos. Knoxville, TN: SPC Press.
World Bank. 2016. “The world bank and the international water association to establish a partnership to reduce water losses.” Accessed February 14, 2023. https://www.worldbank.org/en/news/press-release/2016/09/01/the-world-bank-and-the-international-water-association-to-establish-a-partnership-to-reduce-water-losses.
Information & Authors
Information
Published In
Journal of Water Resources Planning and Management
Volume 149 • Issue 5 • May 2023
Copyright
This work is made available under the terms of the Creative Commons Attribution 4.0 International license, https://creativecommons.org/licenses/by/4.0/.
History
Received: Mar 11, 2021
Accepted: Dec 4, 2022
Published online: Feb 25, 2023
Published in print: May 1, 2023
Discussion open until: Jul 25, 2023
Authors
Metrics & Citations
Metrics
Citations
Download citation
If you have the appropriate software installed, you can download article citation data to the citation manager of your choice. Simply select your manager software from the list below and click Download.
Cited by
- James H. Stagge, David E. Rosenberg, Anthony M. Castronova, Avi Ostfeld, Amber Spackman Jones, Journal of Water Resources Planning and Management’s Reproducibility Review Program: Accomplishments, Lessons, and Next Steps, Journal of Water Resources Planning and Management, 10.1061/JWRMD5.WRENG-6559, 150, 8, (2024).