当前位置: 首页 > 学术信息 > 正文
学术信息

邓坤元参加IEEE TrustCom/BigDataSE 2019国际会议学术报告

发布时间:2019年09月09日 来源:suncitygroup太阳新城官网 浏览次数:

会议名称:2019年IEEE计算机与通信领域的信任,安全和隐私/大数据安全会议(TrustCom/BigDataSE2019)

报告时间:2019年9月4日(星期三)下午16:00——17:00

报告地点:铁道校区第二综合实验楼513会议室

报告人:邓坤元

报告题目:Power-Grid Controller Anomaly Detection withEnhanced Temporal Deep Learning

摘要:Controllers of security-critical cyber-physical systems, like the power grid, are a very important class of computersystems. Attacks against the control code of a power-grid system,especially zero-day attacks, can be catastrophic. Earlier detectionof the anomalies can prevent further damage. However, detectingzero-day attacks is extremely challenging because they have noknown code and have unknown behavior. Furthermore, if data collected from the controller is transferred to a server throughnetworks for analysis and detection of anomalous behavior, thiscreates a very large attack surface and also delays detection.In order to address this problem, we propose ReconstructionError Distribution (RED) of Hardware Performance Counters(HPCs), and a data-driven defense system based on it. Specifically, we first train a temporal deep learning model, using onlynormal HPC readings from legitimate processes that run dailyin these power-grid systems, to model the normal behavior of thepower-grid controller. Then, we run this model using real-timedata from commonly available HPCs. We use the proposed REDto enhance the temporal deep learning detection of anomalousbehavior, by estimating distribution deviations from the normalbehavior with an effective statistical test. Experimental results ona real power-grid controller show that we can detect anomalousbehavior with high accuracy (>99.9%), nearly zero false positivesand short (<360ms) latency

联系电话:0731-88830700

版权所有:suncitygroup太阳新城(中国)集团官方网站