Intrusion Detection in Cyber-Physical Systems Based on Petri Net
Intrusion detection is a major concern in Cyber-Physical Systems (CPSs). In this paper, an algorithm based on Petri Net (PN) is proposed that simultaneously detects misuse and anomaly behavior of the system. The proposed anomaly detection method is applicable to Supervisory Control and Data Acquisition (SCADA) system at the highest level of CPSs. Neural First Order Hybrid Petri Net model (NFOHPN) with online fast Independent Component Analysis (ICA) is proposed for anomaly detection. It is shown that the use of distributed and multidisciplinary intrusion detection methods in different layers of CPSs increases security of the net against coordinated cyber-attacks. Simulation results and comparative studies based on the Defense Advanced Research Projects Agency (DARPA) evaluation datasets demonstrate that the proposed model can detect normal or malicious behavior with satisfying accuracy and at surprisingly high convergence speed.