Modern cyber-physical systems require effective intrusion detection systems to ensure adequate critical infrastructure protection. Developing an intrusion detection capability requires an understanding of the behavior of a cyber-physical system and causality of its components. Such an understanding enables the characterization of normal behavior and the identification and reporting of anomalous behavior. This chapter explores a relatively new time series analysis technique, empirical dynamic modeling, that can contribute to system understanding. Specifically, it examines if the technique can adequately describe causality in cyber-physical systems and provides insights into it serving as a foundation for intrusion detection.
14th International Conference on Critical Infrastructure Protection (ICCIP)
Version of record cited as:
Crow, D., Graham, S., Borghetti, B., Sweeney, P. (2020). Engaging Empirical Dynamic Modeling to Detect Intrusions in Cyber-Physical Systems. In: Staggs, J., Shenoi, S. (eds) Critical Infrastructure Protection XIV. ICCIP 2020. IFIP Advances in Information and Communication Technology, vol 596. Springer, Cham. https://doi.org/10.1007/978-3-030-62840-6_6
HAL Open Science Repository manuscript version cited as:
David Crow, Scott Graham, Brett Borghetti, Patrick Sweeney. Engaging Empirical Dynamic Modeling to Detect Intrusions in Cyber-Physical Systems. 14th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2020, Arlington, VA, United States. pp.111-133, ⟨10.1007/978-3-030-62840-6_6⟩. ⟨hal-03794637⟩