Practical Evaluation of Poisoning Attacks on Online Anomaly Detectors in Industrial Control Systems

Recently, neural networks (NNs) have been proposed for the detection of cyber attacks targeting industrial control systems (ICSs). Such detectors are often retrained, using data collected during system operation, to cope with evolution monitored signals over time. However, by exploiting this mechanism, an attacker can fake provided corrupted sensors at training time and poison learning process detector allow stay undetected test Previous work explored ability generate adversarial samples that fool anomaly models in ICSs but without compromising their process. With research, we first demonstrate such poisoning on ICS attack online based networks. We propose two distinct algorithms, namely, interpolation- back-gradient-based poisoning, effectiveness. The evaluation is conducted diverse sources: synthetic data, real-world testbed a simulation Tennessee Eastman This practical tool highlights challenges dynamically controlled systems. generality methods under different NN parameters architectures studied. Lastly, analyze some potential mitigation strategies.