Abstract
Much of our most important infrastructure is a cyberphysical system. The power grid is a prime example: it is a physical network governed by the laws of physics and controlled by the cyber network. An attack on the communication network that controls the power grid could not only cause temporary blackouts, but cause permanent damage to generators and transformers. Stuxnet is a well-known example of a cyberphysical attack in which a computer virus was used to destroy Iranian centrifuges. Water systems, gas pipelines, and military bases are other systems that are vulnerable to attacks through the cyber system that have consequences in the physical world. This talk presents work from a project to detect intrusions into such a system. We use data from the climate control system of LANL office building. We treat the problem as anomaly detection in streams of data collected from sensors on the infrastructure, combined with cyber traffic. This talk will present a method for characterizing typical behavior from such streams as a building block for the anomaly detection. We adapt a hidden Markov model used for time series alignment to estimate recurring patterns in multivariate time series. The HMM architecture provides a method for filtering the data as it streams to produce standardized residuals that can be used to detect intrusions.
Biography
Since 2006 Kary Myers has been a scientist in the Statistical Sciences group at Los Alamos National Laboratory. She earned her PhD from Carnegie Mellon’s Statistics Department and her MS from their Machine Learning Department. At Los Alamos she’s been involved with projects examining electromagnetic measurements, large scale computer simulations, and chemical spectra from the Mars Science Laboratory Curiosity Rover. She serves as an associate editor for the Annals of Applied Statistics and the Journal of Quantitative Analysis in Sports, and she created and organizes CoDA, the Conference on Data Analysis, cnls.lanl.gov/coda.