IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO.
1, JANUARY 1, 2021
False Data Injection Attack Detection for Industrial
Control Systems Based on Both Time- and
Frequency-Domain Analysis of Sensor Data
Dajian Huang, Xiufang Shi , Member, IEEE, and Wen-An Zhang , Member, IEEE
Abstract—This article studies the intrusion detection problem
for industrial control systems (ICSs) with repetitive machining
under false data injection (FDI) attacks. A data-driven intrusion
detection method is proposed based on both time- and frequency-
domain analysis. The proposed method only utilizes the sensor
measurements required in closed-loop control, and does not con-
sume additional system resources or rely on the system model. In
addition, features in time and frequency domain are extracted at
the same time, having higher reliability than the intrusion detec-
tion methods which only utilize the features in time domain.
After feature extraction, hidden Markov models (HMMs) are
established by using the feature vectors under normal operating
conditions of the ICS, and then the trained HMMs are utilized in
real-time intrusion detection. Finally, experiments are carried out
on a networked multiaxis engraving machine with FDI attacks.
The experimental results show the effectiveness and superiority
of the proposed intrusion detection method.
Index Terms—False data injection (FDI) attacks, hidden
Markov model (HMM), industrial control systems (ICSs), intru-
sion detection, signal analysis.
I. I NTRODUCTION
HE EARLY industrial control systems (ICSs) were rela-
T tively independent and isolated from the external Internet.
However, with the rapid development and applications of the
industrial communication networks, ICS is gradually develop-
ing toward a networked and open architecture. The centralized
control structure has been transformed into the current dis-
tributed control structure. Many computation and information
transmission functions have been gradually decentralized and
spread from the central node to the edge nodes, that is, edge
computing (EC), where resource provisioning is pushed from
the cloud infrastructure to the edge of the Internet [1]. This is
right because of the development of Internet-of-Things (IoT)
technology that each node in ICS, such as sensor, controller, or
actuator, can be equipped with IoT modules, thus having the
ability of computation and information transmission. Industrial
Manuscript received April 23, 2020; revised May 24, 2020; accepted
June 22, 2020. Date of publication July 7, 2020; date of current ver-
sion December 21, 2020. This work was supported in part by the Key
Research and Development Program Projects in Zhejiang Province under
Award 2019C03098, and in part by the National Natural Science Foundation
of China under Grant 61822311 and Grant 61801422. (Corresponding author:
Wen-An Zhang.)
The authors are with the College of Information Engineering,
Zhejiang University of Technology, Hangzhou 310023, China (e-mail:
humdrumj@163.com; xiufangshi@zjut.edu.cn; wazhang@zjut.edu.cn).
Digital Object Identifier 10.1109/JIOT.2020.3007155
2327-4662 
c 2020 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See https://www.ieee.org/publications/rights/index.html for more information.
585
remote sensing sensors used in remote control systems are a
good example [2]. In the context of the industrial Internet, IoT
technology has promoted the development of ICS toward a dis-
tributed and edge-cloud collaboration architecture. Meanwhile,
ICS is also an application of IoT and the original closedness
of ICS is broken. Various viruses, e.g., Trojans intrude the ICS
within normal information flow, which seriously threatens the
security of ICS. In recent years, ICS security incidents have
also increased, thus it is of great importance to design secu-
rity protection schemes for ICS [3]–[5]. False data injection
(FDI) attacks [6] can destroy the normal processing of the
ICS by tampering with the data transmitted in the network.
It can be implemented by man-in-the-middle (MITM) attacks
and internal attacks, and has good concealment. For exam-
ple, the famous “Stuxnet virus” was implemented by internal
attacks [7]. FDI attacks are one of the main security threats
of current ICS.
ICS security protection has received widespread attentions
from both industry and academia. People began to learn
from the field of traditional information security to solve
ICS security protection issues, such as industrial firewalls,
ICS vulnerability mining, and risk assessment [8]–[10]. While
vulnerability mining and risk assessment cannot provide real-
time network security protection. Advanced attackers can find
the vulnerabilities in the firewall, and bypass the firewall for
attacks. Besides, the firewall cannot defend against internal
attacks. Intrusion detection is promising to ensure system
security through system monitoring and abnormal warning.
It collects information about devices and networks in ICS.
The data are analyzed and identified to determine whether
there is abnormal behavior in the system. Therefore, as an
active protection technology for system security, the intrusion
detection method can effectively make up for the shortcomings
of traditional security protection technologies, such as a fire-
wall. It is regarded as the second security defense line of ICS,
which can realize real-time detection of external and internal
intrusions [11].
Traditional information technologies are used to solve the
intrusion detection issues of ICS, including network-based
and host-based (device-based) methods. The network-based
intrusion detection obtains the features of the key field by
acquiring the information in the network information flow,
and performs real-time detection using data packets, traffic,
protocols, and topology structures in the network [12]–[16].
For FDI attacks, there is no significant change in network
586
traffic. Besides, the operational behaviors of the monitored
ICS are not fully accessible to the network-level information.
In some cases, if the cyberattack behavior does not violate
the protocol used by ICS or the communication mode among
devices, the network-based intrusion detection system will not
be able to detect such attacks. The host-based intrusion detec-
tion methods check the audit of the host device, the process
status of the device, the log content, and attributes, such as
the login status of the device, the operation authority of the
operator on the device and the file, the sensitive operation
performed by the operator, the operation variables and out-
put variables of the device, operating states of device and
other information, based on which, the anomalous behaviors
are identified [17]–[26]. However, this kind of methods con-
sumes a lot of system resources in acquiring and analyzing
the above-mentioned data, and may not meet the real-time
requirements of the ICS due to weak computing and storage
capabilities of the equipment [27]. Moreover, due to the differ-
ences in the structure and functions between various ICSs, the
host-based intrusion detection methods have low portability.
Although many kinds of traditional information technologies
have been designed in the regular IT system, these technolo-
gies cannot be applied in ICSs without any change due to
the industrial-oriented communication protocols or the unique
properties [26].
For the ICS, if the devices, e.g., sensors or controllers are
attacked or the network transmission is destroyed or falsi-
fied, the input and output signals of the controlled object
will eventually deviate from the normal working condition.
Xu et al. [28] has experimentally verified that the attacks
may cause blindness and malfunction of sensors. From this
point of view, the result is similar to a system fault (such as
a sensor fault). Therefore, many researchers use fault diag-
nosis and bad data detection to solve the intrusion detection
issues of ICS, such as binary hypothesis detector under the
Bayesian framework [29], [30], least-squares detector [31],
χ 2 -detector based on the statistical feature analysis [32],
and residual generation principle-based detector [33]–[35].
However, most of these detectors need a precise ICS model,
whose accuracy will affect the accuracy and reliability of
intrusion detection. In addition, once the attacker knows
the model parameters of the ICS, it can design a covert
FDI attack and successfully escape these intrusion detection
methods [6].
Therefore, how to design an intrusion detection method that
neither depends on the ICS model nor needs additional system
resources is particularly important. Note that in the closed-
loop feedback control of ICS, the system needs to acquire
the system output measured by various sensors. If we can
directly utilize these sensor measurements in intrusion detec-
tion, there would be no requirement on system resources or
system models. Besides, the signals transmitted through the
network in the ICS include the reference signals sent from the
server to the controller, the control signals sent from the con-
trollers to the actuators, and the output signals sent from the
sensors to the controllers. No matter what data are modified
by the attackers, it will eventually affect the system output
because the system is closed-loop controlled. Therefore, it
IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 1, JANUARY 1, 2021
Fig. 1. Typical structure of networked ICS with repetitive processing.
is feasible to implement intrusion detection by analyzing the
system output from sensor measurements.
To this end, this article proposes an ICS intrusion detec-
tion method based on the analysis of sensor measurements.
The proposed method includes three parts: 1) zero-mean pro-
cessing of the sensor data to obtain the deviation between the
actual trajectory and the expected trajectory; 2) feature extrac-
tion from both the time and frequency domain; and 3) hidden
Markov models (HMMs) training using the extracted features
under normal operating conditions and real-time intrusion
detection using the trained HMMs. The main contributions
of this article are summarized as follows.
1) Consider the ICS with repetitive processing, a data-
driven intrusion detection method using only sensor
measurements is proposed. This method does not rely
on the system model. Moreover, since the utilized
sensor measurements are the system output in closed-
loop control, there is no additional system resource
consumption.
2) For the sensor measurements, features in both time and
frequency domain are extracted at the same time, they
are more reliable than the time-domain features utilized
in the existing intrusion detection methods.
3) Experiments are carried out on a self-developed net-
worked multiaxis engraving platform. The experimental
results show the effectiveness and superiority of the
proposed intrusion detection method.
The remainder of this article is organized as follows. Section II
describes the FDI intrusion detection problem to be solved.
Section III introduces the proposed HMM-based intrusion
detection method. Section IV shows the experimental results.
Section V concludes this article and provides some research
directions in the future. Notations in this paper are presented
in Table I.
II. P ROBLEM S TATEMENT
We consider a networked ICS with repetitive processing
as shown in Fig. 1, which is very common in industrial
systems. The server sends the reference trajectory to the field
controller through the network, the controller (proportion inte-
gration differentiation) calculates the control input according
to the deviation between the reference trajectory and the actual
machining trajectory measured by the sensors, then sends the
HUANG et al.: FALSE DATA INJECTION ATTACK DETECTION FOR INDUSTRIAL CONTROL SYSTEMS
TABLE I
N OTATIONS
control input to the actuator through the field bus to execute the
control input. During the data transmission between the server
and the controller, it may be subject to MITM attacks from
the network or internal attacks by internal operators. These
internal attacks and MITM attacks can inject false data into
the reference trajectory and control input. Whether the refer-
ence trajectory or the control input is modified, it will make the
actual machining trajectory deviate from the normal value. In
this article, our purpose is to implement intrusion detection by
analyzing the data of the actual machining trajectory measured
by sensors.
The reference trajectory at the t-sampling moment is
denoted by s(t). Due to the measurement errors of the sen-
sors, the actual measured machining trajectory values at the
t-sampling time can be represented as
g(t) = s(t) + ξ (t) (1)
where ξ(t) is the measurement noise, which is generally
assumed to follow a zero-mean white Gaussian distribution
N(0, σ 2 ), and σ 2 is the noise variance.
In this work, adversaries may launch attacks by tamper-
ing with sensor measurements. The output of the closed-loop
control will then be abnormal due to the tampered measure-
ments. If the system is subject to FDI attacks, the sensor
measurements will be
f (t) = s(t) + ξ (t) + η(t) (2)
where η(t) represents the interference added to the sen-
sor measurements by the attacker, f (t) represents tampered
measurements. Since the considered system has a repetitive
process, the reference trajectory repetition period is set as T,
namely, s(t) = s(t + T).
It is worth noting that the noise is caused by environmental
factors, mechanical resonance, sensor measurement errors or
587
other factors, and the interference is an attack signal added
by the attacker, such as a sine signal. To ensure concealment,
adversaries may set the amplitude of η(t) to be much smaller
than the amplitude of g(t).
The objective of the article is to design a data-driven FDI
attack detection method. The proposed method implements the
detection of FDI attacks only by using the measurements f (t)
of the actual machining trajectory, no explicit mathematical
model of the controlled object is required. We will extract
the time- and frequency-domain features of the sensor mea-
surements, and then design an appropriate machine learning
method to achieve real-time intrusion detection. The designed
method needs to meet the safety and real-time performance
requirements of the ICS.
III. P ROPOSED I NTRUSION D ETECTION M ETHOD
The idea of the proposed intrusion detection method is
shown in Fig. 2. The data f (t) are processed by the zero-
mean method first; and then the signal processing technique
is employed to extract the features in both time and frequency
domain; finally, the computationally efficient HMM is used
for intrusion detection.
A. Data Processing
When the system is under attack, the measured data will
be changed due to the injected data. Since the amplitude of
η(t) is much smaller than the amplitude of g(t), g(t) is similar
to f (t). In such condition, directly distinguishing between the
measured data stream f (t) and g(t) is difficult. It is necessary
to extract the features effectively from the data for intrusion
detection.
In order to eliminate the impact of reference trajectory
signal s(t) of intrusion detection, s(t) is separated from the
measurement signal f (t), and the residual information ξ(t) or
ξ(t) + η(t) in the normal state is compared with that under
attack. The zero-mean method is employed to implement this
idea, as is shown in Fig. 3, where the data at the 800th point
of 100 periods of the experimental data are presented. It is
noted that the reference trajectory is periodic, and the actual
measurements consist of reference trajectory and noise. The
data at the same sampling points in different periods are shown
in the bottom left of Fig. 3, which are approximated as noise
with a certain mean value, and is conformed to the normal
distribution law as shown in the bottom right of Fig. 3.
To preserve the attack signal and eliminate other signals
in the data, the following operations are performed. First, the
mean values of the data over multiple periods are calculated
as follows:
N
gn (t)
f̄ (t) = n=1 (3)
 N 
F̄ = f̄ (1), f̄ (2), . . . , f̄ (T) (4)
where T is the period length, t = 1, . . . , T, N is the number
of periods, gn (t) is the measurements at the t sample points in
the nth period, f̄ (t) is the corresponding mean value of g(t) at
the t sample points, f̄ (t) = f̄ (t + T), and F̄ is the mean vector
of the measurements in N periods.
588
Fig. 2. Intrusion detection using time- and frequency-domain analysis.
Fig. 3. Gaussian properties of periodic data.
Second, the mean values are subtracted from the new data,
namely, zero mean, to obtain the error signal as follows:
R(t) = f (t) − f̄ (t).
By subtracting the mean f̄ (t) from the new data, the data we
obtain are zero mean. With this step, the original data stream
is transformed into the error signal, which will eliminate the
influence of the original signal on intrusion detection.
B. Feature Extraction
After zero-mean data processing, the proportion of the
attack signal in the error signal is larger than that in the mea-
sured data, and it is easier to extract the features in the time
domain to find out the abnormal situation. In the time domain,
however, the features are limited, and some attacks may escape
from time-domain analysis (for example, a sinusoidal attack
whose amplitude is almost the same as the error signal, but
with a very high frequency, which will affect the actuators
and controllers after a long run). In order to extract more
comprehensive features, the information in the time domain
is combined with that in the frequency domain.
1) Time-Domain Analysis: Discrete HMM is considered for
training and intrusion detection. The error signal is represented
IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 1, JANUARY 1, 2021
(a)
(b)
Fig. 4. Schematic of feature extraction using the sliding window technique.
(a) Feature extraction in time domain. (b) Feature extraction in frequency
domain.
by a feature vector Etime (t) in time domain, and is quantized
manually according to the range of actual feature vector (for
example, a value between 0.000 and 0.001 is quantized to 1,
(5) and a value between 0.001 and 0.002 is quantized to 2, etc.).
The quantized values are taken as the input of HMM, and
the number of species of the quantized values is the obser-
vation number. The sliding window technique is utilized in
HMM training and real-time intrusion detection. The length is
chosen as L1 and step size is set as 1. The schematic about
feature extraction using the sliding window technique in the
time domain is shown in Fig. 4(a).
2) Frequency-Domain Analysis: As mentioned above, the
error signal after zero-mean processing should be analyzed
not only in time domain but also in frequency domain. In the
frequency-domain analysis, a fast discrete Fourier transform
(FFT) combined with the sliding window technique is utilized.
The length of the sliding window is chosen as L2 and the
step size is set as 1. For the error signal R(t) containing L2
uniformly sampled values f (t), the FFT is as follows:
2 −1
L
− 2π jk
L i
Y(k + 1) = e 2 R(j + 1) (6)
j=0
where j, k = 0, 1, . . . , L2 − 1.
HUANG et al.: FALSE DATA INJECTION ATTACK DETECTION FOR INDUSTRIAL CONTROL SYSTEMS
The mean is calculated for the vertical axis value cor-
responding to the integer k, and it is represented as
the frequency-domain feature vector Efrequency (t) at current
moment t
L2 −1
|Y(k + 1)|
Efrequency = h=0 . (7)
L2
The reason why Efrequency (t) is chosen as the feature vector is
that no matter what the attack frequency is, the feature vector
will change as long as the attacks are added into the system.
After the operation of sliding window (wherein the length of
window is L2 , the step size is 1), the feature in the frequency
domain corresponding to the time will be obtained. Then the
fast and efficient HMM is employed to intrusion detection.
The diagram of the feature extraction using sliding window
technique in the frequency domain is shown in Fig. 4(b).
C. Intrusion Detection
1) Model Training: HMM [36] is a probability model and
a time-series model, which predicts or classifies states accord-
ing to events that happened in a previous period of time, and
can obtain better results than just using current information.
Since the forms of potential attacks are unknown, it is diffi-
cult for us to obtain all kinds of samples under attacks, and
the data become imbalanced seriously. HMM can avoid the
problem of data imbalance because it only models the data in
the normal state and has no need to label the data. It outputs
the probability value according to the relationship between
the real-time input sequence and the trained model. Finally,
we compare the probability value with the threshold to judge
whether the system is under attack. It is noted that HMM is fast
and efficient, therefore it is very suitable for the application
of ICS.
An HMM usually consists of the following five-tuple:
λ = {V, M, A, B, C} (8)
where V represents the number of hidden states, M repre-
sents the number of observable states, A = {aij } is the transfer
matrix of hidden states, representing the probability of trans-
ferring from state i to state j, B = {bi (o)} is a matrix of
observable probabilities (confusion matrix), representing the
probability that observations o are observed from a hidden
state i, and C = {Ci } is the initial state probability, repre-
senting the probability vector starting from each hidden state.
Both the transition matrix of hidden states and the confusion
probability matrix are time independent, that is, these matrices
do not change with time. For an HMM with fixed V and M,
λ = {A, B, C} can also be used to represent the parameters of
HMM.
In the proposed method in this article, HMM plays a role in
evaluating whether the sensor data are abnormally tampered.
The HMM is obtained by training the data under normal oper-
ating conditions using the Baum–Welch algorithm, where the
model parameter λ represents the normal state, as shown in
Fig. 5(a). The HMM probability assessment P(O|λ) repre-
sents the probability of the input observations under the model
parameters, and it will be the evaluation results, as shown
589
(a)
(b)
Fig. 5. Schematic of model training and output. (a) Training for HMM
parameters. (b) Evaluating possibilities under model parameters.
in Fig. 5(b). It can be calculated by forward/backward algo-
rithms. Under normal conditions, the probability assessments
are generally stable and large. If the system is under attack,
the distribution of the observations will be different. In this
case, the probability assessments are reduced, i.e., the likeli-
hood that these observations conform to this HMM is reduced.
For multiple HMM detectors corresponding to multiple sen-
sors, the output of any HMM shows that the data have been
tampered and indicates that the system is under attack.
2) Design of μ-TF-HMM Detector: The μ-TF-HMM intru-
sion detector for an ICS with a single sensor is shown in
Fig. 6. Detectors are established for each sensor, for identi-
fying the attacked sensor. The abnormality detected by any
μ-TF-HMM detector indicates that the ICS is under attack.
The model training and real-time detection are summarized,
respectively, in Algorithms 1 and 2.
In Algorithm 1, step 1 is to initialize the model parameters,
steps 2–6 are to extract the features efficiently, the calcu-
lated mean F̄ in step 2 needs to be stored for the next step
and Algorithm 2, steps 7 and 8 are to acquire the trained
model parameters and threshold, the trained model parame-
ters and threshold should also be stored for Algorithm 2. In
Algorithm 2, steps 1–4 are to extract the features efficiently,
the L1 in step 5 should be the same to L1 in Algorithm 1,
and the rest steps are to evaluate the probability and report
the detection result.
IV. E XPERIMENT
A. Platform
The experimental platform is a self-developed networked
multiaxis engraving machine with a network attack kit, as
shown in Fig. 7. The intrusion detection system is com-
posed of a host computer [human–machine interface (HMI)],
an ARM single-chip microcomputer, a servo system, a CAN
bus, Ethernet, an attack kit, and an intrusion detector. The
main functions of the host computer are receiving data from
590
Fig. 6. Intrusion detection flow for an ICS with single sensor.
the ARM microcomputer through the TCP/IP protocol, per-
forming the control algorithm and sending the control input
to the ARM microcomputer. The ARM microcontroller acts
as a data transfer station in the system, receives the control
input sent from the host computer, and then sends the con-
trol input to each servo system via the CAN bus, meanwhile,
it also acquires the speed, position, and torque of each servo
system on the CAN bus. This key information is encapsulated
and sent back to the host computer for processing. The main
work of the CAN bus is to realize communication between
the ARM microcontroller and the servo system, and to trans-
fer important data in real time. The main work of the servo
system is to respond to the control input from the host com-
puter in real time and make corresponding operations. The
HMI includes visualized position information of the engraving
tool, visualized control input (speed information) of each axis,
visualized output values (position information) of each axis,
and some operation buttons. The attack kit implements attacks
by means of MITM attacks, which can modify the control
IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 1, JANUARY 1, 2021
inputs or sensor measurements. In this experiment, we con-
sider the case that the sensor measurements will be modified.
The attack is covert and not easy to be seen visually through
the HMI monitoring system, this can be realized by, for exam-
ple, adding sinusoidal signals with small magnitude into the
measurements. However, such covert attacks may destroy the
actuator in the control systems significantly.
B. Data Resource
To verify the performance of the proposed method, data are
sampled from the networked multiaxis synchronous engraving
machine in real time for experiments. The attack is performed
by adding a sinusoidal signal into the sensor measurements.
In this experiment, one sensor is taken as an example. As
long as the value of each sensor is detected, the attack can be
located. The data are divided into two parts. In the first part,
all the data are acquired under normal conditions. The sine
signal is taken as an example, other periodic signals are also
applicable. The amplitude of the sinusoidal signal is 10 cm and
HUANG et al.: FALSE DATA INJECTION ATTACK DETECTION FOR INDUSTRIAL CONTROL SYSTEMS 591

Algorithm 1 HMM Training Based on Features in Time and

Frequency Domain
Input: Normal sensor data N ∗ T, N periods, T data in each
period
Output: Model parameters, threshold, mean vector F̄
1: Initialize the model parameters
2: Calculate the mean F̄ according to equations (3)-(4)
3: Process the data with Zero-mean according to equation
(5)
4: Use sliding window technique on the data of Step3,
perform Fourier transform on the data in the window
5: Extract the features of the frequency-domain according to
equation (7)
6: Quantify the data obtained by Step3 and Step5 as input
values Otime , Ofrequency for the model
Fig. 7. Networked multiaxis synchronous engraving machine experimental
7: Train for model parameters λtime , λfrequency with Baum-
platform with attack kit.
Welch algorithm
8: Use sliding window technique,  and
 calculate
P(Otime |λtime ) and P Ofrequency λfrequency separately.
According to the practical experience, the threshold 1) Attack 1: Sinusoidal signal with a frequency of 10 Hz
  can and amplitude of 0.01 cm.
be taken as Th_time  = max
  −log(P(O
 time |λ 
time )) and
Th_frequency = max −log P Ofrequency λfrequency . 2) Attack 2: Sinusoidal signal with a frequency of 10 Hz
and amplitude of 0.1 cm.
3) Attack 3: Sinusoidal signal with ac frequency of 0.2 Hz
and amplitude of 0.1 cm.
Algorithm 2 Real-Time Intrusion Detection The mean vector F̄ is calculated by using 240 periodic
Input: Real-time sensor data, mean vector F̄, model param- data. The number of hidden states in HMM is set as V = 3,
eters, threshold and the number of observable states is set as M = 13. The
Output: Detected result Baum–Welch algorithm is used to train the model, where the
FOR each new sample value: maximum number of iteration is set as 1000 and the minimum
1: Calculate error signal R according to formula (5) iteration error is set as 1e–6. The length of the observation
2: Perform Fourier transform on the previous L2 data of sequence is L1 = 30. The length of the Fourier transform
Step1 window is L2 = 128. The detection results are shown in Fig. 9.
3: Extract the features of the frequency-domain according to It can be seen from Fig. 9(a) that all the points under
formula (7) Attack 1 are not successfully detected, only a few points
4: Quantify the data of Step1 and Step3 as input values of under Attacks 2 and 3 are detected, which means the detec-
the model tion performance is very poor. In Fig. 9(b), the detection
5: Take the previous L1 observations to calculate the  evalua- performance is better, while there are still many missed
tion probability P(Otime |λtime ) and P Ofrequency λfrequency detections and a few false detections. In Fig. 9(c), the detec-
respectively tion performance is also better than that in Fig. 9(a). There
6: Compare the evaluation probability with threshold Th_time are fewer missed detections than that in Fig. 9(b), while
and Tfrequency  at the same time, there are a few more false detections.
 
7: if P(Otime |λtime ) > Th_time or P Ofrequency λfrequency > Overall, the performance of μ-TF-HMM and μ-HMM are bet-
Th_frequency then ter than HMM. The proposed method μ-TF-HMM seems more
8: result = 1 (Under attack) sensitive than μ-HMM.
9: else
10: result = 0 (Normal)
C. Effect of Window
To compare the results more specifically, the length of slid-
ing window L1 is changed while other parameters are not.
the period is 8 s. The data sampling interval is 5 ms. It should Accuracy, sensitivity, and F1 score are taken as the evaluation
be noted that natural disturbance exists in the acquired data, criteria, which are, respectively, defined as follows.
and the data are not denoising to avoid removing attacks. This 1) Accuracy = (TP + TN)/(P + N), where TP is true
part is used to train the detector. In the second part, the data positive, TN is true negative, P is positive, and N is
contain the attacked signals, and are used to test the detection negative. Generally, the higher the accuracy, the better
performance. As shown in Fig. 8, data in the first 12 periods the classifier.
are normal, data in the last 30 periods are under attacks. The 2) Sensitivity = TP/P, it represents the proportion of all the
system is subject to the following three sinusoidal attacks. positive examples being classified correctly, and weighs
592 IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 1, JANUARY 1, 2021

Fig. 8. Experimental data. Normal: Sampling data without attacks, Attack 1: Sinusoidal signal with a frequency of 10 Hz and amplitude of 0.01 cm, Attack 2:
Sinusoidal signal with a frequency of 10 Hz and amplitude of 0.1 cm, Attack 3: Sinusoidal signal with a frequency of 0.2 Hz and amplitude of 0.1 cm. The
figures in the upper rectangular box are the local zoom result.

Fig. 9. Comparison diagram of detected results. In the figure, the red line shows the moment that attack occurs, the blue line shows the detection results,
where 1 means the system is under attack, and 0 means there is no attack. (a) “HMM” [37] represents an HMM detector where the data are only quantified
(b) “μ-HMM” (our method 1) represents an HMM detector where the data are processed with zero mean. The proposed method (c) “μ-TF-HMM” in this
article (our method 2) represents an HMM detector, where the data are processed with zero mean and combined with signal analysis.

the classifier’s ability to recognize positive examples.
Here, attacked data are considered as positive examples.
3) F1 score = 2TP/(2TP + FP + FN), where FP is false
positive and FN is false negative. F1 score is the har-
monic value of the recall rate and the accurate rate.
When both the recall rate and accurate rate are high,
the F1 score will be high.
The comparison results are shown in Fig. 10. The detection
performance of μ-HMM is significantly improved after zero
mean. The detection performance can be further improved by
combining features in the frequency domain or increasing the
length of the observation sequence, and it almost converges
after the accuracy reaching a certain level. It is worth noting
that, the application of the sliding window technique using
all the previous sequence information is more effective than
single-point analysis, while it will increase the computational
work. Moreover, the length of the window will affect the detec-
tion performance, and both the detection performance and the
computational capability should be considered when choosing
the length.
D. Effect of Frequency and Amplitude
To test the detection performance of the proposed detector
under attacks with different frequencies (ω) and amplitudes
(A), multiple frequencies and amplitudes are tested. Validation
is performed with 83 200 measured data, 41 600 of which are
added by the sinusoidal attacks. The corresponding parameters
are as follows.
1) L1 = 30, the amplitude of the attack signal is 0.01 cm,
the frequency of the attack signal is time varying.
2) L1 = 30, the frequency of the attack signal is 5 Hz, the
amplitude of the attack signal is time varying.
HUANG et al.: FALSE DATA INJECTION ATTACK DETECTION FOR INDUSTRIAL CONTROL SYSTEMS 593

(a) (b) (c)

Fig. 10. Detection performance comparison among three methods. (a) Accuracy of three methods. (b) Sensitivity of three methods. (c) F1-score of three
methods.

TABLE II
D ETECTION P ERFORMANCE U NDER ATTACKS W ITH D IFFERENT F REQUENCIES

TABLE III
D ETECTION P ERFORMANCE U NDER ATTACKS W ITH D IFFERENT A MPLITUDES

The detection performance of the above two experiments are
shown in Tables II and III, respectively.
As shown in Table II, as the frequency increases, the
accuracy and F1-score become higher, the sensitivity of
μ-TF-HMM always keeps a higher level, and in most cases,
the detection performance of μ-TF-HMM is better than μ-
HMM. Similarly, as shown in Table III, as the amplitude
increases, the accuracy and F1 score also basically maintain
an upward trend, the sensitivity of μ-TF-HMM always keeps
a high level, and in most cases, the detection performance of
μ-TF-HMM is better than μ-HMM. Overall, as we can see
from the experimental results, μ-TF-HMM generally main-
tains better detection performance than μ-HMM in the case
of most sinusoidal attacks. Especially when the amplitude is
low, the difference in detection performance is more obvi-
ous. When the amplitude of the attack signal increases to a
certain extent (e.g., when the amplitude of the attack signal
reaches 0.007 cm, which is 0.0035% of the original signal
amplitude, the detection performance is already good), the
detection accuracy is over 98%. Because there may be occa-
sional disturbances or jitters during actual operation, it causes
a rare amount of false detections, which results in certain
small fluctuations in the results. Through comprehensive com-
parison, the detection performance of μ-TF-HMM is more
stable and μ-TF-HMM detector maintains a good detection
performance.
E. Real-Time Analysis
Different from conventional information systems, the intru-
sion detection of the networked ICS requires a high real-
time performance. The proposed method includes the Fourier
transform, feature extraction, and forward algorithm. The time
complexities of the above operations are O(L2 ∗ log(L2 )),
594
TABLE IV
E XECUTION T IME U NDER ATTACKS W ITH D IFFERENT L ENGTHS OF S EQUENCES
O(L2 ), and O(L1 ∗ V 2 ), respectively. Since L1 , L2 , and V are
small, the amount of calculation of the proposed method is
small. To test the execution time of the three methods, 83 200
samples are detected eight times in each method with differ-
ent lengths of sequences (CPU: i5-6400, System: Windows10,
GPU: GTX960). Finally, the average execution times are
shown in Table IV. As the length of the sequence increases,
the execution time increases. The execution time of HMM is
the least, while the execution time of μ-HMM increases a
little. The μ-TF-HMM spends the longest time and approxi-
mately equals to the double execution time of HMM. However,
the three methods all fully meet the real-time requirement for
the considered ICS. From the results in Tables III and IV, it
can be seen that μ-TF-HMM increases the execution time by
80.32% (0.4874/0.2703) as compared with μ-HMM, while the
average F1-score increases 48.56% (0.9533/0.6417). Although
μ-TF-HMM needs a little more execution time, it improves the
intrusion detection accuracy. In actual deployment, the appro-
priate L1 can be selected according to the computing power
of the equipment.
Remark 1: The proposed intrusion detection algorithm can
be deployed in the controller node and sensor node, which
can effectively detect the FDI attacks from MITM attacks and
internal attacks.
V. C ONCLUSION
This article investigated the intrusion detection problem for
the ICS with repetitive machining under the FDI attacks.
A data-driven intrusion detection method is proposed. The
proposed method only utilizes the sensor measurements
required in the ICS for closed-loop control and does not
consume system resources additionally or require a precise
control system model. Besides, features in both time and
frequency domain are extracted at the same time. After feature
extraction, HMMs are established using features under normal
operating conditions and applied for intrusion detection. The
experimental results verify that the proposed μ-TF-HMM has
the best intrusion detection performance as compared with
HMM and μ-HMM methods. In the future, we will work
on the adaptive determination of thresholds, and more intelli-
gent decision-making methods to reduce human intervention
detection.
R EFERENCES
[1] X. Xu, C. He, Z. Xu, L. Qi, S. Wan, and M. Z. A. Bhuiyan, “Joint
optimization of offloading utility and privacy for edge computing
enabled IoT,” IEEE Internet Things J., vol. 7, no. 4, pp. 2622–2629,
Apr. 2020.
IEEE INTERNET OF THINGS JOURNAL, VOL. 8, NO. 1, JANUARY 1, 2021
[2] M. R. Khosravi and S. Samadi, “Reliable data aggregation in Internet
of ViSAR vehicles using chained dual-phase adaptive interpolation and
data embedding,” IEEE Internet Things J., vol. 7, no. 4, pp. 2603–2610,
Apr. 2020.
[3] A. Humayed, J. Lin, F. Li, and B. Luo, “Cyber-physical systems
security—A survey,” IEEE Internet Things J., vol. 4, no. 6,
pp. 1802–1831, Jan. 2017.
[4] D. Ding, Q.-L. Han, Y. Xiang, X. Ge, and X.-M. Zhang, “A survey
on security control and attack detection for industrial cyber-physical
systems,” Neurocomputing, vol. 275, pp. 1674–1683, Jan. 2018.
[5] S. Kriaa, L. Pietre-Cambacedes, M. Bouissou, and Y. Halgand, “A sur-
vey of approaches combining safety and security for industrial control
systems,” Rel. Eng. Syst. Safety, vol. 139, pp. 156–178, Jul. 2015.
[6] A. Ameli, A. Hooshyar, A. H. Yazdavar, E. F. El-Saadany, and
A. M. Youssef, “Attack detection for load frequency control systems
using stochastic unknown input estimators,” IEEE Trans. Inf. Forensics
Security, vol. 13, no. 10, pp. 2575–2590, Oct. 2018.
[7] D. P. Fidler, “Was StuxNet an act of war? Decoding a cyberattack,”
IEEE Security Privacy, vol. 9, no. 4, pp. 56–59, Aug. 2011.
[8] F. Meneghello, M. Calore, D. Zucchetto, M. Polese, and A. Zanella,
“IoT: Internet of Threats? A survey of practical security vulnerabilities in
real IoT devices,” IEEE Internet Things J., vol. 6, no. 5, pp. 8182–8201,
Jul./Aug. 2019.
[9] A. Mukhopadhyay, S. Chatterjee, K. K. Bagchi, P. J. Kirs, and
G. K. Shukla, “Cyber risk assessment and mitigation (CRAM) frame-
work using logit and probit models for cyber insurance,” Inf. Syst. Front.,
vol. 21, no. 5, pp. 997–1018, 2019.
[10] A. Matteini, F. Argenti, E. Salzano, and V. Cozzani, “A comparative
analysis of security risk assessment methodologies for the chemical
industry,” Rel. Eng. Syst. Safety, vol. 191, Nov. 2019, Art. no. 106083.
[11] S. Aljawarneh, M. Aldwairi, and M. B. Yassein, “Anomaly-based
intrusion detection system through feature selection analysis and build-
ing hybrid efficient model,” J. Comput. Sci., vol. 25, pp. 152–160,
Mar. 2018.
[12] C. Zhou et al., “Design and analysis of multimodel-based anomaly intru-
sion detection systems in industrial process automation,” IEEE Trans.
Syst., Man, Cybern., Syst., vol. 45, no. 10, pp. 1345–1360, Oct. 2015.
[13] M. Caselli, E. Zambon, and F. Kargl, “Sequence-aware intrusion detec-
tion in industrial control systems,” in Proc. 1st ACM Workshop Cyber
Phys. Syst. Security, 2015, pp. 13–24.
[14] I. N. Fovino, A. Carcano, T. D. L. Murel, A. Trombetta, and M. Masera,
“MODBUS/DNP3 state-based intrusion detection system,” in Proc. 24th
IEEE Int. Conf. Adv. Inf. Netw. Appl., 2010, pp. 729–736.
[15] S. Ponomarev and T. Atkison, “Industrial control system network intru-
sion detection by telemetry analysis,” IEEE Trans. Depend. Secure
Comput., vol. 13, no. 2, pp. 252–260, Mar./Apr. 2015.
[16] B. Groza and P.-S. Murvay, “Efficient intrusion detection with bloom
filtering in controller area networks,” IEEE Trans. Inf. Forensics Security,
vol. 14, no. 4, pp. 1037–1051, Apr. 2019.
[17] A. Almalawi, X. Yu, Z. Tari, A. Fahad, and I. Khalil, “An unsuper-
vised anomaly-based detection approach for integrity attacks on SCADA
systems,” Comput. Security, vol. 46, pp. 94–110, Oct. 2014.
[18] A. Khalili and A. Sami, “SysDetect: A systematic approach to critical
state determination for industrial intrusion detection systems using a
priori algorithm,” J. Process Control, vol. 32, pp. 154–160, Aug. 2015.
[19] S. Zhanwei and L. Zenghui, “Abnormal detection method of industrial
control system based on behavior model,” Comput. Security, vol. 84,
pp. 166–178, Jul. 2019.
[20] N. Erez and A. Wool, “Control variable classification, modeling and
anomaly detection in MODBUS/TCP SCADA systems,” Int. J. Crit.
Infrastruct. Protect., vol. 10, pp. 59–70, Sep. 2015.
HUANG et al.: FALSE DATA INJECTION ATTACK DETECTION FOR INDUSTRIAL CONTROL SYSTEMS
[21] M. Kalech, “Cyber-attack detection in SCADA systems using temporal
pattern recognition techniques,” Comput. Security, vol. 84, pp. 225–238,
Jul. 2019.
[22] S. Adepu and A. Mathur, “Distributed attack detection in a water
treatment plant: Method and case study,” IEEE Trans. Depend. Secure
Comput., early access, Oct. 9, 2018, doi: 10.1109/TDSC.2018.2875008.
[23] J. Wang, D. Shi, Y. Li, J. Chen, H. Ding, and X. Duan, “Distributed
framework for detecting PMU data manipulation attacks with deep
autoencoders,” IEEE Trans. Smart Grid, vol. 10, no. 4, pp. 4401–4410,
Jul. 2019.
[24] X. Ying, S. U. Sagong, A. Clark, L. Bushnell, and R. Poovendran,
“Shape of the cloak: Formal analysis of clock skew-based intrusion
detection system in controller area networks,” IEEE Trans. Inf. Forensics
Security, vol. 14, no. 9, pp. 2300–2314, Jul. 2019.
[25] S. Ahmed, Y. Lee, H. Seung-Ho, and I. Koo, “Unsupervised machine
learning-based detection of covert data integrity assault in smart grid
networks utilizing isolation forest,” IEEE Trans. Inf. Forensics Security,
early access.
[26] M. Wan, W. Shang, and P. Zeng, “Double behavior characteris-
tics for one-class classification anomaly detection in networked con-
trol systems,” IEEE Trans. Inf. Forensics Security, vol. 12, no. 12,
pp. 3011–3023, Dec. 2017.
[27] C. Shen, C. Liu, H. Tan, Z. Wang, D. Xu, and X. Su, “Hybrid-
augmented device fingerprinting for intrusion detection in industrial
control system networks,” IEEE Wireless Commun., vol. 25, no. 6,
pp. 26–31, Dec. 2018.
[28] W. Xu, C. Yan, W. Jia, X. Ji, and J. Liu, “Analyzing and enhancing the
security of ultrasonic sensors for autonomous vehicles,” IEEE Internet
Things J., vol. 5, no. 6, pp. 5015–5029, Dec. 2018.
[29] B. Kailkhura, Y. S. Han, S. Brahma, and P. K. Varshney, “Distributed
Bayesian detection in the presence of Byzantine data,” IEEE Trans.
Signal Process., vol. 63, no. 19, pp. 5250–5263, Oct. 2015.
[30] B. Kailkhura, Y. S. Han, S. Brahma, and P. K. Varshney, “Asymptotic
analysis of distributed Bayesian detection with Byzantine data,” IEEE
Signal Process. Lett., vol. 22, no. 5, pp. 608–612, May 2015.
[31] Y. Huang, J. Tang, Y. Cheng, H. Li, K. A. Campbell, and Z. Han,
“Real-time detection of false data injection in smart grid networks: An
adaptive CUSUM method and analysis,” IEEE Syst. J., vol. 10, no. 2,
pp. 532–543, Jun. 2016.
[32] K. Manandhar, X. Cao, F. Hu, and Y. Liu, “Detection of faults and
attacks including false data injection attack in smart grid using Kalman
filter,” IEEE Trans. Control Netw. Syst., vol. 1, no. 4, pp. 370–379,
Dec. 2014.
[33] Y. Guan and X. Ge, “Distributed attack detection and secure estimation
of networked cyber-physical systems against false data injection attacks
and jamming attacks,” IEEE Trans. Signal Inf. Process. Netw., vol. 4,
no. 1, pp. 48–59, Mar. 2018.
[34] S. Amin, X. Litrico, S. Sastry, and A. M. Bayen, “Cyber security of
water SCADA systems—Part I: Analysis and experimentation of stealthy
deception attacks,” IEEE Trans. Control Syst. Technol., vol. 21, no. 5,
pp. 1963–1970, Sep. 2012.
[35] S. Amin, X. Litrico, S. S. Sastry, and A. M. Bayen, “Cyber security
of water SCADA systems—Part II: Attack detection using enhanced
hydrodynamic models,” IEEE Trans. Control Syst. Technol., vol. 21,
no. 5, pp. 1679–1693, Sep. 2012.
595
[36] L. R. Rabiner, “A tutorial on hidden Markov models and selected appli-
cations in speech recognition,” Proc. IEEE, vol. 77, no. 2, pp. 257–286,
1989.
[37] Y. Qiao, X. Xin, Y. Bin, and S. Ge, “Anomaly intrusion detection method
based on HMM,” Electron. Lett., vol. 38, no. 13, pp. 663–664, 2002.
Dajian Huang received the B.S. degree from
the College of Information Engineering, Zhejiang
University of Technology, Hangzhou, China, 2018,
where he is currently pursuing the M.S. degree
in control theory and control engineering with the
College of Information Engineering.
His major research interests include cyber–
physical systems security and anomaly detection.
Xiufang Shi (Member, IEEE) received the B.Sc.
degree in automation from the East China University
of Science and Technology, Shanghai, China, in
2011, and the Ph.D. degree in control science and
engineering from Zhejiang University, Hangzhou,
China, in 2016.
She was a joint Ph.D. student with the University
of Sydney, Sydney, NSW, Australia, in 2015.
From 2016 to 2018, she was a Postdoctoral
Researcher with the College of Control Science
and Engineering, Zhejiang University. She is cur-
rently an Associate Professor with the Zhejiang University of Technology,
Hangzhou. Her major research interests include industrial control system
security, wireless localization, and target tracking.
Wen-An Zhang (Member, IEEE) received the
B.Eng. degree in automation and the Ph.D. degree
in control theory and control engineering from
the Zhejiang University of Technology, Hangzhou,
China, in 2004 and 2010, respectively.
He has been with the Zhejiang University of
Technology since 2010, where he is currently
a Professor with the Department of Automation.
He was a Senior Research Associate with the
Department of Manufacturing Engineering and
Engineering Management, City University of Hong
Kong, Hong Kong, from 2010 to 2011. His current research interests include
cyber–physical systems security, networked control systems, and multisensor
information fusion estimation
Prof. Zhang was awarded an Alexander von Humboldt Fellowship in
2011–2012.