{"title":"Probabilistic state estimation for labeled continuous time Markov models with applications to attack detection","authors":"Lefebvre, Dimitri, Seatzu, Carla, Hadjicostis, Christoforos N., Giua, Alessandro","doi":"10.1007/s10626-021-00348-y","DOIUrl":null,"url":null,"abstract":"<p>This paper is about state estimation in a timed probabilistic setting. The main contribution is a general procedure to design an observer for computing the probabilities of the states for labeled continuous time Markov models as functions of time, based on a sequence of observations and their associated time stamps that have been collected thus far. Two notions of state consistency with respect to such a timed observation sequence are introduced and related necessary and sufficient conditions are derived. The method is then applied to the detection of cyber-attacks. The plant and the possible attacks are described in terms of a labeled continuous time Markov model that includes both observable and unobservable events, and where each attack corresponds to a particular subset of states. Consequently, attack detection is reformulated as a state estimation problem.</p>","PeriodicalId":92890,"journal":{"name":"Discrete event dynamic systems","volume":"25 56","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2021-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Discrete event dynamic systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1007/s10626-021-00348-y","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 6
Abstract
This paper is about state estimation in a timed probabilistic setting. The main contribution is a general procedure to design an observer for computing the probabilities of the states for labeled continuous time Markov models as functions of time, based on a sequence of observations and their associated time stamps that have been collected thus far. Two notions of state consistency with respect to such a timed observation sequence are introduced and related necessary and sufficient conditions are derived. The method is then applied to the detection of cyber-attacks. The plant and the possible attacks are described in terms of a labeled continuous time Markov model that includes both observable and unobservable events, and where each attack corresponds to a particular subset of states. Consequently, attack detection is reformulated as a state estimation problem.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
