Differential Privacy for Regulatory Compliance in Cyberattack Detection on Critical Infrastructure Systems
Paritosh Ramanan, H. M. Mohaimanul Islam, Abhiram Reddy Alugula
TL;DR
This work addresses privacy and regulatory verification for data-driven cyberattack detection in critical infrastructure by introducing a two-phase differential privacy framework that protects both covariance and residual statistics in a nonlinear state-space ICS model. It combines a learning-enabled nonlinear Kalman filter with chi-square and p-value based hypothesis testing to detect anomalies, while enabling regulator verification through DP-disclosed statistics. The authors derive formal DP guarantees, analyze the impact of privacy budgets and failure probabilities on detection performance, and propose two verification modalities—critical region and p-value based—so regulators can audit alarms without exposing sensitive data. Experimental results on real ICS datasets demonstrate that DP-disclosure strategies can closely match non-DP detection performance and provide robust privacy protection with manageable false alarm rates. The framework offers practical pathways to enhance trust, situational awareness, and regulatory credibility in interdependent CINs during cyber threat events.
Abstract
Industrial control systems are a fundamental component of critical infrastructure networks (CIN) such as gas, water and power. With the growing risk of cyberattacks, regulatory compliance requirements are also increasing for large scale critical infrastructure systems comprising multiple utility stakeholders. The primary goal of regulators is to ensure overall system stability with recourse to trustworthy stakeholder attack detection. However, adhering to compliance requirements requires stakeholders to also disclose sensor and control data to regulators raising privacy concerns. In this paper, we present a cyberattack detection framework that utilizes differentially private (DP) hypothesis tests geared towards enhancing regulatory confidence while alleviating privacy concerns of CIN stakeholders. The hallmark of our approach is a two phase privacy scheme that protects the privacy of covariance, as well as the associated sensor driven test statistics computed as a means to generate alarms. Theoretically, we show that our method induces a misclassification error rate comparable to the non-DP cases while delivering robust privacy guarantees. With the help of real-world datasets, we show the reliability of our DP-detection outcomes for a wide variety of attack scenarios for interdependent stakeholders.