What problem does this paper attempt to address?

This paper attempts to solve the problem that monitoring data in turnout systems of railways are vulnerable to cyber - attacks. Specifically, attackers may hide faults or trigger unnecessary maintenance operations by tampering with data, thus leading maintenance personnel to make wrong decisions. To address this issue, the paper proposes a time - series - prediction - based method to evaluate and detect potential cyber - threats. ### Main Problem Description 1. **Threats of Cyber - Attacks to Railway Turnout Systems**: - Railway turnout systems are key components in railway infrastructure and are used to change the direction of trains. - These systems are vulnerable to cyber - attacks, and attackers can hide faults or trigger unnecessary maintenance operations by tampering with sensor data. - Attacks may cause maintenance personnel to make wrong decisions, such as performing unnecessary maintenance (False Positive, FP) or ignoring existing faults (False Negative, FN). 2. **Limitations of Existing Methods**: - Existing intrusion detection systems (IDS) usually rely on known attack patterns (Signature - based IDS) or anomaly - behavior - detection (Anomaly - based IDS), but these methods are difficult to detect threats hidden behind expected behaviors. - For railway turnout systems, the lack of information about their life cycles makes it difficult for traditional detection methods to effectively identify potential cyber - attacks. ### Solutions Proposed in the Paper The paper proposes a time - series - prediction - based method. By analyzing the operation data of turnout systems, it predicts their future behaviors and compares the prediction results with the actual monitoring data to detect any differences. The specific steps include: 1. **Constructing the Prediction Model**: - Use historical data to train a Long - Short - Term Memory (LSTM) model to predict the turnout - behavior curve in the next time period. - The LSTM model can handle long - time - series data and is suitable for capturing complex behavior changes in turnout systems. 2. **Prediction and Comparison**: - Use the trained LSTM model to predict the turnout - behavior curve in the next time period. - Compare the predicted curve with the actually - monitored curve, and use two methods, Euclidean Distance and Dynamic Time Warping (DTW), to measure the similarity between the two. 3. **Evaluating the Possibility of Cyber - Threats**: - If there are significant differences between the actually - monitored curve and the predicted curve, further investigate whether there is a possibility of cyber - attacks. - Judge whether the curves are similar through preset thresholds. If they are not similar, mark them as suspicious and further investigation is required. ### Conclusion This method can detect potential cyber - attacks at an early stage by predicting the future behaviors of turnout systems and comparing them with the actual monitoring data, thus helping maintenance personnel make more accurate decisions. Future research will further optimize the LSTM model, especially improve its prediction ability in slow - aging scenarios, and consider the differences between different turnout systems to achieve broader applicability. ### Formula Representation - Euclidean Distance Formula: \[ d_{\text{Euclidean}}(X, Y)=\sqrt{\sum_{i = 1}^{n}(X_i - Y_i)^2} \] - Dynamic Time Warping (DTW) Distance Formula: \[ \text{DTW}(X, Y)=\min\sum_{i = 1}^{n}(X_{a_i}-Y_{b_i})^2 \] where \(X\) and \(Y\) are two time series, and \(a_i\) and \(b_i\) are the indices on the optimal path. Through these methods, the paper provides an effective means to evaluate the authenticity of monitoring data in railway turnout systems, thereby enhancing the security of the systems.