A Moving Target Defense to Detect Stealthy Attacks in Cyber-Physical Systems

Giraldo, Jairo; Cárdenas, Álvaro A.; Sanfelice, Ricardo G.

doi:10.23919/acc.2019.8815274

Cited by 28 publications

(15 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The dynamics is concealed to the adversary. Because it is time-varying, it becomes a moving target that is challenging to identify by an adversary, a precondition to the covert attack [7]. But, it is known to and used by the operator to detect the covert attack.…”

Section: ) Auxiliary Statesmentioning

confidence: 99%

Resilience Estimation of Cyber-Physical Systems via Quantitative Metrics

Barbeau

Cuppens

et al. 2021

IEEE Access

View full text Add to dashboard Cite

This paper is about the estimation of the cyber-resilience of Cyber-Physical Systems (CPS). We define two new resilience estimation metrics: k-steerability and-monitorability. They aim at assisting designers to evaluate and increase the cyber-resilience of CPS when facing stealthy attacks. The k-steerability metric reflects the ability of a controller to act on individual plant state variables when, at least, k different groups of functionally diverse input signals may be processed. The-monitorability metric indicates the ability of a controller to monitor individual plant state variables with different groups of functionally diverse outputs. Paired together, the metrics lead to CPS reaching (k,)-resilience. When k and are both greater than one, a CPS can absorb and adapt to control-theoretic attacks manipulating input and output signals. We also relate the parameters k and to the recoverability of a system. We define recoverability strategies to mitigate the impact of perpetrated attacks. We show that the values of k and can be augmented by combining redundancy and diversity in hardware and software, in order to apply the moving target paradigm. We validate the approach via simulation and numeric results.

show abstract

Section: ) Auxiliary Statesmentioning

confidence: 99%

Resilience Estimation of Cyber-Physical Systems via Quantitative Metrics

Barbeau

Cuppens

et al. 2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…III.3 CPS-based MTD approaches -Most CPS-based MTD approaches have been proposed to control adversaries situated in the end devices, i.e., actuators and sensors. For example, in [11], authors propose a MTD strategy that randomly changes the availability of the sensor data, so that it is harder for adversaries to achieve stealthy attacks. This approach uses switched control systems that allow to detect sensor compromise and to minimize the impact of falsedata injection attacks.…”

Section: Iii1 Network Mtd Approaches -mentioning

confidence: 99%

“…As showed in recent surveys [7] [8] [9], most of the existing approaches require adding extra hardware [10], which may be expensive. Other solutions use detection approaches with recovery strategies [11] [12] [13] [14] that usually use state estimation to maintain an understanding of the system state under attack, even when a subset of inputs and outputs are compromised. These techniques work as traditional detection and mitigation approaches but do not provide resilience-by-design or prevent the execution of malicious commands.…”

Section: Introductionmentioning

confidence: 99%

Switched-Based Resilient Control of Cyber-Physical Systems

Segovia-Ferreira¹,

Rubio‐Hernan²,

Cavalli³

et al. 2020

IEEE Access

View full text Add to dashboard Cite

We present a control-theoretic approach to achieve Cyber-Physical Systems (CPS) resilient designs. We assume situations in which the CPS must maintain the correct operation of a set of crucial functionalities despite ongoing adversarial misbehavior. The approach is based on a moving target defense paradigm, driven by a linear switching of state-space matrices, and applied at both the physical and network layers of a networked-control system. We show that the final system maintains stability. We also evaluate, via simulation, a step-by-step procedure that takes a transfer function, representing the dynamics of the physical process. As a result, we obtain a resilient CPS design structured around a topology of decentralized controllers. Results show that the obtained approach is both innovative and promising.

show abstract

“…An emerging approach to detect attacks and to limit their impact, which can combine both physical models and game theory, are moving target defense (MTD) strategies [6] that induce controlled uncertainties into the CPS to confuse the attacker. Gairo et al [7], for example, randomly switch between the sensors used to detect otherwise stealthy attacks, while in [8] a random watermarking signal is injected into the CPS to make stealthy attacks detectable. However, the MTD strategies in [7] and [8] directly influence the closed-loop behavior of the CPS and can decrease its performance.…”

Section: Introductionmentioning

confidence: 99%

“…Gairo et al [7], for example, randomly switch between the sensors used to detect otherwise stealthy attacks, while in [8] a random watermarking signal is injected into the CPS to make stealthy attacks detectable. However, the MTD strategies in [7] and [8] directly influence the closed-loop behavior of the CPS and can decrease its performance. Griffioen et al [9] propose a MTD scheme that introduces an auxiliary system to not influence the closed-loop behavior and simultaneously detect an attack.…”

Section: Introductionmentioning

confidence: 99%

A Nash equilibrium-based moving target defense against stealthy sensor attacks

Umsonst

Sarıtaş

2020

2020 59th IEEE Conference on Decision and Control (CDC)

View full text Add to dashboard Cite

We present a moving target defense strategy to reduce the impact of stealthy sensor attacks on feedback systems. The defender periodically and randomly switches between thresholds from a discrete set to increase the uncertainty for the attacker and make stealthy attacks detectable. However, the defender does not know the exact goal of the attacker but only the prior of the possible attacker goals. Here, we model one period with a constant threshold as a Bayesian game and use the Bayesian Nash equilibrium to find the distribution for the choice of the threshold in that period, which takes the defender's uncertainty about the attacker into account. To obtain the equilibrium distribution, the defender minimizes its cost consisting of the cost for false alarms and the cost induced by the attack. We present a necessary and sufficient condition for the existence of a moving target defense and formulate a linear program to determine the moving target defense. Furthermore, we present a closedform solution for the special case when the defender knows the attacker's goals. The results are numerically evaluated on a four-tank process.

show abstract

A Moving Target Defense to Detect Stealthy Attacks in Cyber-Physical Systems

Cited by 28 publications

References 9 publications

Resilience Estimation of Cyber-Physical Systems via Quantitative Metrics

Resilience Estimation of Cyber-Physical Systems via Quantitative Metrics

Switched-Based Resilient Control of Cyber-Physical Systems

A Nash equilibrium-based moving target defense against stealthy sensor attacks

Contact Info

Product

Resources

About