Denial of Service Attacks on Network-Based Control Systems: Impact and Mitigation

Long, Men; Wu, Chwan-Hwa; Hung, John Y.

doi:10.1109/tii.2005.844422

Cited by 209 publications

(69 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In [18], the authors evaluate the impact of delay jitter and packet loss in an NCS under a Denial of Service (DoS) attack. The conception of such DoS attack does not take into account the models of the controller and physical plant of the attacked NCS (i.e.…”

Section: Related Workmentioning

confidence: 99%

“…Therefore, to affect the physical process, the attacker arbitrarily floods the network, causing jitter and packet loss in the communication links of the NCS. In this tactic, the excess of packets in the network may reveal the attack, allowing the implementation of countermeasures such as packet filtering [18] or blocking the malicious traffic on its origin [19]. Additionally, as stated in [12], the arbitrary intervention in a system which the models are unknown may lead the plant to an extreme physical behavior, which is not desired if a physically covert [12] attack is intended.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A controller design for mitigation of passive system identification attacks in networked control systems

Sá

Carmo

Machado

2018

J Internet Serv Appl

View full text Add to dashboard Cite

The literature regarding attacks in Networked Control Systems (NCS) indicates that covert and accurate attacks must be designed based on an accurate knowledge about the model of the attacked system. In this context, the literature on NCS presents the Passive System Identification attack as a metaheuristic-based tool to provide the attacker with the required system models. However, the scientific literature does not report countermeasures to mitigate the identification process performed by such passive metaheuristic-based attack. In this sense, this work proposes the use of a randomly switching controller as a countermeasure for the Passive System Identification attack, in case of failure of other conventional security mechanisms -such as encryption, network segmentation and firewall policies. This novel countermeasure aims to hinder the identification of the controller, so that the model obtained by the attacker is imprecise or ambiguous, in such a way that the attacker hesitates to launch covert or model-dependent attacks against the NCS. The simulation results indicate that this countermeasure is capable to mitigate the mentioned attack at the same time that it performs a satisfactory plant control.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

A controller design for mitigation of passive system identification attacks in networked control systems

Sá

Carmo

Machado

2018

J Internet Serv Appl

View full text Add to dashboard Cite

show abstract

“…Long et al [8] proposed two queuing models for the DoS attacks in order to obtain the packet delay jitter and the loss probability. Wang et al [9] studies the DoS attacks analytically by using a more general queue model, a two-dimensional embedded Markov chain, which can more accurately capture the dynamics of the actual DoS attacks.…”

Section: Related Workmentioning

confidence: 99%

SYN Flood Attack Prevention using Particle Swarm Optimization in Cloud Computing Environment

Ahmed¹,

Mahbub²

2017

IJCA

View full text Add to dashboard Cite

Security issues in Cloud Computing is growing as it continues to offer innovative business model and collaboration capabilities for organizations to boost productivity. There are numerous security issues for cloud computing as it encompasses many technologies including networks, virtualization, resource scheduling, load balancing, concurrency control and memory management. A Cloud infrastructure that comprises the vulnerability of Denial of Service (DoS) attacks denies legitimate users from accessing information or services. A DoS attack can be launched in the transport layer using the very old, but still effective, SYN Flood technique. In a SYN flood attack the attacker sends a flood of TCP SYN requests that gets the server busy without actually completing the three-way handshake procedure used in the setup of TCP sessions. This paper presents a Particle Swarm Optimization (PSO) based approach to enhance the defence mechanism of the system against such attacks. The theoretical analysis and simulations show that the proposed optimization model analyses the situation of under attack server and based on the intensity of the attack situation, it provides the best solution to the server. The server can tune itself dynamically to the optimized solution which increases its chance against SYN Flood attacks.

show abstract

“…The impact of DoS attacks was analyzed by Khan and Traore [167] on three parameters used for attack detection: response time, queue-growth-rate, and arrival rate. Two queueing models were proposed by Long et al [191] for the DoS attacks in order to measure packet loss probability, packet delay, and jitter. A generalized multi-class Erlang and Engset mixed-loss model was used by Huang et al [159] to analyze a network under DDoS attacks, and the model was later extended to analyze 3G wireless cellular networks [160].…”

Section: Markovian Based Queuing Analysis Modelmentioning

confidence: 99%

Security configuration management in intrusion detection and prevention systems

Alsubhi

Alhazmi

Bouabdallah

et al. 2012

IJSN

View full text Add to dashboard Cite

Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defense against a variety of attacks that can compromise the security and proper functioning of an enterprise information system. IDPSs can be network or host-based and can collaborate in order to provide better detection of malicious traffic. Although several IDPS systems have been proposed, their appropriate configuration and control for effective detection/prevention of attacks and efficient resource consumption is still far from trivial.Another concern is related to the slowing down of system performance when maximum security is applied, hence the need to trade off between security enforcement levels and the performance and usability of an enterprise information system.In this dissertation, we present a security management framework for the configuration and control of the security enforcement mechanisms of an enterprise information system. The approach leverages the dynamic adaptation of security measures based on the assessment of system vulnerability and threat prediction, and provides several levels of attack containment. Furthermore, we study the impact of security enforcement levels on the performance and usability of an enterprise information system. In particular, we analyze the impact of an IDPS configuration on the resulting security of the network, and on the network performance. We also analyze the performance of the IDPS for different configurations and under different traffic characteristics. The analysis can then be used to predict the impact of a given security configuration on the prediction of the impact on network performance.iii Acknowledgements All praise is due to Allah who guided me through out this research and beyond.My deepest gratitude is to my advisor, Prof. Raouf Boutaba, for his guidance, support, patience, and encouragement. I have been amazingly fortunate to have an advisor who gave me the freedom to explore on my own, and at the same time the guidance to recover when my steps faltered. He was always available, professional, and friendly. I have learned from him to think differently, be optimistic, and be self motivated. This work would have not been done without his advice and valuable comments.

show abstract

Denial of Service Attacks on Network-Based Control Systems: Impact and Mitigation

Cited by 209 publications

References 14 publications

A controller design for mitigation of passive system identification attacks in networked control systems

A controller design for mitigation of passive system identification attacks in networked control systems

SYN Flood Attack Prevention using Particle Swarm Optimization in Cloud Computing Environment

Security configuration management in intrusion detection and prevention systems

Contact Info

Product

Resources

About