Integrating Design and Data Centric Approaches to Generate Invariants for Distributed Attack Detection

Umer, Muhammad; Mathur, Aditya P.; Junejo, Khurum Nazir; Adepu, Sridhar

doi:10.1145/3140241.3140248

Cited by 15 publications

(14 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…movement of the piston towards the initial position. Attack 2 immediately sets x to 0; since the pressure on the electro-pneumatic controller is 0, piston moves in direction from the initial position (7).…”

Section: B Case Study 2 -Electro-pneumatic Positioning Systemmentioning

confidence: 99%

See 1 more Smart Citation

Detection of cyber-attacks in systems with distributed control based on support vector regression

Nedeljković

Jakovljević²,

Miljković

et al. 2020

Telfor J

View full text Add to dashboard Cite

Concept of Industry 4.0 and implementation of Cyber Physical Systems (CPS) and Internet of Things (IoT) in industrial plants are changing the way we manufacture. Introduction of industrial IoT leads to ubiquitous communication (usually wireless) between devices in industrial control systems, thus introducing numerous security concerns and opening up wide space for potential malicious threats and attacks. As a consequence of various cyber-attacks, fatal failures can occur on system parts or the system as a whole. Therefore, security mechanisms must be developed to provide sufficient resilience to cyber-attacks and keep the system safe and protected. In this paper we present a method for detection of attacks on sensor signals, based on e insensitive support vector regression (e-SVR). The method is implemented on publicly available data obtained from Secure Water Treatment (SWaT) testbed as well as on a real-world continuous time controlled electro-pneumatic positioning system. In both cases, the method successfully detected all considered attacks (without false positives).

show abstract

Section: B Case Study 2 -Electro-pneumatic Positioning Systemmentioning

confidence: 99%

“…and design-centric (use an analytical model of the process and its control algorithms) [7]. An example of designcentric approach that utilizes a considered CPS model for attack detection and identification is presented in [8].…”

Section: Introductionmentioning

confidence: 99%

Detection of cyber-attacks in systems with distributed control based on support vector regression

Nedeljković

Jakovljević²,

Miljković

et al. 2020

Telfor J

View full text Add to dashboard Cite

show abstract

“…Early works have considered the case in which the attacker has full knowledge about the system, but has the ability to hack only a limited number of sensors [171,172,176]. In this situation, a relevant research problem is the one of constructing a valid FDIA by minimizing the number of attacked sensors, which has been solved using mixed-integer linear programming (MILP) [178], matching pursuit [172] or [192,193,198,[205][206][207][208][209][210]296] strategies Other approaches [162,163,190,191,194,[199][200][201][297][298][299][300][301] least absolute shrinkage and selection operator (LASSO) [177]. Later research has established that it is possible for an attacker to launch valid FDIAs even with incomplete information about the system.…”

Section: Theoretical Research On Constructing Fdiasmentioning

confidence: 99%

“…Many detectionbased approaches rely on state-based invariants to identify deviations of the plant from its normal behavior. Since this deviation is an anomaly, such approaches are referred to as anomaly-based, and can be divided roughly into two categories: design-centric (DeC) and data-centric (DaC) [205]. In DeC approaches, plant design and component specifications are input to an invariant generator, which uses fundamental laws of physics to generate invariants.…”

Section: Defensive Research On Fdiasmentioning

confidence: 99%

Bibliographical review on cyber attacks from a control oriented perspective

Sánchez

Rotondo

Escobet

et al. 2019

Annual Reviews in Control

106

View full text Add to dashboard Cite

This paper presents a bibliographical review of definitions, classifications and applications concerning cyber attacks in networked control systems (NCSs) and cyber-physical systems (CPSs). This review tackles the topic from a control-oriented perspective, which is complementary to information or communication ones. After motivating the importance of developing new methods for attack detection and secure control, this review presents security objectives, attack modeling, and a characterization of considered attacks and threats presenting the detection mechanisms and remedial actions. In order to show the properties of each attack, as well as to provide some deeper insight into possible defense mechanisms, examples available in the literature are discussed. Finally, open research issues and paths are presented.

show abstract

“…Deception attacks detection represents a challenging task, and a number of different techniques for solving this issue were recently proposed. All these techniques can be classified into two groups: (1) data-centric and (2) design-centric [7]. Data-centric techniques use collected system data, while design-centric techniques are based on system analytical model and its control algorithms.…”

Section: Introductionmentioning

confidence: 99%

The detection of sensor signal attacks in industrial control systems

Nedeljković¹,

Jakovljević²,

Miljković³

2020

FME Transactions

View full text Add to dashboard Cite

To improve productivity and efficiency in industrial manufacturing, the fourth industrial revolution leads to the implementation of Cyber Physical Systems (CPS) and Internet of Things (IoT) in the industrial environment. Ubiquitous communication makes CPS susceptible to external influences, which can have a negative intention; for instance, CPS are prone to various attacks and malicious threats by different adversaries. The impact of an attack on the system can lead to anomalies and serious consequences for system parts or the system as a whole. Security mechanisms must be developed in order to timely detect different attacks and to keep the system safe and protected. In this paper, a method for sensor signal attacks detection in a continuous time controlled systems has been proposed. The method is based on Support Vector Machines (SVM) and tested on the data obtained from the Secure Water Treatment (SWaT) testbed, a scaled-down plant that produces purified water.

show abstract

Integrating Design and Data Centric Approaches to Generate Invariants for Distributed Attack Detection

Cited by 15 publications

References 10 publications

Detection of cyber-attacks in systems with distributed control based on support vector regression

Detection of cyber-attacks in systems with distributed control based on support vector regression

Bibliographical review on cyber attacks from a control oriented perspective

The detection of sensor signal attacks in industrial control systems

Contact Info

Product

Resources

About