Probabilistic system opacity in discrete event systems

In many emerging security applications, a system designer frequently needs to ensure that a certain property of a given system (that may reveal important details about the system’s operation) be kept secret (opaque) to outside observers (eavesdroppers). Motivated by such applications, several researchers have formalized, analyzed, and described methods to verify notions of opacity in discrete event systems of interest. This paper introduces and analyzes a notion of opacity in systems that can be modeled as probabilistic finite automata or hidden Markov models. We consider a setting where a user needs to choose a specific hidden Markov model (HMM) out of m possible (different) HMMs, but would like to “hide” the true system from eavesdroppers, by not allowing them to have an arbitrary level of confidence as to which system has been chosen. We describe necessary and sufficient conditions (that can be checked with polynomial complexity), under which the intruder cannot distinguish the true HMM, namely, the intruder cannot achieve a level of certainty about its decision, which is above a certain threshold that we can a priori compute.

[1]  Mathieu Sassolas,et al.  Quantifying Opacity , 2010, QEST.

[2]  Amir Dembo,et al.  Large Deviations Techniques and Applications , 1998 .

[3]  W.-G. Tseng The equivalence and learning of probabilistic automata , 1989, 30th Annual Symposium on Foundations of Computer Science.

[4]  J.S. Baras,et al.  Distributed change detection for worms, DDoS and other network attacks , 2004, Proceedings of the 2004 American Control Conference.

[5]  Christoforos N. Hadjicostis,et al.  Current-State Opacity Formulations in Probabilistic Finite Automata , 2014, IEEE Transactions on Automatic Control.

[6]  E. Seneta Non-negative Matrices and Markov Chains , 2008 .

[7]  King-Sun Fu,et al.  Syntactic Pattern Recognition And Applications , 1968 .

[8]  Christoforos N. Hadjicostis Probabilistic detection of FSM single state-transition faults based on state occupancy measurements , 2005, IEEE Transactions on Automatic Control.

[9]  Eleftheria Athanasopoulou,et al.  Probability of error bounds for failure diagnosis and classification in hidden Markov models , 2008, 2008 47th IEEE Conference on Decision and Control.

[10]  Christoforos Keroglou,et al.  Hidden Markov Model Classification Based on Empirical Frequencies of Observed Symbols , 2014, WODES.

[11]  Anooshiravan Saboori,et al.  Coverage analysis of mobile agent trajectory via state-based opacity formulations☆ , 2011 .

[12]  Roberto Gorrieri,et al.  A taxonomy of trace-based security properties for CCS , 1994, Proceedings The Computer Security Foundations Workshop VII.

[13]  A. Saboori,et al.  Verification of initial-state opacity in security applications of DES , 2008, 2008 9th International Workshop on Discrete Event Systems.

[14]  E. S. Pearson,et al.  On the Problem of the Most Efficient Tests of Statistical Hypotheses , 1933 .

[15]  P. Glynn,et al.  Hoeffding's inequality for uniformly ergodic Markov chains , 2002 .

[16]  Christoforos N. Hadjicostis,et al.  Verification of initial-state opacity in security applications of discrete event systems , 2013, Inf. Sci..

[17]  Stéphane Lafortune,et al.  Comparative analysis of related notions of opacity in centralized and coordinated architectures , 2013, Discret. Event Dyn. Syst..

[18]  J. Todd Wittbold,et al.  Information flow in nondeterministic systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[19]  Maciej Koutny,et al.  Modelling Opacity Using Petri Nets , 2005, WISP@ICATPN.

[20]  Peter Willett,et al.  Detection of hidden Markov model transient signals , 2000, IEEE Trans. Aerosp. Electron. Syst..

[21]  Christoforos Keroglou,et al.  Probabilistic system opacity in discrete event systems , 2016, WODES.

[22]  Maciej Koutny,et al.  Opacity Generalised to Transition Systems , 2005, Formal Aspects in Security and Trust.

[23]  Christos G. Cassandras,et al.  Introduction to Discrete Event Systems , 1999, The Kluwer International Series on Discrete Event Dynamic Systems.

[24]  Benoît Caillaud,et al.  Concurrent Secrets , 2007, 2006 8th International Workshop on Discrete Event Systems.

[25]  Joe Brewer,et al.  Kronecker products and matrix calculus in system theory , 1978 .

[26]  Jonathan K. Millen,et al.  Covert Channel Capacity , 1987, 1987 IEEE Symposium on Security and Privacy.

[27]  P. Darondeau,et al.  Opacity enforcing control synthesis , 2008, 2008 9th International Workshop on Discrete Event Systems.

[28]  Christoforos N. Hadjicostis,et al.  Notions of security and opacity in discrete event systems , 2007, 2007 46th IEEE Conference on Decision and Control.

[29]  Christoforos Keroglou,et al.  Initial state opacity in stochastic DES , 2013, 2013 IEEE 18th Conference on Emerging Technologies & Factory Automation (ETFA).

[30]  Maciej Koutny,et al.  Modelling Dynamic Opacity Using Petri Nets with Silent Actions , 2004, Formal Aspects in Security and Trust.