An Interdiction Detection and Prevention System (IDPS) for Anti-Autonomy Attack Repulsion

Unmanned vehicles, such as spacecraft and aircraft, are potentially susceptible to attacks that seek to compromise their operations or cause damage or destruction through the use of attacks that target their autonomous decision making capabilities. These attacks may be used for both offensive and defensive purposes. So-called ‘anti-drone’ or ‘anti-autonomy’ technologies are gaining attention in the aviation sector as a way to prevent UAV entrance into controlled areas or combat a UAV attack. Like with most warfighting technologies, superiority requires both a way to assure your own attacks while denying enemy attack capabilities. Thus, a mechanism for effective prevention of attacks that seek to exploit vulnerabilities in or the confusion of autonomous command and control systems must be able to be effectively repelled. This paper builds on the concept of network and computing system intrusion detection system (IDS) technology to present an Interdiction Detection and Prevention System (IDPS) that serves to identify and respond to attacks on autonomous control systems and software. The use of multiple IDS technologies for the detection component of the IDPS is discussed and the efficacy of each is considered. Then preventative and responsive actions are discussed. An architecture and implementation of the IDPS are presented and evaluated. The paper concludes with a discussion of the efficacy of the IDPS for multiple applications and the ‘spy versus spy’ nature of autonomy, anti-autonomy and autonomous system assurance.

[1]  Kevin Heaslip,et al.  CPS: an efficiency-motivated attack against autonomous vehicular transportation , 2013, ACSAC.

[2]  Donald A. Waterman,et al.  A Guide to Expert Systems , 1986 .

[3]  Barbara Hayes-Roth,et al.  A Blackboard Architecture for Control , 1985, Artif. Intell..

[4]  Jeremy Straub,et al.  Using deep learning to detect network intrusions and malware in autonomous robots , 2017, Defense + Security.

[5]  Jeremy Straub Cybersecurity for aerospace autonomous systems , 2015, Defense + Security Symposium.

[6]  Changshui Zhang,et al.  Incremental multiple instance outlier detection , 2014, Neural Computing and Applications.

[7]  Carla E. Brodley,et al.  Machine learning techniques for the computer security domain of anomaly detection , 2000 .

[8]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[9]  Anupam Joshi,et al.  Fuzzy clustering for intrusion detection , 2003, The 12th IEEE International Conference on Fuzzy Systems, 2003. FUZZ '03..

[10]  J. F. McClary,et al.  NADIR: An automated system for detecting network intrusion and misuse , 1993, Comput. Secur..

[11]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[12]  Jian Ma,et al.  A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering , 2010, Expert Syst. Appl..

[13]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[14]  Xinming Huang,et al.  Security of Autonomous Systems Employing Embedded Computing and Sensors , 2013, IEEE Micro.

[15]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[16]  Salvatore J. Stolfo,et al.  A Geometric Framework for Unsupervised Anomaly Detection , 2002, Applications of Data Mining in Computer Security.

[17]  Hongxing He,et al.  A comparative study of RNN for outlier detection in data mining , 2002, 2002 IEEE International Conference on Data Mining, 2002. Proceedings..

[18]  Jeremy Straub,et al.  A Human Proximity Operations System test case validation approach , 2013, 2013 IEEE Aerospace Conference.

[19]  V. Rao Vemuri,et al.  Robust Support Vector Machines for Anomaly Detection in Computer Security , 2003, ICMLA.

[20]  Mohammad Zulkernine,et al.  Anomaly Based Network Intrusion Detection with Unsupervised Outlier Detection , 2006, 2006 IEEE International Conference on Communications.

[21]  Graham J. Williams,et al.  On-Line Unsupervised Outlier Detection Using Finite Mixtures with Discounting Learning Algorithms , 2000, KDD '00.

[22]  T. Lane,et al.  Sequence Matching and Learning in Anomaly Detection for Computer Security , 1997 .

[23]  Jeremy Straub,et al.  Validating a UAV artificial intelligence control system using an autonomous test case generator , 2013, Defense, Security, and Sensing.

[24]  Neil C. Rowe,et al.  A Distributed Autonomous-Agent Network-Intrusion Detection and Response System , 1998 .

[25]  Jeremy Straub,et al.  An incremental and approximate local outlier probability algorithm for intrusion detection and its evaluation , 2017 .

[26]  Klaus Julisch,et al.  Clustering intrusion detection alarms to support root cause analysis , 2003, TSEC.

[27]  Jeremy Straub,et al.  3D printing cybersecurity: detecting and preventing attacks that seek to weaken a printed object by changing fill level , 2017, Commercial + Scientific Sensing and Imaging.

[28]  Jeremy Straub,et al.  CyberSecurity considerations for an interconnected self-driving car system of systems , 2017, 2017 12th System of Systems Engineering Conference (SoSE).

[29]  Phongphun Kijsanayothin,et al.  Cyber-security analysis of smart grid SCADA systems with game models , 2014, CISR '14.

[30]  Vern Paxson,et al.  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection , 2010, 2010 IEEE Symposium on Security and Privacy.

[31]  Mohammad Zulkernine,et al.  Random-Forests-Based Network Intrusion Detection Systems , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[32]  Ali A. Ghorbani,et al.  Y-means: a clustering method for intrusion detection , 2003, CCECE 2003 - Canadian Conference on Electrical and Computer Engineering. Toward a Caring and Humane Technology (Cat. No.03CH37436).