Multistage Downstream Attack Detection in a Cyber Physical System

We present an attack detection scheme for a water treatment system. We leverage the connectivity of two stages of the process to detect attacks downstream from the point of attack. Based on a mathematical model of the process, carefully crafted and executed attacks, are detected by deploying CUSUM and Bad-Data detectors. Extensive experiments are carried out and the results show the performance of the proposed scheme.

[1]  Aditya P. Mathur,et al.  Hardware Identification via Sensor Fingerprinting in a Cyber Physical System , 2017, 2017 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C).

[2]  Carlos Murguia,et al.  Model-based Attack Detection Scheme for Smart Water Distribution Networks , 2017, AsiaCCS.

[3]  Sridhar Adepu,et al.  Generalized Attacker and Attack Models for Cyber Physical Systems , 2016, 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC).

[4]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[5]  Weiyi Liu,et al.  Security analysis for Cyber-Physical Systems against stealthy deception attacks , 2013, 2013 American Control Conference.

[6]  Quanyan Zhu,et al.  Coding sensor outputs for injection attacks detection , 2014, 53rd IEEE Conference on Decision and Control.

[7]  Henrik Sandberg,et al.  Limiting the Impact of Stealthy Attacks on Industrial Control Systems , 2016, CCS.

[8]  Vijay Gupta,et al.  On Kalman filtering in the presence of a compromised sensor: Fundamental performance bounds , 2014, 2014 American Control Conference.

[9]  Sridhar Adepu,et al.  Limitations of state estimation based cyber attack detection schemes in industrial control systems , 2016, 2016 Smart City Security and Privacy Workshop (SCSP-W).

[10]  Carlos Murguia,et al.  Characterization of a CUSUM model-based sensor attack detector , 2016, 2016 IEEE 55th Conference on Decision and Control (CDC).

[11]  Alvaro A. Cárdenas,et al.  Attacking Fieldbus Communications in ICS: Applications to the SWaT Testbed , 2016, SG-CRC.

[12]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[13]  Carlos Murguia,et al.  CUSUM and chi-squared attack detection of compromised sensors , 2016, 2016 IEEE Conference on Control Applications (CCA).

[14]  Sheldon M. Ross Introduction to Probability Models. , 1995 .

[15]  Sheldon M. Ross,et al.  Introduction to Probability Models, Eighth Edition , 1972 .

[16]  Emanuele Garone,et al.  False data injection attacks against state estimation in wireless sensor networks , 2010, 49th IEEE Conference on Decision and Control (CDC).

[17]  Vijay Gupta,et al.  Security in stochastic control systems: Fundamental limitations and performance bounds , 2015, 2015 American Control Conference (ACC).

[18]  Edward A. Lee Cyber Physical Systems: Design Challenges , 2008, 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC).