Learning-Based Attacks in Cyber-Physical Systems

We introduce the problem of learning-based attacks in a simple abstraction of cyber-physical systems— the case of a discrete-time, linear, time-invariant plant that may be subject to an attack that overrides sensor readings and controller actions. The attacker attempts to learn the dynamics of the plant and subsequently overrides the controller's actuation signal to destroy the plant without being detected. The attacker can feed fictitious sensor readings to the controller using its estimate of the plant dynamics and mimic the legitimate plant operation. The controller, in contrast, is constantly on the lookout for an attack; once the controller detects an attack, it immediately shuts the plant off. In the case of scalar plants, we derive an upper bound on the attacker's deception probability for any measurable control policy when the attacker uses an arbitrary learning algorithm to estimate the system dynamics. We then derive lower bounds for the attacker's deception probability for both scalar and vector plants by assuming an authentication test that inspects the empirical variance of the system disturbance. We also show how the controller can improve the security of the system by superimposing a carefully crafted privacy-enhancing signal on top of the “nominal control policy.” Finally, for nonlinear scalar dynamics that belong to the reproducing kernel Hilbert space, we investigate the performance of attacks based on nonlinear Gaussian process learning algorithms.

[1]  M. Franceschetti,et al.  Learning-based attacks in Cyber-Physical Systems: Exploration, Detection, and Control Cost trade-offs , 2020, L4DC.

[2]  J. Burdick,et al.  Safe Multi-Agent Interaction through Robust Control Barrier Functions with Learned Uncertainties , 2020, 2020 59th IEEE Conference on Decision and Control (CDC).

[3]  Henrik Sandberg,et al.  Parameter Privacy versus Control Performance: Fisher Information Regularized Control , 2020, 2020 American Control Conference (ACC).

[4]  Kyriakos G. Vamvoudakis,et al.  A Moving Target Defense Control Framework for Cyber-Physical Systems , 2020, IEEE Transactions on Automatic Control.

[5]  David K. Y. Yau,et al.  Analysis of Moving Target Defense Against False Data Injection Attacks on Power Grid , 2019, IEEE Transactions on Information Forensics and Security.

[6]  M. Franceschetti,et al.  Probabilistic Safety Constraints for Learned High Relative Degree System Dynamics , 2019, L4DC.

[7]  Bruno Sinopoli,et al.  An Optimal Design of a Moving Target Defense for Attack Detection in Control Systems , 2019, 2019 American Control Conference (ACC).

[8]  Xiaoqiang Ren,et al.  DoS Attacks on Remote State Estimation With Asymmetric Information , 2019, IEEE Transactions on Control of Network Systems.

[9]  Zeynep Akata,et al.  Combining Generative and Discriminative Models for Hybrid Inference , 2019, NeurIPS.

[10]  Henrik Sandberg,et al.  A Tutorial Introduction to Security and Privacy for Cyber-Physical Systems , 2019, 2019 18th European Control Conference (ECC).

[11]  Anuradha M. Annaswamy,et al.  Baiting For Defense Against Stealthy Attacks on Cyber-Physical Systems , 2019, AIAA Scitech 2019 Forum.

[12]  Alexander Rakhlin,et al.  Near optimal finite time identification of arbitrary linear dynamical systems , 2018, ICML.

[13]  Karl Henrik Johansson,et al.  Secure Control of Wide-Area Power Systems: Confidentiality and Integrity Threats , 2018, 2018 IEEE Conference on Decision and Control (CDC).

[14]  Massimo Franceschetti,et al.  Authentication of cyber-physical systems under learning-based attacks , 2018, IFAC-PapersOnLine.

[15]  Karl Henrik Johansson,et al.  An On-line Design of Physical Watermarks , 2018, 2018 IEEE Conference on Decision and Control (CDC).

[16]  Jie Fu,et al.  Minimum Violation Control Synthesis on Cyber-Physical Systems under Attacks , 2018, 2018 IEEE Conference on Decision and Control (CDC).

[17]  Greg Jackson,et al.  Design and Evaluation of Jamming Resilient Cyber-Physical Systems , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[18]  Anders Rantzer,et al.  Concentration Bounds for Single Parameter Adaptive Control , 2018, 2018 Annual American Control Conference (ACC).

[19]  Vijay Kumar,et al.  Approximating Explicit Model Predictive Control Using Constrained Neural Networks , 2018, 2018 Annual American Control Conference (ACC).

[20]  Walid Saad,et al.  Deep Learning for Signal Authentication and Security in Massive Internet-of-Things Systems , 2018, IEEE Transactions on Communications.

[21]  Ling Shi,et al.  Causality Countermeasures for Anomaly Detection in Cyber-Physical Systems , 2018, IEEE Transactions on Automatic Control.

[22]  Stephen Tu,et al.  Least-Squares Temporal Difference Learning for the Linear Quadratic Regulator , 2017, ICML.

[23]  Tara Javidi,et al.  Gaussian Process bandits with adaptive discretization , 2017, ArXiv.

[24]  Wei Xing Zheng,et al.  Cost-effective watermark based detector for replay attacks on cyber-physical systems , 2017, 2017 11th Asian Control Conference (ASCC).

[25]  Sandra Hirche,et al.  Feedback linearization using Gaussian processes , 2017, 2017 IEEE 56th Annual Conference on Decision and Control (CDC).

[26]  Philip N. Brown,et al.  Security Against Impersonation Attacks in Distributed Systems , 2017, IEEE Transactions on Control of Network Systems.

[27]  Carlos Murguia,et al.  Tuning Windowed Chi-Squared Detectors for Sensor Attacks , 2017, 2018 Annual American Control Conference (ACC).

[28]  Navid Hashemi,et al.  A Comparison of Stealthy Sensor Attacks on Control Systems , 2017, 2018 Annual American Control Conference (ACC).

[29]  Stephen Tu,et al.  On the Sample Complexity of the Linear Quadratic Regulator , 2017, Foundations of Computational Mathematics.

[30]  Ram Vasudevan,et al.  Statistical Watermarking for Networked Control Systems , 2017, 2018 Annual American Control Conference (ACC).

[31]  Tyler H. Summers,et al.  Security analysis of cyber-physical systems using H 2 norm , 2017 .

[32]  Andreas Krause,et al.  Safe Model-based Reinforcement Learning with Stability Guarantees , 2017, NIPS.

[33]  Jaime F. Fisac,et al.  A General Safety Framework for Learning-Based Control in Uncertain Robotic Systems , 2017, IEEE Transactions on Automatic Control.

[34]  Vijay Gupta,et al.  Data-injection attacks in stochastic control systems: Detectability and performance tradeoffs , 2017, Autom..

[35]  Aditya Gopalan,et al.  On Kernelized Multi-armed Bandits , 2017, ICML.

[36]  W. P. M. H. Heemels,et al.  Event-Triggered Control Systems Under Denial-of-Service Attacks , 2017, IEEE Transactions on Control of Network Systems.

[37]  George J. Pappas,et al.  Differential privacy in control and network systems , 2016, 2016 IEEE 55th Conference on Decision and Control (CDC).

[38]  Henrik Sandberg,et al.  Limiting the Impact of Stealthy Attacks on Industrial Control Systems , 2016, CCS.

[39]  Anna Scaglione,et al.  Micro Synchrophasor-Based Intrusion Detection in Automated Distribution Systems: Toward Critical Infrastructure Security , 2016, IEEE Internet Computing.

[40]  B. Efron,et al.  Computer Age Statistical Inference: Algorithms, Evidence, and Data Science , 2016 .

[41]  Soummya Kar,et al.  Cyber-Physical Attacks With Control Objectives , 2016, IEEE Transactions on Automatic Control.

[42]  Ping Zhang,et al.  Detection of covert attacks and zero dynamics attacks in cyber-physical systems , 2016, 2016 American Control Conference (ACC).

[43]  Panganamala Ramana Kumar,et al.  Dynamic Watermarking: Active Defense of Networked Cyber–Physical Systems , 2016, Proceedings of the IEEE.

[44]  Tomohisa Hayakawa,et al.  Networked Control Under Random and Malicious Packet Losses , 2016, IEEE Transactions on Automatic Control.

[45]  Takashi Tanaka,et al.  Designing optimal watermark signal for a stealthy attacker , 2016, 2016 European Control Conference (ECC).

[46]  Paulo Tabuada,et al.  SMT-Based Observer Design for Cyber-Physical Systems under Sensor Attacks , 2016, 2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS).

[47]  Yilin Mo,et al.  Security in cyber-physical systems: Controller design against Known-Plaintext Attack , 2015, 2015 54th IEEE Conference on Decision and Control (CDC).

[48]  Bruno Sinopoli,et al.  Detecting integrity attacks on control systems using a moving target approach , 2015, 2015 54th IEEE Conference on Decision and Control (CDC).

[49]  Tamer Basar,et al.  Privacy constrained information processing , 2015, 2015 54th IEEE Conference on Decision and Control (CDC).

[50]  Bruno Sinopoli,et al.  Physical Authentication of Control Systems: Designing Watermarked Control Inputs to Detect Counterfeit Sensor Outputs , 2015, IEEE Control Systems.

[51]  Karl Henrik Johansson,et al.  Cyberphysical Security in Networked Control Systems: An Introduction to the Issue , 2015 .

[52]  Ben Kehoe,et al.  A Survey of Research on Cloud Robotics and Automation , 2015, IEEE Transactions on Automation Science and Engineering.

[53]  George J. Pappas,et al.  Stochastic game approach for replay attack detection , 2013, 52nd IEEE Conference on Decision and Control.

[54]  Martin J. Wainwright,et al.  Distance-based and continuum Fano inequalities with applications to statistical estimation , 2013, ArXiv.

[55]  Sonia Martínez,et al.  On the Performance Analysis of Resilient Networked Control Systems Under Replay Attacks , 2013, IEEE Transactions on Automatic Control.

[56]  Karl Henrik Johansson,et al.  A secure control framework for resource-limited adversaries , 2012, Autom..

[57]  Sajal K. Das,et al.  Security and vulnerability of cyber-physical infrastructure networks: A control-theoretic approach , 2012 .

[58]  Nan Zhang,et al.  Handbook on Securing Cyber-Physical Critical Infrastructure , 2012 .

[59]  Carl E. Rasmussen,et al.  PILCO: A Model-Based and Data-Efficient Approach to Policy Search , 2011, ICML.

[60]  Maxim Raginsky,et al.  Divergence-based characterization of fundamental limitations of adaptive dynamical systems , 2010, 2010 48th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[61]  Andreas Krause,et al.  Information-Theoretic Regret Bounds for Gaussian Process Optimization in the Bandit Setting , 2009, IEEE Transactions on Information Theory.

[62]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[63]  Matthias W. Seeger,et al.  Gaussian Processes For Machine Learning , 2004, Int. J. Neural Syst..

[64]  Carl E. Rasmussen Gaussian Processes in Machine Learning , 2003, Advanced Lectures on Machine Learning.

[65]  Fuzhen Zhang Matrix Theory: Basic Results and Techniques , 1999 .

[66]  Stephen S. Wilson,et al.  Random iterative models , 1996 .

[67]  R. Durrett Probability: Theory and Examples , 1993 .

[68]  T. Lai,et al.  Least Squares Estimates in Stochastic Regression Models with Applications to Identification and Control of Dynamic Systems , 1982 .

[69]  D. Marquardt An Algorithm for Least-Squares Estimation of Nonlinear Parameters , 1963 .

[70]  R. Stephenson A and V , 1962, The British journal of ophthalmology.

[71]  M. Pirani,et al.  A systems and control perspective of CPS security , 2019, Annu. Rev. Control..

[72]  W. Hager,et al.  and s , 2019, Shallow Water Hydraulics.

[73]  Bharadwaj Satchidanandan,et al.  Control Systems Under Attack: The Securable and Unsecurable Subspaces of a Linear Stochastic System , 2018 .

[74]  D. Bertsekas Reinforcement Learning and Optimal ControlA Selective Overview , 2018 .

[75]  C. Rasmussen,et al.  Improving PILCO with Bayesian Neural Network Dynamics Models , 2016 .

[76]  Marimuthu Palaniswami,et al.  Security Games for Risk Minimization in Automatic Generation Control , 2015, IEEE Transactions on Power Systems.

[77]  W. Marsden I and J , 2012 .

[78]  Roy S. Smith,et al.  A Decoupled Feedback Structure for Covertly Appropriating Networked Control Systems , 2011 .

[79]  Richard S. Sutton,et al.  Reinforcement Learning: An Introduction , 1998, IEEE Trans. Neural Networks.

[80]  L. Sehgal,et al.  Γ and B , 2004 .

[81]  I. Miyazaki,et al.  AND T , 2022 .

[82]  and as an in , 2022 .