Defending Cyber-Physical Systems against DoS Attacks

Recent advances in Cyber-Physical Systems (CPSs) promote the Internet as the main communication technology for monitoring, controlling and managing the physical entities as well as exchanging information between the physical entities and human users. On the other hand, the Internet introduces a variety of vulnerabilities that may put the security and privacy of CPSs under risk. The consequences of cyber-attacks to CPSs might be catastrophic because they are usually part of human habitat. One of the most perilous threats in the Internet is the Denial of Service (DoS) attack and its variations such as Distributed DoS (DDoS). In this work-in-progress, we propose a novel probabilistic packet marking scheme to infer forward paths from an attacker to a victim site and delegate the defense to the upstream Internet Service Providers (ISPs). Our results show that the victim site can construct a forward path from the attacker after receiving 23 packets on the average.