Probabilistic system opacity in discrete event systems

In many emerging security applications, a system designer frequently needs to ensure that a certain property of a given system (that may reveal important details about the system's operation) be kept secret (opaque) to outside observers (eavesdroppers or intruders). Motivated by such applications, several researchers have formalized, analyzed, and described methods to verify notions of opacity in discrete event systems of interest. This paper introduces and analyzes a notion of opacity in systems that can be modeled as probabilistic finite automata or hidden Markov models. We consider a setting where a user needs to choose a specific hidden Markov model (HMM) out of m possible (different) HMMs, but would like to “hide” the true system from intruders, by not allowing them to have an arbitrary level certainty as to which system has been chosen. We describe necessary and sufficient conditions (that can be checked with polynomial complexity), under which the intruder cannot distinguish the true HMM, namely, the intruder cannot achieve a level of certainty about its decision that is above a certain threshold that we can a priori compute.

[1]  Anooshiravan Saboori,et al.  Coverage analysis of mobile agent trajectory via state-based opacity formulations☆ , 2011 .

[2]  Maciej Koutny,et al.  Opacity Generalised to Transition Systems , 2005, Formal Aspects in Security and Trust.

[3]  Mathieu Sassolas,et al.  Quantifying Opacity , 2010, QEST.

[4]  Christoforos N. Hadjicostis,et al.  Notions of security and opacity in discrete event systems , 2007, 2007 46th IEEE Conference on Decision and Control.

[5]  J. Todd Wittbold,et al.  Information flow in nondeterministic systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[6]  Peter Willett,et al.  Detection of hidden Markov model transient signals , 2000, IEEE Trans. Aerosp. Electron. Syst..

[7]  Maciej Koutny,et al.  Modelling Opacity Using Petri Nets , 2005, WISP@ICATPN.

[8]  Christoforos Keroglou,et al.  Initial state opacity in stochastic DES , 2013, 2013 IEEE 18th Conference on Emerging Technologies & Factory Automation (ETFA).

[9]  W.-G. Tseng The equivalence and learning of probabilistic automata , 1989, 30th Annual Symposium on Foundations of Computer Science.

[10]  Eleftheria Athanasopoulou,et al.  Probability of error bounds for failure diagnosis and classification in hidden Markov models , 2008, 2008 47th IEEE Conference on Decision and Control.

[11]  Christoforos Keroglou,et al.  Hidden Markov Model Classification Based on Empirical Frequencies of Observed Symbols , 2014, WODES.

[12]  Benoît Caillaud,et al.  Concurrent Secrets , 2007, 2006 8th International Workshop on Discrete Event Systems.

[13]  J.S. Baras,et al.  Distributed change detection for worms, DDoS and other network attacks , 2004, Proceedings of the 2004 American Control Conference.

[14]  Christoforos N. Hadjicostis,et al.  Current-State Opacity Formulations in Probabilistic Finite Automata , 2014, IEEE Transactions on Automatic Control.

[15]  King-Sun Fu,et al.  Syntactic Pattern Recognition And Applications , 1968 .

[16]  Maciej Koutny,et al.  Modelling Dynamic Opacity Using Petri Nets with Silent Actions , 2004, Formal Aspects in Security and Trust.

[17]  P. Glynn,et al.  Hoeffding's inequality for uniformly ergodic Markov chains , 2002 .

[18]  Roberto Gorrieri,et al.  A taxonomy of trace-based security properties for CCS , 1994, Proceedings The Computer Security Foundations Workshop VII.

[19]  P. Darondeau,et al.  Opacity enforcing control synthesis , 2008, 2008 9th International Workshop on Discrete Event Systems.

[20]  E. Seneta Non-negative Matrices and Markov Chains , 2008 .

[21]  Jonathan K. Millen,et al.  Covert Channel Capacity , 1987, 1987 IEEE Symposium on Security and Privacy.

[22]  Stéphane Lafortune,et al.  Comparative analysis of related notions of opacity in centralized and coordinated architectures , 2013, Discret. Event Dyn. Syst..

[23]  Joe Brewer,et al.  Kronecker products and matrix calculus in system theory , 1978 .

[24]  E. S. Pearson,et al.  On the Problem of the Most Efficient Tests of Statistical Hypotheses , 1933 .

[25]  Christoforos N. Hadjicostis,et al.  Verification of initial-state opacity in security applications of discrete event systems , 2013, Inf. Sci..