Optimal Denial-of-Service Attack Scheduling With Energy Constraint

Security of Cyber-Physical Systems (CPS) has gained increasing attention in recent years. Most existing works mainly investigate the system performance given some attacking patterns. In this technical note, we investigate how an attacker should schedule its Denial-of-Service (DoS) attacks to degrade the system performance. Specifically, we consider the scenario where a sensor sends its data to a remote estimator through a wireless channel, while an energy-constrained attacker decides whether to jam the channel at each sampling time. We construct optimal attack schedules to maximize the expected average estimation error at the remote estimator. We also provide the optimal attack schedules when a special intrusion detection system (IDS) at the estimator is given. We further discuss the optimal attack schedules when the sensor has energy constraint. Numerical examples are presented to demonstrate the effectiveness of the proposed optimal attack schedules.

[1]  T. Kavitha,et al.  Security Vulnerabilities In Wireless Sensor Networks: A Survey , 2010 .

[2]  Jiming Chen,et al.  Privacy and performance trade-off in cyber-physical systems , 2016, IEEE Network.

[3]  Richard A. Poisel,et al.  Modern Communications Jamming Principles and Techniques , 2003 .

[4]  Guoxiang Gu,et al.  Generalized LQR control and Kalman filtering with relations to computations of inner-outer and spectral factorizations , 2006, IEEE Transactions on Automatic Control.

[5]  Shreyas Sundaram,et al.  Distributed Function Calculation via Linear Iterative Strategies in the Presence of Malicious Agents , 2011, IEEE Transactions on Automatic Control.

[6]  Emanuele Garone,et al.  Stochastic Sensor Scheduling for Energy Constrained Estimation in Multi-Hop Wireless Sensor Networks , 2011, IEEE Transactions on Automatic Control.

[7]  Ling Shi,et al.  Sensor data scheduling for optimal state estimation with communication energy constraint , 2011, Autom..

[8]  Bruno Sinopoli,et al.  Kalman filtering with intermittent observations , 2004, IEEE Transactions on Automatic Control.

[9]  Marimuthu Palaniswami,et al.  Energy-efficient link-layer jamming attacks against wireless sensor network MAC protocols , 2009, SASN '05.

[10]  Rafal Rohozinski,et al.  Stuxnet and the Future of Cyber War , 2011 .

[11]  Michael Zuba,et al.  Launching denial-of-service jamming attacks in underwater sensor networks , 2011, WUWNet '11.

[12]  Chenyang Lu,et al.  ARCH: Practical Channel Hopping for Reliable Home-Area Sensor Networks , 2011, 2011 17th IEEE Real-Time and Embedded Technology and Applications Symposium.

[13]  Ling Shi,et al.  Optimal Periodic Sensor Scheduling With Limited Resources , 2011, IEEE Transactions on Automatic Control.

[14]  Dan Rubenstein,et al.  Using Channel Hopping to Increase 802.11 Resilience to Jamming Attacks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[15]  Ling Shi,et al.  Optimal Denial-of-Service attack scheduling against linear quadratic Gaussian control , 2014, 2014 American Control Conference.

[16]  Lihua Xie,et al.  Mean square stability for Kalman filtering with Markovian packet losses , 2011, Autom..

[17]  Heejo Lee,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[18]  Xavier Litrico,et al.  Cyber Security of Water SCADA Systems—Part I: Analysis and Experimentation of Stealthy Deception Attacks , 2013, IEEE Transactions on Control Systems Technology.

[19]  Karl Henrik Johansson,et al.  Attack models and scenarios for networked control systems , 2012, HiCoNS '12.

[20]  Dae-Wha Seo,et al.  Intrusion detection based on traffic analysis in wireless sensor networks , 2010, The 19th Annual Wireless and Optical Communications Conference (WOCC 2010).

[21]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[22]  Bruno Sinopoli,et al.  Foundations of Control and Estimation Over Lossy Networks , 2007, Proceedings of the IEEE.

[23]  S. Shankar Sastry,et al.  Safe and Secure Networked Control Systems under Denial-of-Service Attacks , 2009, HSCC.

[24]  Ling Shi,et al.  Optimal DoS attack policy against remote state estimation , 2013, 52nd IEEE Conference on Decision and Control.