A Blended Active Detection Strategy for False Data Injection Attacks in Cyber-Physical Systems

In recent years, different solutions have been proposed to detect advanced stealthy cyber-attacks against networked control systems. In this article, we propose a blended detection scheme that properly leverages and combines two existing detection ideas, namely, watermarking and moving target. In particular, a watermarked signal and a nonlinear static auxiliary function are combined to both limit the attacker's disclosure resources and obtain an unidentifiable moving target. The proposed scheme is capable of detecting a broad class of false data injection attacks, including zero-dynamics, replay, and covert attacks. Moreover, it is shown that the proposed approach mitigates the drawbacks of standard moving target and watermarking defense strategies. Finally, an extensive simulation study is reported to contrast the proposed detector with recent competitor schemes and provide tangible evidence of the effectiveness of the proposed solution.

[1]  P. N. Paraskevopoulos,et al.  Modern Control Engineering , 2001 .

[2]  Karl Henrik Johansson,et al.  The quadruple-tank process: a multivariable laboratory process with an adjustable zero , 2000, IEEE Trans. Control. Syst. Technol..

[3]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[4]  Quanyan Zhu,et al.  Coding Schemes for Securing Cyber-Physical Systems Against Stealthy Data Injection Attacks , 2016, IEEE Transactions on Control of Network Systems.

[5]  Carlos Murguia,et al.  Tuning Windowed Chi-Squared Detectors for Sensor Attacks , 2017, 2018 Annual American Control Conference (ACC).

[6]  Zaheera Zainal Abidin,et al.  Cyber-Security Incidents: A Review Cases in Cyber-Physical Systems , 2018 .

[7]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[8]  Giorgio Battistelli,et al.  A Bayesian approach to joint attack detection and resilient state estimation , 2016, 2016 IEEE 55th Conference on Decision and Control (CDC).

[9]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[10]  F. Cleveland,et al.  IEC TC57 Security Standards for the Power System's Information Infrastructure - Beyond Simple Encryption , 2006, 2005/2006 IEEE/PES Transmission and Distribution Conference and Exhibition.

[11]  Walter Lucia,et al.  A Novel Control Architecture for the Detection of False Data Injection Attacks in Networked Control Systems , 2019, 2019 American Control Conference (ACC).

[12]  N. Jazdi,et al.  Cyber physical systems in the context of Industry 4.0 , 2014, 2014 IEEE International Conference on Automation, Quality and Testing, Robotics.

[13]  R. G. Sanfelice,et al.  A Moving Target Defense to Detect Stealthy Attacks in Cyber-Physical Systems , 2019, 2019 American Control Conference (ACC).

[14]  Weiyi Liu,et al.  Security analysis for Cyber-Physical Systems against stealthy deception attacks , 2013, 2013 American Control Conference.

[15]  Ping Zhang,et al.  Detection of covert attacks and zero dynamics attacks in cyber-physical systems , 2016, 2016 American Control Conference (ACC).

[16]  M. Pirani,et al.  A systems and control perspective of CPS security , 2019, Annu. Rev. Control..

[17]  Siddharth Sridhar,et al.  Cyber–Physical System Security for the Electric Power Grid , 2012, Proceedings of the IEEE.

[18]  T. M. Chen,et al.  Stuxnet, the real start of cyber warfare? [Editor's Note] , 2010, IEEE Netw..

[19]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[20]  Brian D. Ripley,et al.  Thoughts on pseudorandom number generators , 1990 .

[21]  Bruno Sinopoli,et al.  An Optimal Design of a Moving Target Defense for Attack Detection in Control Systems , 2019, 2019 American Control Conference (ACC).

[22]  Heejo Lee,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[23]  Karl Henrik Johansson,et al.  Revealing stealthy attacks in control systems , 2012, 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[24]  Nicolas Courtois,et al.  The Dark Side of Security by Obscurity - and Cloning MiFare Classic Rail and Building Passes, Anywhere, Anytime , 2009, SECRYPT.

[25]  Fenghua Zhu,et al.  Cyber-physical-social system in intelligent transportation , 2015, IEEE/CAA Journal of Automatica Sinica.

[26]  Soummya Kar,et al.  Dynamic Attack Detection in Cyber-Physical Systems With Side Initial State Information , 2015, IEEE Transactions on Automatic Control.

[27]  Roy S. Smith,et al.  Covert Misappropriation of Networked Control Systems: Presenting a Feedback Structure , 2015, IEEE Control Systems.

[28]  Ping Zhang,et al.  Detection of covert attacks on cyber-physical systems by extending the system dynamics with an auxiliary system , 2017, 2017 IEEE 56th Annual Conference on Decision and Control (CDC).

[29]  Bruno Sinopoli,et al.  Detecting integrity attacks on control systems using a moving target approach , 2015, 2015 54th IEEE Conference on Decision and Control (CDC).

[30]  George J. Pappas,et al.  Stochastic game approach for replay attack detection , 2013, 52nd IEEE Conference on Decision and Control.

[31]  Karl Henrik Johansson,et al.  A secure control framework for resource-limited adversaries , 2012, Autom..

[32]  Emanuele Garone,et al.  False data injection attacks against state estimation in wireless sensor networks , 2010, 49th IEEE Conference on Decision and Control (CDC).