A Switching Multiplicative Watermarking Scheme for Detection of Stealthy Cyber-Attacks

This article addresses the detection of stealthy attacks on sensor measurements. Inspired in authentication schemes with weak cryptographic guarantees, we propose a watermarking approach to validate the data and its source. In particular, we propose a multiplicative scheme, where the sensor outputs are watermarked by a bank of filters, then transmitted through the possibly unsecured communication network. The original measurement data are finally reconstructed by a watermark remover. To allow the detection of replay attacks, the watermarking filters are devised as hybrid switching systems, whose parameters are assumed to be unknown to the adversary. Design rules are provided, guaranteeing that the nominal closed-loop performance is not deteriorated by the watermarking scheme and ensuring robust stability with mismatched filter parameters. Moreover, we design a switching protocol with no communication overhead to allow the watermarking filters to synchronously update their parameters. The detectability properties of cyber-attacks are analyzed, and the results are illustrated through numerical examples for replay and data injection attacks.

[1]  Trend Micro: Unseen Threats, Imminent Losses: 2018 Midyear Security Roundup , 2018, Network Security.

[2]  Riccardo M. G. Ferrari,et al.  Detection of Sensor Data Injection Attacks with Multiplicative Watermarking , 2018, 2018 European Control Conference (ECC).

[3]  Thomas Parisini,et al.  Distributed watermarking for secure control of microgrids under replay attacks , 2018, ArXiv.

[4]  Riccardo M. G. Ferrari,et al.  Detection and Isolation of Replay Attacks through Sensor Watermarking , 2017 .

[5]  Riccardo M. G. Ferrari,et al.  Detection and isolation of routing attacks through sensor watermarking , 2017, 2017 American Control Conference (ACC).

[6]  Panganamala Ramana Kumar,et al.  Dynamic Watermarking: Active Defense of Networked Cyber–Physical Systems , 2016, Proceedings of the IEEE.

[7]  Quanyan Zhu,et al.  Coding Schemes for Securing Cyber-Physical Systems Against Stealthy Data Injection Attacks , 2016, IEEE Transactions on Control of Network Systems.

[8]  Nils Ole Tippenhauer,et al.  SWaT: a water treatment testbed for research and training on ICS security , 2016, 2016 International Workshop on Cyber-physical Systems for Smart Water Networks (CySWater).

[9]  Bruno Sinopoli,et al.  Detecting integrity attacks on control systems using a moving target approach , 2015, 2015 54th IEEE Conference on Decision and Control (CDC).

[10]  David Hutchison,et al.  A survey of cyber security management in industrial control systems , 2015, Int. J. Crit. Infrastructure Prot..

[11]  Bruno Sinopoli,et al.  Physical Authentication of Control Systems: Designing Watermarked Control Inputs to Detect Counterfeit Sensor Outputs , 2015, IEEE Control Systems.

[12]  Karl Henrik Johansson,et al.  A secure control framework for resource-limited adversaries , 2012, Autom..

[13]  Andrew R. Teel,et al.  A hybrid systems approach to global synchronization and coordination of multi-agent sampled-data systems , 2015, ADHS.

[14]  Mi-Ching Tsai,et al.  Robust and Optimal Control , 2014 .

[15]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[16]  Karl Henrik Johansson,et al.  Revealing stealthy attacks in control systems , 2012, 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[17]  Roy S. Smith,et al.  A Decoupled Feedback Structure for Covertly Appropriating Networked Control Systems , 2011 .

[18]  R. Sanfelice,et al.  Hybrid dynamical systems , 2009, IEEE Control Systems.

[19]  Bruno Sinopoli,et al.  Challenges for Securing Cyber Physical Systems , 2009 .

[20]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[21]  R.M.G. Ferrari,et al.  A robust fault detection and isolation scheme for a class of uncertain input-output discrete-time nonlinear systems , 2008, 2008 American Control Conference.

[22]  Stefan Katzenbeisser,et al.  Transactions on Data Hiding and Multimedia Security I , 2006, Trans. Data Hiding and Multimedia Security.