935 research outputs found
A moving target defense to detect stealthy attacks in cyber-physical systems
Cyber-Physical Systems (CPS) have traditionally been considered more static, with regular communication patterns when compared to classical information technology networks. Because the structure of most CPS remains unchanged during long periods of time, they become vulnerable to adversaries who can tailor their attacks based on their precise knowledge of the system dynamics, communications, and control. Moving Target Defense (MTD) has emerged as a strategy to add uncertainty about the state and execution of a system in order to prevent adversaries from having predictable effects with their attacks. In this work we propose a novel type of MTD strategy that randomly changes the availability of the sensor data, so that it is harder for adversaries to tailor stealthy attacks and at the same time it can minimize the impact of false-data injection attacks. Using tools from switched control systems we formulate an optimization problem to find the probability of the switching signals that increase the visibility of stealthy attacks while decreasing the deviation caused by false data injection attacks
Information Flow for Security in Control Systems
This paper considers the development of information flow analyses to support
resilient design and active detection of adversaries in cyber physical systems
(CPS). The area of CPS security, though well studied, suffers from
fragmentation. In this paper, we consider control systems as an abstraction of
CPS. Here, we extend the notion of information flow analysis, a well
established set of methods developed in software security, to obtain a unified
framework that captures and extends system theoretic results in control system
security. In particular, we propose the Kullback Liebler (KL) divergence as a
causal measure of information flow, which quantifies the effect of adversarial
inputs on sensor outputs. We show that the proposed measure characterizes the
resilience of control systems to specific attack strategies by relating the KL
divergence to optimal detection techniques. We then relate information flows to
stealthy attack scenarios where an adversary can bypass detection. Finally,
this article examines active detection mechanisms where a defender
intelligently manipulates control inputs or the system itself in order to
elicit information flows from an attacker's malicious behavior. In all previous
cases, we demonstrate an ability to investigate and extend existing results by
utilizing the proposed information flow analyses
- …