Towards Stabilization of Distributed Systems under Denial-of-Service

In this paper, we consider networked distributed systems in the presence of Denial-of-Service (DoS) attacks, namely attacks that prevent transmissions over the communication network. First, we consider a simple and typical scenario where communication sequence is purely Round-robin and we explicitly calculate a bound of attack frequency and duration, under which the interconnected large-scale system is asymptotically stable. Second, trading-off system resilience and communication load, we design a hybrid transmission strategy consisting of Zeno-free distributed event-triggered control and Round-robin. We show that with lower communication loads, the hybrid communication strategy enables the systems to have the same resilience as in pure Round-robin

Reinforcement learning based anti-jamming schedule in cyber-physical systems

In this paper, the security issue of cyber-physical systems is investigated, where the observation data is transmitted from a sensor to an estimator through wireless channels disturbed by an attacker. The failure of this data transmission occurs, when the sensor accesses the channel that happens to be attacked by the jammer. Since the system performance measured by the estimation error depends on whether the data transmission is a success, the problem of selecting the channel to alleviate the attack effect is studied. Moreover, the state of each channel is time-variant due to various factors, such as path loss and shadowing. Motivated by energy conservation, the problem of selecting the channel with the best state is also considered. With the help of cognitive radio technique, the sensor has the ability of selecting a sequence of channels dynamically. Based on this, the problem of selecting the channel is resolved by means of reinforcement learning to jointly avoid the attack and enjoy the channel with the best state. A corresponding algorithm is presented to obtain the sequence of channels for the sensor, and its effectiveness is proved analytically. Numerical simulations further verify the derived results

Co-design of Control and Scheduling in Networked Systems under Denial-of-Service attacks

We consider the joint design of control and scheduling under stochastic Denial-of-Service (DoS) attacks in the context of networked control systems. A sensor takes measurements of the system output and forwards its dynamic state estimates to a remote controller over a packet-dropping link. The controller determines the optimal control law for the process using the estimates it receives. An attacker aims at degrading the control performance by increasing the packet-dropout rate with a DoS attack towards the sensor-controller channel. Assume both the controller and the attacker are rational in a game-theoretic sense. We establish a partially observable stochastic game to derive the optimal joint design of scheduling and control. Using dynamic programming we prove that the control and scheduling policies can be designed separately without sacrificing optimality, making the problem equivalent to a complete information game. We employ Nash Q-learning to solve the problem and prove that the solution is guaranteed to constitute an $\epsilon$-Nash equilibrium. Numerical examples are provided to illustrate the tradeoffs between control performance and communication cost.Comment: 9 pages, 4 figure

A robust, reliable and deployable framework for In-vehicle security

Cyber attacks on financial and government institutions, critical infrastructure, voting systems, businesses, modern vehicles, etc., are on the rise. Fully connected autonomous vehicles are more vulnerable than ever to hacking and data theft. This is due to the fact that the protocols used for in-vehicle communication i.e. controller area network (CAN), FlexRay, local interconnect network (LIN), etc., lack basic security features such as message authentication, which makes it vulnerable to a wide range of attacks including spoofing attacks. This research presents methods to protect the vehicle against spoofing attacks. The proposed methods exploit uniqueness in the electronic control unit electronic control unit (ECU) and the physical channel between transmitting and destination nodes for linking the received packet to the source. Impurities in the digital device, physical channel, imperfections in design, material, and length of the channel contribute to the uniqueness of artifacts. I propose novel techniques for electronic control unit (ECU) identification in this research to address security vulnerabilities of the in-vehicle communication. The reliable ECU identification has the potential to prevent spoofing attacks launched over the CAN due to the inconsideration of the message authentication. In this regard, my techniques models the ECU-specific random distortion caused by the imperfections in digital-to-analog converter digital to analog converter (DAC), and semiconductor impurities in the transmitting ECU for fingerprinting. I also model the channel-specific random distortion, impurities in the physical channel, imperfections in design, material, and length of the channel are contributing factors behind physically unclonable artifacts. The lumped element model is used to characterize channel-specific distortions. This research exploits the distortion of the device (ECU) and distortion due to the channel to identify the transmitter and hence authenticate the transmitter.Ph.D.College of Engineering & Computer ScienceUniversity of Michigan-Dearbornhttps://deepblue.lib.umich.edu/bitstream/2027.42/154568/1/Azeem Hafeez Final Disseration.pdfDescription of Azeem Hafeez Final Disseration.pdf : Dissertatio

Remote State Estimation with Privacy Against Eavesdroppers

We study the problem of remote state estimation in the presence of a passive eavesdropper, under the challenging network environment of no packet receipt acknowledgments. A remote legitimate user estimates the state of a linear plant from the state information received from a sensor via an insecure and unreliable network. The transmission from the sensor may be intercepted by the eavesdropper. To maintain state confidentiality, we propose an encoding scheme, which is activated on detection of an eavesdropper. Our scheme randomly transmits noise based on a pseudo-random indicator, pre-arranged at the legitimate user and sensor. The transmission of noise harms the eavesdropper's performance. Under our encoding scheme, we impair the eavesdropper's expected estimation performance, whilst minimising expected performance degradation at the legitimate user. We explore the trade-off between state secrecy and legitimate user performance degradation.Comment: 6 Pages, 3 figure

Remote State Estimation with Privacy Against Active Eavesdroppers

This paper considers a cyber-physical system under an active eavesdropping attack. A remote legitimate user estimates the state of a linear plant from the state information received from a sensor. Transmissions from the sensor occur via an insecure and unreliable network. An active eavesdropper may perform an attack during system operation. The eavesdropper intercepts transmissions from the sensor, whilst simultaneously sabotaging the data transfer from the sensor to the remote legitimate user to harm its estimation performance. To maintain state confidentiality, we propose an encoding scheme that is activated on the detection of an eavesdropper. Our scheme transmits noise based on a pseudo-random indicator, pre-arranged at the legitimate user and sensor. The transmission of noise harms the eavesdropper's performance, more than that of the legitimate user. Using the proposed encoding scheme, we impair the eavesdropper's expected estimation performance, whilst minimising expected performance degradation at the legitimate user. We explore the trade-off between state confidentiality and legitimate user performance degradation through selecting the probability that the sensor transmits noise. Under certain design choices, the trace of the expected estimation error covariance of the eavesdropper is greater than that of the legitimate user. Numerical examples are provided to illustrate the proposed encoding scheme.Comment: 13 pages, 7 figures. arXiv admin note: text overlap with arXiv:2211.1341