730 research outputs found
Recommended from our members
A Survey on Model-Based Distributed Control and Filtering for Industrial Cyber-Physical Systems
Secure and Privacy-Preserving Cyber-Physical Systems
RĂSUMĂ
Dans cette thĂšse de doctorat, nous Ă©tudions le problĂšme de conception dâestimateur et de
commande préservant la confidentialité de données dans un systÚme multi-algent composé
de systĂšmes individuels linĂ©aires incertains ainsi que le problĂšme de conception dâattaques
furtives et dâestimateurs rĂ©silients aux attaques dans les systĂšme cyber-physiques. Les systĂšmes
de surveillance et de commande Ă grande Ă©chelle permettant une infrastructure de
plus en plus intelligente sâappuient de plus en plus sur des donnĂ©es sensibles obtenues auprĂšs
dâagents privĂ©s. Par exemple, ces systĂšmes collectent des donnĂ©es de localisation dâutilisateurs
dâun systĂšme de transport intelligent ou des donnĂ©es mĂ©dicales de patients pour une dĂ©tection
intelligente dâĂ©pidĂ©mie. Cependant, les considĂ©rations de confidentialitĂ© peuvent rendre
les agents réticents à partager les informations nécessaires pour améliorer les performances
dâune infrastructure intelligente. Dans le but dâencourager la participation de ces agents, il
sâavĂšre important de concevoir des algorithmes qui traitent les donnĂ©es dâune maniĂšre qui
preserve leur confidentialité.
Durant la premiÚre partie de cette thÚse, nous considérons des scénarios dans lesquels les
systÚmes individuels sont indépendants et sont des systÚmes linéaires gaussiens. Nous revisitons
les problÚmes de filtrage de Kalman et de commande linéaire quadratique gaussienne
(LQG), sous contraintes de preservation de la confidentialité. Nous aimerions garantir la
confidentialité differentielle, une définition formelle et à la pointe de la technologie concernant
la confidentialitĂ©, et qui garantit que la sortie dâun algorithme ne soit pas trop sensible
aux donnĂ©es collectĂ©es auprĂšs dâun seul agent. Nous proposons une architecture en deux
Ă©tapes, qui agrĂšge et combine dâabord les signaux des agents individuels avant dâajouter du
bruit prĂ©servant la confidentialitĂ© et post-filtrer le rĂ©sultat Ă publier. Nous montrons quâune
amélioration significative des performances est offerte par cette architecture par rapport aux
architectures standards de perturbations dâentrĂ©e Ă mesure que le nombre de signaux dâentrĂ©e
augmente. Nous prouvons quâun prĂ©-filtre optimal dâagrĂ©gation statique peut ĂȘtre conçu en
rĂ©solvant un programme semi-dĂ©fini. Lâarchitecture en deux Ă©tapes, que nous dĂ©veloppons
dâabord pour le filtrage de Kalman, est ensuite adaptĂ©e au problĂšme de commande LQG
en exploitant le principe de séparation. A travers des simulations numériques, nous illustrons
les améliorations de performance de notre architecture par rapport aux algorithmes de
confidentialitĂ© diffĂ©rentielle qui nâutilisent pas dâagrĂ©gation de signal.----------ABSTRACT
This thesis studies the problem of privacy-preserving estimator and control design in a multiagent
system composed of uncertain individual linear systems and the problem of design
of undetectable attacks and attack-resilient estimators for cyber-physical systems. Largescale
monitoring and control systems enabling a more intelligent infrastructure increasingly
rely on sensitive data obtained from private agents, e.g., location traces collected from the
users of an intelligent transportation system or medical records collected from patients for
intelligent health monitoring. Nevertheless, privacy considerations can make agents reluctant
to share the information necessary to improve the performance of an intelligent infrastructure.
In order to encourage the participation of these agents, it becomes then critical to design
algorithms that process information in a privacy-preserving way. The first part of this thesis
consider scenarios in which the individual agent systems are linear Gaussian systems and
are independent. We revisit the Kalman filtering and Linear Quadratic Gaussian (LQG)
control problems, subject to privacy constraints. We aim to enforce differential privacy, a
formal, state-of-the-art definition of privacy ensuring that the output of an algorithm is not
too sensitive to the data collected from any single participating agent. We propose a twostage
architecture, which first aggregates and combines the individual agent signals before
adding privacy-preserving noise and post-filtering the result to be published. We show a
significant performance improvement offered by this architecture over input perturbation
schemes as the number of input signals increases and that an optimal static aggregation stage
can be computed by solving a semidefinite program. The two-stage architecture, which we
develop first for Kalman filtering, is then adapted to the LQG control problem by leveraging
the separation principle. We provide numerical simulations that illustrate the performance
improvements over differentially private algorithms without first-stage signal aggregation.
The second part of this thesis considers the problem of privacy-preserving estimator design
for a multi-agent system composed of individual linear time-invariant systems affected by
uncertainties whose statistical properties are not available. Only bounds are given a priori
for these uncertainties. We propose a privacy-preserving interval estimator architecture,
which releases publicly estimates of lower and upper bounds for an aggregate of the states
of the individual systems. Particularly, we add a bounded privacy-preserving noise to each
participantâs data before sending it to the estimator. The estimates published by the observer
guarantee differential privacy for the agentsâ data. We provide a numerical simulation that
illustrates the behavior of the proposed architecture
Secure Set-Based State Estimation for Linear Systems under Adversarial Attacks on Sensors
When a strategic adversary can attack multiple sensors of a system and freely
choose a different set of sensors at different times, how can we ensure that
the state estimate remains uncorrupted by the attacker? The existing literature
addressing this problem mandates that the adversary can only corrupt less than
half of the total number of sensors. This limitation is fundamental to all
point-based secure state estimators because of their dependence on algorithms
that rely on majority voting among sensors. However, in reality, an adversary
with ample resources may not be limited to attacking less than half of the
total number of sensors. This paper avoids the above-mentioned fundamental
limitation by proposing a set-based approach that allows attacks on all but one
sensor at any given time. We guarantee that the true state is always contained
in the estimated set, which is represented by a collection of constrained
zonotopes, provided that the system is bounded-input-bounded-state stable and
redundantly observable via every combination of sensor subsets with size equal
to the number of uncompromised sensors. Additionally, we show that the
estimated set is secure and stable irrespective of the attack signals if the
process and measurement noises are bounded. To detect the set of attacked
sensors at each time, we propose a simple attack detection technique. However,
we acknowledge that intelligently designed stealthy attacks may not be detected
and, in the worst-case scenario, could even result in exponential growth in the
algorithm's complexity. We alleviate this shortcoming by presenting a range of
strategies that offer different levels of trade-offs between estimation
performance and complexity
Secure Control of Cyber-Physical Systems
Cyber-Physical Systems (CPS) are smart co-engineered interacting networks of physical and computational components. They refer to a large class of technologies and infrastructure in almost all life aspects including, for example, smart grids, autonomous vehicles, Internet of Things (IoT), advanced medical devices, and water supply systems. The development of CPS aims to improve the capabilities of traditional engineering systems by introducing advanced computational capacity and communications among system entities. On the other hand, the adoption of such technologies introduces a threat and exposes the system to cyber-attacks. Given the unique properties of CPSs, i.e. physically interacting with its environment, malicious parties might be interested in exploiting the physical properties of the system in the form of a cyber-physical attack. In a large class of CPSs, the physical systems are controlled using a feedback control loop. In this thesis, we investigate, from many angles, how CPSs' control systems can be prone to cyber-physical attacks and how to defend them against such attacks using arguments drawn from control theory.
In our first contribution, by considering Smart Grid applications, we address the problem of designing a Denial of Service (DoS)-resilient controller for recovering the system's transient stability robustly. We propose a Model Predictive Control (MPC) controller based on the set-theoretic (ST) arguments, which is capable of dealing with both model uncertainties, actuator limitations, and DoS. Unlike traditional MPC solutions, the proposed controller has the capability of moving most of the required computations into an offline phase. The online phase requires the solution of a quadratic programming problem, which can be efficiently solved in real-time. Then, stemming from the same ST based MPC controller idea, we propose a novel physical watermarking technique for the active detection of replay attacks in CPSs. The proposed strategy exploits the ST-MPC paradigm to design control inputs that, whenever needed, can be safely and continuously applied to the system for an apriori known number of steps. Such a control scheme enables the design of a physical watermarked control signal. We prove that, in the attack-free case, the generators' transient stability is achieved for all admissible watermarking signals and that the closed-loop system enjoys uniformly ultimately bounded stability.
In our second contribution, we address the attacker's ability to collect useful information about the control system in the reconnaissance phase of a cyber-physical attack. By using existing system identification tools, an attacker who has access to the control loop can identify the dynamics of the underlying control system. We develop a decoy-based moving target defense mechanism by leveraging an auxiliary set of virtual state-based decoy systems. Simulation results show that the provided solution degrades the attacker's ability to identify the underlying state-space model of the considered system from the intercepted control inputs and sensor measurements. It also does not impose any penalty on the control performance of the underlying system.
Finally, in our third contribution, we introduce a covert channel technique, enabling a compromised networked controller to leak information to an eavesdropper who has access to the measurement channel. We show that this can be achieved without establishing any additional explicit communication channels by properly altering the control logic and exploiting robust reachability arguments. A dual-mode receding horizon MPC strategy is used as an illustrative example to show how such an undetectable covert channel can be established
On designing large, secure and resilient networked systems
2019 Summer.Includes bibliographical references.Defending large networked systems against rapidly evolving cyber attacks is challenging. This is because of several factors. First, cyber defenders are always fighting an asymmetric warfare: While the attacker needs to find just a single security vulnerability that is unprotected to launch an attack, the defender needs to identify and protect against all possible avenues of attacks to the system. Various types of cost factors, such as, but not limited to, costs related to identifying and installing defenses, costs related to security management, costs related to manpower training and development, costs related to system availability, etc., make this asymmetric warfare even challenging. Second, newer and newer cyber threats are always emerging - the so called zero-day attacks. It is not possible for a cyber defender to defend against an attack for which defenses are yet unknown. In this work, we investigate the problem of designing large and complex networks that are secure and resilient. There are two specific aspects of the problem that we look into. First is the problem of detecting anomalous activities in the network. While this problem has been variously investigated, we address the problem differently. We posit that anomalous activities are the result of mal-actors interacting with non mal-actors, and such anomalous activities are reflected in changes to the topological structure (in a mathematical sense) of the network. We formulate this problem as that of Sybil detection in networks. For our experimentation and hypothesis testing we instantiate the problem as that of Sybil detection in on-line social networks (OSNs). Sybil attacks involve one or more attackers creating and introducing several mal-actors (fake identities in on-line social networks), called Sybils, into a complex network. Depending on the nature of the network system, the goal of the mal-actors can be to unlawfully access data, to forge another user's identity and activity, or to influence and disrupt the normal behavior of the system. The second aspect that we look into is that of building resiliency in a large network that consists of several machines that collectively provide a single service to the outside world. Such networks are particularly vulnerable to Sybil attacks. While our Sybil detection algorithms achieve very high levels of accuracy, they cannot guarantee that all Sybils will be detected. Thus, to protect against such "residual" Sybils (that is, those that remain potentially undetected and continue to attack the network services), we propose a novel Moving Target Defense (MTD) paradigm to build resilient networks. The core idea is that for large enterprise level networks, the survivability of the network's mission is more important than the security of one or more of the servers. We develop protocols to re-locate services from server to server in a random way such that before an attacker has an opportunity to target a specific server and disrupt itâs services, the services will migrate to another non-malicious server. The continuity of the service of the large network is thus sustained. We evaluate the effectiveness of our proposed protocols using theoretical analysis, simulations, and experimentation. For the Sybil detection problem we use both synthetic and real-world data sets. We evaluate the algorithms for accuracy of Sybil detection. For the moving target defense protocols we implement a proof-of-concept in the context of access control as a service, and run several large scale simulations. The proof-of- concept demonstrates the effectiveness of the MTD paradigm. We evaluate the computation and communication complexity of the protocols as we scale up to larger and larger networks
Nature-inspired survivability: Prey-inspired survivability countermeasures for cloud computing security challenges
As cloud computing environments become complex, adversaries have become highly sophisticated and unpredictable. Moreover, they can easily increase attack power and persist longer before detection. Uncertain malicious actions, latent risks, Unobserved or Unobservable risks (UUURs) characterise this new threat domain. This thesis proposes prey-inspired survivability to address unpredictable security challenges borne out of UUURs. While survivability is a well-addressed phenomenon in non-extinct prey animals, applying prey survivability to cloud computing directly is challenging due to contradicting end goals. How to manage evolving survivability goals and requirements under contradicting environmental conditions adds to the challenges. To address these challenges, this thesis proposes a holistic taxonomy which integrate multiple and disparate perspectives of cloud security challenges. In addition, it proposes the TRIZ (Teorija Rezbenija Izobretatelskib Zadach) to derive prey-inspired solutions through resolving contradiction. First, it develops a 3-step process to facilitate interdomain transfer of
concepts from nature to cloud. Moreover, TRIZâs generic approach suggests specific
solutions for cloud computing survivability. Then, the thesis presents the conceptual prey-inspired cloud computing survivability framework (Pi-CCSF), built upon TRIZ derived solutions. The framework run-time is pushed to the user-space to support evolving survivability design goals. Furthermore, a target-based decision-making technique (TBDM) is proposed to manage survivability decisions. To evaluate the prey-inspired survivability concept, Pi-CCSF simulator is developed and implemented. Evaluation results shows that escalating survivability actions improve the vitality of vulnerable and compromised virtual machines (VMs) by 5% and dramatically improve their overall survivability. Hypothesis testing conclusively supports the hypothesis that the escalation mechanisms can be applied to enhance the survivability of cloud computing systems. Numeric analysis of TBDM shows that by considering survivability preferences and attitudes (these directly impacts survivability actions), the TBDM method brings unpredictable survivability information closer to decision processes. This enables efficient execution of variable escalating survivability actions, which enables the Pi-CCSFâs decision
system (DS) to focus upon decisions that achieve survivability outcomes under unpredictability imposed by UUUR
Privacy-preserving machine learning system at the edge
Data privacy in machine learning has become an urgent problem to be solved, along with machine learning's rapid development and the large attack surface being explored.
Pre-trained deep neural networks are increasingly deployed in smartphones and other edge devices for a variety of applications, leading to potential disclosures of private information.
In collaborative learning, participants keep private data locally and communicate deep neural networks updated on their local data, but still, the private information encoded in the networks' gradients can be explored by adversaries.
This dissertation aims to perform dedicated investigations on privacy leakage from neural networks and to propose privacy-preserving machine learning systems for edge devices.
Firstly, the systematization of knowledge is conducted to identify the key challenges and existing/adaptable solutions.
Then a framework is proposed to measure the amount of sensitive information memorized in each layer's weights of a neural network based on the generalization error. Results show that, when considered individually, the last layers encode a larger amount of information from the training data compared to the first layers.
To protect such sensitive information in weights, DarkneTZ is proposed as a framework that uses an edge device's Trusted Execution Environment (TEE) in conjunction with model partitioning to limit the attack surface against neural networks.
The performance of DarkneTZ is evaluated, including CPU execution time, memory usage, and accurate power consumption, using two small and six large image classification models. Due to the limited memory of the edge device's TEE, model layers are partitioned into more sensitive layers (to be executed inside the device TEE), and a set of layers to be executed in the untrusted part of the operating system. Results show that even if a single layer is hidden, one can provide reliable model privacy and defend against state of art membership inference attacks, with only a 3% performance overhead.
This thesis further strengthens investigations from neural network weights (in on-device machine learning deployment) to gradients (in collaborative learning).
An information-theoretical framework is proposed, by adapting usable information theory and considering the attack outcome as a probability measure, to quantify private information leakage from network gradients. The private original information and latent information are localized in a layer-wise manner.
After that, this work performs sensitivity analysis over the gradients \wrt~private information to further explore the underlying cause of information leakage.
Numerical evaluations are conducted on six benchmark datasets and four well-known networks and further measure the impact of training hyper-parameters and defense mechanisms.
Last but not least, to limit the privacy leakages in gradients, I propose and implement a Privacy-preserving Federated Learning (PPFL) framework for mobile systems. TEEs are utilized on clients for local training, and on servers for secure aggregation, so that model/gradient updates are hidden from adversaries.
This work leverages greedy layer-wise training to train each model's layer inside the trusted area until its convergence.
The performance evaluation of the implementation shows that PPFL significantly improves privacy by defending against data reconstruction, property inference, and membership inference attacks while incurring small communication overhead and client-side system overheads.
This thesis offers a better understanding of the sources of private information in machine learning and provides frameworks to fully guarantee privacy and achieve comparable ML model utility and system overhead with regular machine learning framework.Open Acces
Designing, Building, and Modeling Maneuverable Applications within Shared Computing Resources
Extending the military principle of maneuver into war-ïŹghting domain of cyberspace, academic and military researchers have produced many theoretical and strategic works, though few have focused on researching actual applications and systems that apply this principle. We present our research in designing, building and modeling maneuverable applications in order to gain the system advantages of resource provisioning, application optimization, and cybersecurity improvement. We have coined the phrase âManeuverable Applicationsâ to be deïŹned as distributed and parallel application that take advantage of the modiïŹcation, relocation, addition or removal of computing resources, giving the perception of movement. Our work with maneuverable applications has been within shared computing resources, such as the Clemson University Palmetto cluster, where multiple users share access and time to a collection of inter-networked computers and servers. In this dissertation, we describe our implementation and analytic modeling of environments and systems to maneuver computational nodes, network capabilities, and security enhancements for overcoming challenges to a cyberspace platform. SpeciïŹcally we describe our work to create a system to provision a big data computational resource within academic environments. We also present a computing testbed built to allow researchers to study network optimizations of data centers. We discuss our Petri Net model of an adaptable system, which increases its cybersecurity posture in the face of varying levels of threat from malicious actors. Lastly, we present work and investigation into integrating these technologies into a prototype resource manager for maneuverable applications and validating our model using this implementation
Property and valuation methods in new media: an examination of existing theories and practices and their applicability to new media ventures
Includes abstract.Includes bibliographical references.New media has become a major part of our daily routine and influences both our social interactions and the ways in which we conduct business. Not only does it provide new business tools to existing business models, it has also created a platform from which new forms of commerce and exchange can emerge. These novel enterprises are largely unrestrained by the capital and regulatory requirements of traditional forms of business and have other peculiar characteristics that may challenge our current views on âpropertyâ and âownershipâ. The potential of new media to compete with, and potentially displace, players in the âreal economyâ requires a further examination of the valuation methods currently applied to business ventures, in particular those in which intellectual property and intangible assets are a major component. It is beyond the scope of this dissertation to propose alternative methods of valuing intellectual property in the new media environment. It does, however, aim to consider various theories on property and traditional valuation methods in light of this new phenomena
Anonymous: Polemics and Non-identity
The hacktivist collective Anonymous has been known to follow nonhierarchical, amorphous and sometimes contradictory strategies for online activism. This may weaken their potential to become a populist movement, as out-group members may find Anonymousâs politics obscure and out of reach. Anonymousâs communiquĂ©s compensate for this by enabling direct communication with the public. But as a critical discourse analysis finds, the communicative strategies employed deviate from logics of difference and non-identity. They express rigid beliefs, even at times under the banner of universal truth.
However, these findings do not suggest Anonymous inevitably embraces identity. By adopting a Deleuzian concept of minor politics, this thesis proposes that Anonymousâs texts are strategic appropriations of molar identities, emphasizing how the minor never fully exists outside the molar. Rather, the minor is always a movement within or across immanent molar configurations. The tensions and contradictions within Anonymous are thus exemplary of a minor political struggle
- âŠ