11,834 research outputs found
Secure Trajectory Planning Against Undetectable Spoofing Attacks
This paper studies, for the first time, the trajectory planning problem in
adversarial environments, where the objective is to design the trajectory of a
robot to reach a desired final state despite the unknown and arbitrary action
of an attacker. In particular, we consider a robot moving in a two-dimensional
space and equipped with two sensors, namely, a Global Navigation Satellite
System (GNSS) sensor and a Radio Signal Strength Indicator (RSSI) sensor. The
attacker can arbitrarily spoof the readings of the GNSS sensor and the robot
control input so as to maximally deviate his trajectory from the nominal
precomputed path. We derive explicit and constructive conditions for the
existence of undetectable attacks, through which the attacker deviates the
robot trajectory in a stealthy way. Conversely, we characterize the existence
of secure trajectories, which guarantee that the robot either moves along the
nominal trajectory or that the attack remains detectable. We show that secure
trajectories can only exist between a subset of states, and provide a numerical
mechanism to compute them. We illustrate our findings through several numerical
studies, and discuss that our methods are applicable to different models of
robot dynamics, including unicycles. More generally, our results show how
control design affects security in systems with nonlinear dynamics.Comment: Accepted for publication in Automatic
Modeling and Detecting False Data Injection Attacks against Railway Traction Power Systems
Modern urban railways extensively use computerized sensing and control
technologies to achieve safe, reliable, and well-timed operations. However, the
use of these technologies may provide a convenient leverage to cyber-attackers
who have bypassed the air gaps and aim at causing safety incidents and service
disruptions. In this paper, we study false data injection (FDI) attacks against
railways' traction power systems (TPSes). Specifically, we analyze two types of
FDI attacks on the train-borne voltage, current, and position sensor
measurements - which we call efficiency attack and safety attack -- that (i)
maximize the system's total power consumption and (ii) mislead trains' local
voltages to exceed given safety-critical thresholds, respectively. To
counteract, we develop a global attack detection (GAD) system that serializes a
bad data detector and a novel secondary attack detector designed based on
unique TPS characteristics. With intact position data of trains, our detection
system can effectively detect the FDI attacks on trains' voltage and current
measurements even if the attacker has full and accurate knowledge of the TPS,
attack detection, and real-time system state. In particular, the GAD system
features an adaptive mechanism that ensures low false positive and negative
rates in detecting the attacks under noisy system measurements. Extensive
simulations driven by realistic running profiles of trains verify that a TPS
setup is vulnerable to the FDI attacks, but these attacks can be detected
effectively by the proposed GAD while ensuring a low false positive rate.Comment: IEEE/IFIP DSN-2016 and ACM Trans. on Cyber-Physical System
Warfighting for cyber deterrence: a strategic and moral imperative
Theories of cyber deterrence are developing rapidly. However, the literature is missing an important ingredient—warfighting for deterrence. This controversial idea, most commonly associated with nuclear strategy during the later stages of the Cold War, affords a number of advantages. It provides enhanced credibility for deterrence, offers means to deal with deterrence failure (including intrawar deterrence and damage limitation), improves compliance with the requirements of just war and ultimately ensures that strategy continues to function in the post-deterrence environment. This paper assesses whether a warfighting for deterrence approach is suitable for the cyber domain. In doing so, it challenges the notion that warfighting concepts are unsuitable for operations in cyberspace. To do this, the work constructs a conceptual framework that is then applied to cyber deterrence. It is found that all of the advantages of taking a warfighting stance apply to cyber operations. The paper concludes by constructing a warfighting model for cyber deterrence. This model includes passive and active defences and cross-domain offensive capabilities. The central message of the paper is that a theory of victory (strategy) must guide the development of cyber deterrence
Information Structure Design in Team Decision Problems
We consider a problem of information structure design in team decision
problems and team games. We propose simple, scalable greedy algorithms for
adding a set of extra information links to optimize team performance and
resilience to non-cooperative and adversarial agents. We show via a simple
counterexample that the set function mapping additional information links to
team performance is in general not supermodular. Although this implies that the
greedy algorithm is not accompanied by worst-case performance guarantees, we
illustrate through numerical experiments that it can produce effective and
often optimal or near optimal information structure modifications
- …