5 research outputs found
Evolving attackers against wireless sensor networks using genetic programming
Recent hardware developments have made it possible for the Internet of Things (IoT) to be built. A wide variety of industry sectors, including manufacturing, utilities, agriculture, transportation, and healthcare are actively seeking to incorporate IoT technologies in their operations. The increased connectivity and data sharing that give IoT systems their advantages also increase their vulnerability to attack. In this study, the authors explore the automated generation of attacks using genetic programming (GP), so that defences can be tested objectively in advance of deployment. In the authors' system, the GP-generated attackers targeted publish-subscribe communications within a wireless sensor networks that was protected by an artificial immune intrusion detection system (IDS) taken from the literature. The GP attackers successfully suppressed more legitimate messages than the hand-coded attack used originally to test the IDS, whilst reducing the likelihood of detection. Based on the results, it was possible to reconfigure the IDS to improve its performance. Whilst the experiments were focussed on establishing a proof-of-principle rather than a turnkey solution, they indicate that GP-generated attackers have the potential to improve the protection of systems with large attack surfaces, in a way that is complementary to traditional testing and certification
Design and simulation of vehicle controllers through genetic algorithms
Genetic Programming (GP) is a population-based evolutionary technique, which, unlike a Genetic Algorithm (GA) does not work on a fixed-length data structure, but on a variable-length structure and aims to evolve functions, models or programs, rather than finding a set of parameters. There are different histories of driver development, so different proposals of the use of PG to evolve driver structures are presented. In the case of an autonomous vehicle, the development of a steering controller is complex in the sense that it is a non-linear system, and the control actions are very limited by the maximum angle allowed by the steering wheels. This paper presents the development of an autonomous vehicle controller with Ackermann steering evolved by means of Genetic Programming
Evolution of Network Enumeration Strategies in Emulated Computer Networks
Successful attacks on computer networks today do not often owe their victory to directly overcoming strong security measures set up by the defender. Rather, most attacks succeed because the number of possible vulnerabilities are too large for humans to fully protect without making a mistake. Regardless of the security elsewhere, a skilled attacker can exploit a single vulnerability in a defensive system and negate the benefits of those security measures. This paper presents an evolutionary framework for evolving attacker agents in a real, emulated network environment using genetic programming, as a foundation for coevolutionary systems which can automatically discover and mitigate network security flaws. We examine network enumeration, an initial network reconnaissance step, through our framework and present results demonstrating its success, indicating a broader applicability to further cyber-security tasks
Identifying Vulnerabilities of Industrial Control Systems using Evolutionary Multiobjective Optimisation
In this paper we propose a novel methodology to assist in identifying
vulnerabilities in a real-world complex heterogeneous industrial control
systems (ICS) using two evolutionary multiobjective optimisation (EMO)
algorithms, NSGA-II and SPEA2. Our approach is evaluated on a well known
benchmark chemical plant simulator, the Tennessee Eastman (TE) process model.
We identified vulnerabilities in individual components of the TE model and then
made use of these to generate combinatorial attacks to damage the safety of the
system, and to cause economic loss. Results were compared against random
attacks, and the performance of the EMO algorithms were evaluated using
hypervolume, spread and inverted generational distance (IGD) metrics. A defence
against these attacks in the form of a novel intrusion detection system was
developed, using a number of machine learning algorithms. Designed approach was
further tested against the developed detection methods. Results demonstrate
that EMO algorithms are a promising tool in the identification of the most
vulnerable components of ICS, and weaknesses of any existing detection systems
in place to protect the system. The proposed approach can be used by control
and security engineers to design security aware control, and test the
effectiveness of security mechanisms, both during design, and later during
system operation.Comment: 25 page