3,657 research outputs found
Modeling and Detecting False Data Injection Attacks against Railway Traction Power Systems
Modern urban railways extensively use computerized sensing and control
technologies to achieve safe, reliable, and well-timed operations. However, the
use of these technologies may provide a convenient leverage to cyber-attackers
who have bypassed the air gaps and aim at causing safety incidents and service
disruptions. In this paper, we study false data injection (FDI) attacks against
railways' traction power systems (TPSes). Specifically, we analyze two types of
FDI attacks on the train-borne voltage, current, and position sensor
measurements - which we call efficiency attack and safety attack -- that (i)
maximize the system's total power consumption and (ii) mislead trains' local
voltages to exceed given safety-critical thresholds, respectively. To
counteract, we develop a global attack detection (GAD) system that serializes a
bad data detector and a novel secondary attack detector designed based on
unique TPS characteristics. With intact position data of trains, our detection
system can effectively detect the FDI attacks on trains' voltage and current
measurements even if the attacker has full and accurate knowledge of the TPS,
attack detection, and real-time system state. In particular, the GAD system
features an adaptive mechanism that ensures low false positive and negative
rates in detecting the attacks under noisy system measurements. Extensive
simulations driven by realistic running profiles of trains verify that a TPS
setup is vulnerable to the FDI attacks, but these attacks can be detected
effectively by the proposed GAD while ensuring a low false positive rate.Comment: IEEE/IFIP DSN-2016 and ACM Trans. on Cyber-Physical System
Detection of replay attacks in cyber-physical systems using a frequency-based signature
This paper proposes a frequency-based approach for the detection of replay attacks affecting cyber-physical systems (CPS). In particular, the method employs a sinusoidal signal with a time-varying frequency (authentication signal) into the closed-loop system and checks whether the time profile of the frequency components in the output signal are compatible with the authentication signal or not. In order to carry out this target, the couplings between inputs and outputs are eliminated using a dynamic decoupling technique based on vector fitting. In this way, a signature introduced on a specific input channel will affect only the output that is selected to be associated with that input, which is a property that can be exploited to determine which channels are being affected. A bank of band-pass filters is used to generate signals whose energies can be compared to reconstruct an estimation of the time-varying frequency profile. By matching the known frequency profile with its estimation, the detector can provide the information about whether a replay attack is being carried out or not. The design of the signal generator and the detector are thoroughly discussed, and an example based on a quadruple-tank process is used to show the application and effectiveness of the proposed method.Peer ReviewedPostprint (author's final draft
- …