7,147 research outputs found
A virtual actuator approach for the secure control of networked LPV systems under pulse-width modulated DoS attacks
In this paper, we formulate and analyze the problem of secure control in the context of networked linear parameter varying (LPV) systems. We consider an energy-constrained, pulse-width modulated (PWM) jammer, which corrupts the control communication channel by performing a denial-of-service (DoS) attack. In particular, the malicious attacker is able to erase the data sent to one or more actuators. In order to achieve secure control, we propose a virtual actuator technique under the assumption that the behavior of the attacker has been identified. The main advantage brought by this technique is that the existing components in the control system can be maintained without need of retuning them, since the virtual actuator will perform a reconfiguration of the plant, hiding the attack from the controller point of view. Using Lyapunov-based results that take into account the possible behavior of the attacker, design conditions for calculating the virtual actuators gains are obtained. A numerical example is used to illustrate the proposed secure control strategy.Peer ReviewedPostprint (author's final draft
Fake-Acknowledgment Attack on ACK-based Sensor Power Schedule for Remote State Estimation
We consider a class of malicious attacks against remote state estimation. A
sensor with limited resources adopts an acknowledgement (ACK)-based online
power schedule to improve the remote state estimation performance. A malicious
attacker can modify the ACKs from the remote estimator and convey fake
information to the sensor. When the capability of the attacker is limited, we
propose an attack strategy for the attacker and analyze the corresponding
effect on the estimation performance. The possible responses of the sensor are
studied and a condition for the sensor to discard ACKs and switch from online
schedule to offline schedule is provided.Comment: submitted to IEEE CDC 201
A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends
This paper examines the security vulnerabilities and threats imposed by the
inherent open nature of wireless communications and to devise efficient defense
mechanisms for improving the wireless network security. We first summarize the
security requirements of wireless networks, including their authenticity,
confidentiality, integrity and availability issues. Next, a comprehensive
overview of security attacks encountered in wireless networks is presented in
view of the network protocol architecture, where the potential security threats
are discussed at each protocol layer. We also provide a survey of the existing
security protocols and algorithms that are adopted in the existing wireless
network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term
evolution (LTE) systems. Then, we discuss the state-of-the-art in
physical-layer security, which is an emerging technique of securing the open
communications environment against eavesdropping attacks at the physical layer.
We also introduce the family of various jamming attacks and their
counter-measures, including the constant jammer, intermittent jammer, reactive
jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the
integration of physical-layer security into existing authentication and
cryptography mechanisms for further securing wireless networks. Finally, some
technical challenges which remain unresolved at the time of writing are
summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201
Detection of replay attacks in cyber-physical systems using a frequency-based signature
This paper proposes a frequency-based approach for the detection of replay attacks affecting cyber-physical systems (CPS). In particular, the method employs a sinusoidal signal with a time-varying frequency (authentication signal) into the closed-loop system and checks whether the time profile of the frequency components in the output signal are compatible with the authentication signal or not. In order to carry out this target, the couplings between inputs and outputs are eliminated using a dynamic decoupling technique based on vector fitting. In this way, a signature introduced on a specific input channel will affect only the output that is selected to be associated with that input, which is a property that can be exploited to determine which channels are being affected. A bank of band-pass filters is used to generate signals whose energies can be compared to reconstruct an estimation of the time-varying frequency profile. By matching the known frequency profile with its estimation, the detector can provide the information about whether a replay attack is being carried out or not. The design of the signal generator and the detector are thoroughly discussed, and an example based on a quadruple-tank process is used to show the application and effectiveness of the proposed method.Peer ReviewedPostprint (author's final draft
Towards Stabilization of Distributed Systems under Denial-of-Service
In this paper, we consider networked distributed systems in the presence of
Denial-of-Service (DoS) attacks, namely attacks that prevent transmissions over
the communication network. First, we consider a simple and typical scenario
where communication sequence is purely Round-robin and we explicitly calculate
a bound of attack frequency and duration, under which the interconnected
large-scale system is asymptotically stable. Second, trading-off system
resilience and communication load, we design a hybrid transmission strategy
consisting of Zeno-free distributed event-triggered control and Round-robin. We
show that with lower communication loads, the hybrid communication strategy
enables the systems to have the same resilience as in pure Round-robin
Efficient Computations of a Security Index for False Data Attacks in Power Networks
The resilience of Supervisory Control and Data Acquisition (SCADA) systems
for electric power networks for certain cyber-attacks is considered. We analyze
the vulnerability of the measurement system to false data attack on
communicated measurements. The vulnerability analysis problem is shown to be
NP-hard, meaning that unless there is no polynomial time algorithm to
analyze the vulnerability of the system. Nevertheless, we identify situations,
such as the full measurement case, where it can be solved efficiently. In such
cases, we show indeed that the problem can be cast as a generalization of the
minimum cut problem involving costly nodes. We further show that it can be
reformulated as a standard minimum cut problem (without costly nodes) on a
modified graph of proportional size. An important consequence of this result is
that our approach provides the first exact efficient algorithm for the
vulnerability analysis problem under the full measurement assumption.
Furthermore, our approach also provides an efficient heuristic algorithm for
the general NP-hard problem. Our results are illustrated by numerical studies
on benchmark systems including the IEEE 118-bus system
- …