425 research outputs found
Stability analysis of token-based wireless networked control systems under deception attacks
Currently, cyber-security has attracted a lot of attention, in particular in wireless industrial control networks (WICNs). In this paper, the stability of wireless networked control systems (WNCSs) under deception, attacks is studied with a token-based protocol applied to the data link layer (DLL) of WICNS. Since deception attacks cause the stability problem of WNCSs by changing the data transmitted over a wireless network, it is important to detect deception attacks, discard the injected false data and compensate for the missing data (i.e., the discarded original data with the injected false data). The main contributions of this paper are: 1) With respect to the character of the token-based protocol, a switched system model is developed. Different from the traditional switched system where the number of subsystems is fixed, in our new model this number will be changed under deception attacks. 2) For this model, a new Kalman filter (KF) is developed for the purpose of attack detection and the missing data reconstruction. 3) For the given linear feedback WNCSs, when the noise level is below a threshold derived in this paper, the maximum allowable duration of deception attacks is obtained to maintain the exponential stability of the system. Finally, a numerical example based on a linearized model of an inverted pendulum is provided to demonstrate the proposed design
Distributed filtering of networked dynamic systems with non-gaussian noises over sensor networks: A survey
summary:Sensor networks are regarded as a promising technology in the field of information perception and processing owing to the ease of deployment, cost-effectiveness, flexibility, as well as reliability. The information exchange among sensors inevitably suffers from various network-induced phenomena caused by the limited resource utilization and complex application scenarios, and thus is required to be governed by suitable resource-saving communication mechanisms. It is also noteworthy that noises in system dynamics and sensor measurements are ubiquitous and in general unknown but can be bounded, rather than follow specific Gaussian distributions as assumed in Kalman-type filtering. Particular attention of this paper is paid to a survey of recent advances in distributed filtering of networked dynamic systems with non-Gaussian noises over sensor networks. First, two types of widely employed structures of distributed filters are reviewed, the corresponding analysis is systematically addressed, and some interesting results are provided. The inherent purpose of adding consensus terms into the distributed filters is profoundly disclosed. Then, some representative models characterizing various network-induced phenomena are reviewed and their corresponding analytical strategies are exhibited in detail. Furthermore, recent results on distributed filtering with non-Gaussian noises are sorted out in accordance with different network-induced phenomena and system models. Another emphasis is laid on recent developments of distributed filtering with various communication scheduling, which are summarized based on the inherent characteristics of their dynamic behavior associated with mathematical models. Finally, the state-of-the-art of distributed filtering and challenging issues, ranging from scalability, security to applications, are raised to guide possible future research
Data analytics for stochastic control and prognostics in cyber-physical systems
In this dissertation, several novel cyber fault diagnosis and prognosis and defense methodologies for cyber-physical systems have been proposed. First, a novel routing scheme for wireless mesh network is proposed. An effective capacity estimation for P2P and E2E path is designed to guarantee the vital transmission safety. This scheme can ensure a high quality of service (QoS) under imperfect network condition, even cyber attacks. Then, the imperfection, uncertainties, and dynamics in the cyberspace are considered both in system model and controller design. A PDF identifier is proposed to capture the time-varying delays and its distribution. With the modification of traditional stochastic optimal control using PDF of delays, the assumption of full knowledge of network imperfection in priori is relaxed. This proposed controller is considered a novel resilience control strategy for cyber fault diagnosis and prognosis. After that, we turn to the development of a general framework for cyber fault diagnosis and prognosis schemes for CPSs wherein the cyberspace performance affect the physical system and vice versa. A novel cyber fault diagnosis scheme is proposed. It is capable of detecting cyber fault by monitoring the probability of delays. Also, the isolation of cyber and physical system fault is achieved with cooperating with the traditional observer based physical system fault detection. Next, a novel cyber fault prognosis scheme, which can detect and estimate cyber fault and its negative effects on system performance ahead of time, is proposed. Moreover, soft and hard cyber faults are isolated depending on whether potential threats on system stability is predicted. Finally, one-class SVM is employed to classify healthy and erroneous delays. Then, another cyber fault prognosis based on OCSVM is proposed --Abstract, page iv
A critical review of cyber-physical security for building automation systems
Modern Building Automation Systems (BASs), as the brain that enables the
smartness of a smart building, often require increased connectivity both among
system components as well as with outside entities, such as optimized
automation via outsourced cloud analytics and increased building-grid
integrations. However, increased connectivity and accessibility come with
increased cyber security threats. BASs were historically developed as closed
environments with limited cyber-security considerations. As a result, BASs in
many buildings are vulnerable to cyber-attacks that may cause adverse
consequences, such as occupant discomfort, excessive energy usage, and
unexpected equipment downtime. Therefore, there is a strong need to advance the
state-of-the-art in cyber-physical security for BASs and provide practical
solutions for attack mitigation in buildings. However, an inclusive and
systematic review of BAS vulnerabilities, potential cyber-attacks with impact
assessment, detection & defense approaches, and cyber-secure resilient control
strategies is currently lacking in the literature. This review paper fills the
gap by providing a comprehensive up-to-date review of cyber-physical security
for BASs at three levels in commercial buildings: management level, automation
level, and field level. The general BASs vulnerabilities and protocol-specific
vulnerabilities for the four dominant BAS protocols are reviewed, followed by a
discussion on four attack targets and seven potential attack scenarios. The
impact of cyber-attacks on BASs is summarized as signal corruption, signal
delaying, and signal blocking. The typical cyber-attack detection and defense
approaches are identified at the three levels. Cyber-secure resilient control
strategies for BASs under attack are categorized into passive and active
resilient control schemes. Open challenges and future opportunities are finally
discussed.Comment: 38 pages, 7 figures, 6 tables, submitted to Annual Reviews in Contro
Enhancing Cyber-Resiliency of DER-based SmartGrid: A Survey
The rapid development of information and communications technology has
enabled the use of digital-controlled and software-driven distributed energy
resources (DERs) to improve the flexibility and efficiency of power supply, and
support grid operations. However, this evolution also exposes
geographically-dispersed DERs to cyber threats, including hardware and software
vulnerabilities, communication issues, and personnel errors, etc. Therefore,
enhancing the cyber-resiliency of DER-based smart grid - the ability to survive
successful cyber intrusions - is becoming increasingly vital and has garnered
significant attention from both industry and academia. In this survey, we aim
to provide a systematical and comprehensive review regarding the
cyber-resiliency enhancement (CRE) of DER-based smart grid. Firstly, an
integrated threat modeling method is tailored for the hierarchical DER-based
smart grid with special emphasis on vulnerability identification and impact
analysis. Then, the defense-in-depth strategies encompassing prevention,
detection, mitigation, and recovery are comprehensively surveyed,
systematically classified, and rigorously compared. A CRE framework is
subsequently proposed to incorporate the five key resiliency enablers. Finally,
challenges and future directions are discussed in details. The overall aim of
this survey is to demonstrate the development trend of CRE methods and motivate
further efforts to improve the cyber-resiliency of DER-based smart grid.Comment: Submitted to IEEE Transactions on Smart Grid for Publication
Consideratio
Toward a sustainable cybersecurity ecosystem
© 2020 by the authors. Licensee MDPI, Basel, Switzerland. Cybersecurity issues constitute a key concern of today’s technology-based economies. Cybersecurity has become a core need for providing a sustainable and safe society to online users in cyberspace. Considering the rapid increase of technological implementations, it has turned into a global necessity in the attempt to adapt security countermeasures, whether direct or indirect, and prevent systems from cyberthreats. Identifying, characterizing, and classifying such threats and their sources is required for a sustainable cyber-ecosystem. This paper focuses on the cybersecurity of smart grids and the emerging trends such as using blockchain in the Internet of Things (IoT). The cybersecurity of emerging technologies such as smart cities is also discussed. In addition, associated solutions based on artificial intelligence and machine learning frameworks to prevent cyber-risks are also discussed. Our review will serve as a reference for policy-makers from the industry, government, and the cybersecurity research community
Survival in the e-conomy: 2nd Australian information warfare & security conference 2001
This is an international conference for academics and industry specialists in information warfare, security, and other related fields. The conference has drawn participants from national and international organisations
Recommended from our members
Capability-based access control for cyber physical systems
Cyber Physical Systems (CPS)
couple digital systems with the physical environment, creating
technical, usability, and economic security challenges beyond those of
information systems. Their distributed and
hierarchical nature, real-time and safety-critical requirements, and limited
resources create new vulnerability classes and severely constrain the security
solution space. This dissertation explores these challenges, focusing on
Industrial Control Systems (ICS), but demonstrating broader applicability to
the whole domain.
We begin by systematising the usability and economic challenges to secure ICS.
We fingerprint and track more than 10\,000 Internet-connected devices over four years and show
the population is growing, continuously-connected, and unpatched. We then
explore adversarial interest in this vulnerable population. We track 150\,000
botnet hosts, sift 70 million underground forum posts, and perform the
largest ICS honeypot study to date to demonstrate that the cybercrime community
has little competence or interest in the domain. We show that the current
heterogeneity, cost, and level of expertise required for large-scale attacks on
ICS are economic deterrents when targets in the IoT domain are
available.
The ICS landscape is changing, however, and we demonstrate the imminent
convergence with the IoT domain as inexpensive hardware, commodity operating
Cyber Physical Systems (CPS) couple digital systems with the physical environment, creating technical, usability, and economic security challenges beyond those of information systems. Their distributed and hierarchical nature, real-time and safety-critical requirements, and limited resources create new vulnerability classes and severely constrain the security solution space. This dissertation explores these challenges, focusing on Industrial Control Systems (ICS), but demonstrating broader applicability to the whole domain.
We begin by systematising the usability and economic challenges to secure ICS. We fingerprint and track more than 10,000 Internet-connected devices over four years and show the population is growing, continuously-connected, and unpatched. We then explore adversarial interest in this vulnerable population. We track 150,000 botnet hosts, sift 70 million underground forum posts, and perform the largest ICS honeypot study to date to demonstrate that the cybercrime community has little competence or interest in the domain. We show that the current heterogeneity, cost, and level of expertise required for large-scale attacks on ICS are economic deterrents when targets in the IoT domain are available.
The ICS landscape is changing, however, and we demonstrate the imminent convergence with the IoT domain as inexpensive hardware, commodity operating systems, and wireless connectivity become standard. Industry's security solution is boundary defence, pushing privilege to firewalls and anomaly detectors; however, this propagates rather than minimises privilege and leaves the hierarchy vulnerable to a single boundary compromise.
In contrast, we propose, implement, and evaluate a security architecture based on distributed capabilities. Specifically, we show that object capabilities, representing physical resources, can be constructed, delegated, and used anywhere in a distributed CPS by composing hardware-enforced architectural capabilities and cryptographic network tokens. Our architecture provides defence-in-depth, minimising privilege at every level of the CPS hierarchy, and both supports and adds integrity protection to legacy CPS protocols. We implement distributed capabilities in robotics and ICS demonstrators, and we show that our architecture adds negligible overhead to realistic integrations and can be implemented without significant modification to existing source code.
In contrast, we propose, implement, and evaluate a security architecture based on distributed capabilities. Specifically, we show that object capabilities, representing physical resources, can be constructed, delegated, and used anywhere in a distributed CPS by composing hardware-enforced architectural capabilities and cryptographic network tokens. Our architecture provides defence-in-depth, minimising privilege at every level of the CPS hierarchy, and both supports and adds integrity protection to legacy CPS protocols. We implement distributed capabilities in robotics and ICS demonstrators, and we show that our architecture adds negligible overhead to realistic integrations and can be implemented without significant modification to existing source code
Defense by Deception against Stealthy Attacks in Power Grids
Cyber-physical Systems (CPSs) and the Internet of Things (IoT) are converging towards a hybrid platform that is becoming ubiquitous in all modern infrastructures. The integration of the complex and heterogeneous systems creates enormous space for the adversaries to get into the network and inject cleverly crafted false data into measurements, misleading the control center to make erroneous decisions. Besides, the attacker can make a critical part of the system unavailable by compromising the sensor data availability. To obfuscate and mislead the attackers, we propose DDAF, a deceptive data acquisition framework for CPSs\u27 hierarchical communication network. Each switch in the hierarchical communication network generates a random pattern of addresses/IDs by shuffling the original sensor IDs reported through it. During the data acquisition from remotely located sensors to the central controller, the switches craft the network packets by replacing a few sensors\u27 associated addresses/IDs with the generated deceptive IDs and by adding decoy data for the rest.
While misleading the attackers, the control center must retrieve the actual data to operate the system correctly. We propose three remapping mechanisms (e.g., seed-based, prediction-based, and hybrid) and compare their robustness against different stealthy attacks. Due to the deception, artfully altered measurements turn into random data injections, making it easy to remove them as outliers. As the outliers and the estimated residuals contain the potential attack vectors, DDAF can detect and localize the attack points and the targeted sensors by analyzing this information. DDAF is generic and scalable to be implemented in any hierarchical CPSs network. Experimental results on the standard IEEE 14, 57, and 300 bus power systems show that DDAF can detect, mitigate, and localize up-to 100% of the stealthy cyberattacks. To the best of our knowledge, this is the first framework that implements complete randomization in the data acquisition of the hierarchical CPSs
- …