17,875 research outputs found
Game Theory Meets Network Security: A Tutorial at ACM CCS
The increasingly pervasive connectivity of today's information systems brings
up new challenges to security. Traditional security has accomplished a long way
toward protecting well-defined goals such as confidentiality, integrity,
availability, and authenticity. However, with the growing sophistication of the
attacks and the complexity of the system, the protection using traditional
methods could be cost-prohibitive. A new perspective and a new theoretical
foundation are needed to understand security from a strategic and
decision-making perspective. Game theory provides a natural framework to
capture the adversarial and defensive interactions between an attacker and a
defender. It provides a quantitative assessment of security, prediction of
security outcomes, and a mechanism design tool that can enable
security-by-design and reverse the attacker's advantage. This tutorial provides
an overview of diverse methodologies from game theory that includes games of
incomplete information, dynamic games, mechanism design theory to offer a
modern theoretic underpinning of a science of cybersecurity. The tutorial will
also discuss open problems and research challenges that the CCS community can
address and contribute with an objective to build a multidisciplinary bridge
between cybersecurity, economics, game and decision theory
Modeling and Detecting False Data Injection Attacks against Railway Traction Power Systems
Modern urban railways extensively use computerized sensing and control
technologies to achieve safe, reliable, and well-timed operations. However, the
use of these technologies may provide a convenient leverage to cyber-attackers
who have bypassed the air gaps and aim at causing safety incidents and service
disruptions. In this paper, we study false data injection (FDI) attacks against
railways' traction power systems (TPSes). Specifically, we analyze two types of
FDI attacks on the train-borne voltage, current, and position sensor
measurements - which we call efficiency attack and safety attack -- that (i)
maximize the system's total power consumption and (ii) mislead trains' local
voltages to exceed given safety-critical thresholds, respectively. To
counteract, we develop a global attack detection (GAD) system that serializes a
bad data detector and a novel secondary attack detector designed based on
unique TPS characteristics. With intact position data of trains, our detection
system can effectively detect the FDI attacks on trains' voltage and current
measurements even if the attacker has full and accurate knowledge of the TPS,
attack detection, and real-time system state. In particular, the GAD system
features an adaptive mechanism that ensures low false positive and negative
rates in detecting the attacks under noisy system measurements. Extensive
simulations driven by realistic running profiles of trains verify that a TPS
setup is vulnerable to the FDI attacks, but these attacks can be detected
effectively by the proposed GAD while ensuring a low false positive rate.Comment: IEEE/IFIP DSN-2016 and ACM Trans. on Cyber-Physical System
Optimal Attack against Cyber-Physical Control Systems with Reactive Attack Mitigation
This paper studies the performance and resilience of a cyber-physical control
system (CPCS) with attack detection and reactive attack mitigation. It
addresses the problem of deriving an optimal sequence of false data injection
attacks that maximizes the state estimation error of the system. The results
provide basic understanding about the limit of the attack impact. The design of
the optimal attack is based on a Markov decision process (MDP) formulation,
which is solved efficiently using the value iteration method. Using the
proposed framework, we quantify the effect of false positives and
mis-detections on the system performance, which can help the joint design of
the attack detection and mitigation. To demonstrate the use of the proposed
framework in a real-world CPCS, we consider the voltage control system of power
grids, and run extensive simulations using PowerWorld, a high-fidelity power
system simulator, to validate our analysis. The results show that by carefully
designing the attack sequence using our proposed approach, the attacker can
cause a large deviation of the bus voltages from the desired setpoint. Further,
the results verify the optimality of the derived attack sequence and show that,
to cause maximum impact, the attacker must carefully craft his attack to strike
a balance between the attack magnitude and stealthiness, due to the
simultaneous presence of attack detection and mitigation
- …