15,023 research outputs found
Bad Data Injection Attack and Defense in Electricity Market using Game Theory Study
Applications of cyber technologies improve the quality of monitoring and
decision making in smart grid. These cyber technologies are vulnerable to
malicious attacks, and compromising them can have serious technical and
economical problems. This paper specifies the effect of compromising each
measurement on the price of electricity, so that the attacker is able to change
the prices in the desired direction (increasing or decreasing). Attacking and
defending all measurements are impossible for the attacker and defender,
respectively. This situation is modeled as a zero sum game between the attacker
and defender. The game defines the proportion of times that the attacker and
defender like to attack and defend different measurements, respectively. From
the simulation results based on the PJM 5 Bus test system, we can show the
effectiveness and properties of the studied game.Comment: To appear in IEEE Transactions on Smart Grid, Special Issue on Cyber,
Physical, and System Security for Smart Gri
A Colonel Blotto Game for Interdependence-Aware Cyber-Physical Systems Security in Smart Cities
Smart cities must integrate a number of interdependent cyber-physical systems
that operate in a coordinated manner to improve the well-being of the city's
residents. A cyber-physical system (CPS) is a system of computational elements
controlling physical entities. Large-scale CPSs are more vulnerable to attacks
due to the cyber-physical interdependencies that can lead to cascading failures
which can have a significant detrimental effect on a city. In this paper, a
novel approach is proposed for analyzing the problem of allocating security
resources, such as firewalls and anti-malware, over the various cyber
components of an interdependent CPS to protect the system against imminent
attacks. The problem is formulated as a Colonel Blotto game in which the
attacker seeks to allocate its resources to compromise the CPS, while the
defender chooses how to distribute its resources to defend against potential
attacks. To evaluate the effects of defense and attack, various CPS factors are
considered including human-CPS interactions as well as physical and topological
characteristics of a CPS such as flow and capacity of interconnections and
minimum path algorithms. Results show that, for the case in which the attacker
is not aware of the CPS interdependencies, the defender can have a higher
payoff, compared to the case in which the attacker has complete information.
The results also show that, in the case of more symmetric nodes, due to
interdependencies, the defender achieves its highest payoff at the equilibrium
compared to the case with independent, asymmetric nodes
A Method for Revealing and Addressing Security Vulnerabilities in Cyber-physical Systems by Modeling Malicious Agent Interactions with Formal Verification
Several cyber-attacks on the cyber-physical systems (CPS) that monitor and control critical infrastructure were publically announced over the last few years. Almost without exception, the proposed security solutions focus on preventing unauthorized access to the industrial control systems (ICS) at various levels – the defense in depth approach. While useful, it does not address the problem of making the systems more capable of responding to the malicious actions of an attacker once they have gained access to the system. The first step in making an ICS more resilient to an attacker is identifying the cyber security vulnerabilities the attacker can use during system design. This paper presents a method that reveals cyber security vulnerabilities in ICS through the formal modeling of the system and malicious agents. The inclusion of the malicious agent in the analysis of an existing systems identifies security vulnerabilities that are missed in traditional functional model checking
A Polynomial Approach to Verifying the Existence of a Threatening Sensor Attacker
The development of cyber-physical systems (CPS) has brought much attention of researchers to cyber-attack and cyber-security. A sensor attacker targeting on a supervised discrete event system can modify a set of sensor readings and cause the closed-loop system to reach undesirable states. In this letter, we propose a new attack detection mechanism under which the supervisor only needs to keep track of the last observable event received. Given a plant and a supervisor enforcing a state specification, we define a sensor attacker threatening if it may cause the closed-loop system to enter a forbidden state. Our goal is to verify whether there exists such a threatening sensor attacker for a given controlled system. A new structure, called All Sensor Attack (ASA), is proposed to capture all possible sensor attacks launched by the attacker. Based on the ASA automaton, a necessary and sufficient condition for the existence of a stealthy threatening sensor attacker is presented. Finally, we show that the condition can be verified in polynomial time
- …