259 research outputs found
Attack-Resilient Supervisory Control of Discrete-Event Systems
In this work, we study the problem of supervisory control of discrete-event
systems (DES) in the presence of attacks that tamper with inputs and outputs of
the plant. We consider a very general system setup as we focus on both
deterministic and nondeterministic plants that we model as finite state
transducers (FSTs); this also covers the conventional approach to modeling DES
as deterministic finite automata. Furthermore, we cover a wide class of attacks
that can nondeterministically add, remove, or rewrite a sensing and/or
actuation word to any word from predefined regular languages, and show how such
attacks can be modeled by nondeterministic FSTs; we also present how the use of
FSTs facilitates modeling realistic (and very complex) attacks, as well as
provides the foundation for design of attack-resilient supervisory controllers.
Specifically, we first consider the supervisory control problem for
deterministic plants with attacks (i) only on their sensors, (ii) only on their
actuators, and (iii) both on their sensors and actuators. For each case, we
develop new conditions for controllability in the presence of attacks, as well
as synthesizing algorithms to obtain FST-based description of such
attack-resilient supervisors. A derived resilient controller provides a set of
all safe control words that can keep the plant work desirably even in the
presence of corrupted observation and/or if the control words are subjected to
actuation attacks. Then, we extend the controllability theorems and the
supervisor synthesizing algorithms to nondeterministic plants that satisfy a
nonblocking condition. Finally, we illustrate applicability of our methodology
on several examples and numerical case-studies
Wearable Honeypot
Wearable embedded devices are in common use in the the medical industry. In today’s society security is needed in just about every electronic device. However, these devices don\u27t yet have many security standards. To prevent scenarios that involve unauthorized sources intruding on a device, a honeypot could be used as a secure lightweight (in terms of resource usage) addition to these medical devices. Honeypots typically have a monitoring component, this allows a system designer to gain knowledge of exploits which can then be patched. This project seeks to devise and implement a wearable honeypot to add security to a BAN (Body Area Network)
Wearable Honeypot
Wearable embedded devices are in common use in the medical industry. In today’s society security is needed in just about every electronic device. However, these devices don\u27t yet have many security standards. To prevent scenarios that involve unauthorized sources intruding on a device, a honeypot could be used as a secure lightweight (in terms of resource usage) addition to these medical devices. This project seeks to devise and implement a wearable honeypot to add security to a BAN (Body Area Network)
Adversarial Sensor Attack on LiDAR-based Perception in Autonomous Driving
In Autonomous Vehicles (AVs), one fundamental pillar is perception, which
leverages sensors like cameras and LiDARs (Light Detection and Ranging) to
understand the driving environment. Due to its direct impact on road safety,
multiple prior efforts have been made to study its the security of perception
systems. In contrast to prior work that concentrates on camera-based
perception, in this work we perform the first security study of LiDAR-based
perception in AV settings, which is highly important but unexplored. We
consider LiDAR spoofing attacks as the threat model and set the attack goal as
spoofing obstacles close to the front of a victim AV. We find that blindly
applying LiDAR spoofing is insufficient to achieve this goal due to the machine
learning-based object detection process. Thus, we then explore the possibility
of strategically controlling the spoofed attack to fool the machine learning
model. We formulate this task as an optimization problem and design modeling
methods for the input perturbation function and the objective function. We also
identify the inherent limitations of directly solving the problem using
optimization and design an algorithm that combines optimization and global
sampling, which improves the attack success rates to around 75%. As a case
study to understand the attack impact at the AV driving decision level, we
construct and evaluate two attack scenarios that may damage road safety and
mobility. We also discuss defense directions at the AV system, sensor, and
machine learning model levels.Comment: Accepted at the ACM Conference on Computer and Communications
Security (CCS), 201
A Hierarchical Architectural Framework for Securing Unmanned Aerial Systems
Unmanned Aerial Systems (UAS) are becoming more widely used in the new era of evolving technology; increasing performance while decreasing size, weight, and cost. A UAS equipped with a Flight Control System (FCS) that can be used to fly semi- or fully-autonomous is a prime example of a Cyber Physical and Safety Critical system. Current Cyber-Physical defenses against malicious attacks are structured around security standards for best practices involving the development of protocols and the digital software implementation. Thus far, few attempts have been made to embed security into the architecture of the system considering security as a holistic problem. Therefore, a Hierarchical, Embedded, Cyber Attack Detection (HECAD) framework is developed to provide security in a holistic manor, providing resiliency against cyber-attacks as well as introducing strategies for mitigating and dealing with component failures. Traversing the hardware/software barrier, HECAD provides detection of malicious faults at the hardware and software level; verified through the development of an FPGA implementation and tested using a UAS FCS
A systematic literature review on Security of Unmanned Aerial Vehicle Systems
Unmanned aerial vehicles (UAVs) are becoming more common, and their
operational range is expanding tremendously, making the security aspect of the
inquiry essential. This study does a thorough assessment of the literature to
determine the most common cyberattacks and the effects they have on UAV
assaults on civilian targets. The STRIDE assault paradigm, the challenge they
present, and the proper tools for the attack are used to categorize the cyber
dangers discussed in this paper. Spoofing and denial of service assaults are
the most prevalent types of UAV cyberattacks and have the best results. No
attack style demands the employment of a hard-to-reach gadget, indicating that
the security environment currently necessitates improvements to UAV use in
civilian applications.Comment: 10 Pages, 4 Figure
- …