A Survey of Physics-Based Attack Detection in Cyber-Physical Systems

Authors:
Jairo Giraldo

University of Texas at Dallas, Richardson, USA

University of Texas at Dallas, Richardson, USA

0000-0003-3933-8271
View Profile

,
David Urbina

University of Texas at Dallas, Richardson, USA

University of Texas at Dallas, Richardson, USA
View Profile

,
Alvaro Cardenas

University of Texas at Dallas, Richardson, USA

University of Texas at Dallas, Richardson, USA
View Profile

,
Junia Valente

University of Texas at Dallas, Richardson, USA

University of Texas at Dallas, Richardson, USA
View Profile

,
Mustafa Faisal

University of Texas at Dallas, Richardson, USA

University of Texas at Dallas, Richardson, USA
View Profile

,
Justin Ruths

University of Texas at Dallas, Richardson, USA

University of Texas at Dallas, Richardson, USA
View Profile

,
Nils Ole Tippenhauer

Singapore University of Technology and Design, Singapore

Singapore University of Technology and Design, Singapore
View Profile

,
Henrik Sandberg

KTH Royal Institute of Technology, Stockholm, Sweden

KTH Royal Institute of Technology, Stockholm, Sweden
View Profile

,
Richard Candell

National Institute of Standards and Technology, Gaithersburg, USA

National Institute of Standards and Technology, Gaithersburg, USA
View Profile

Authors Info & Claims

ACM Computing Surveys Volume 51 Issue 4Article No.: 76pp 1–36https://doi.org/10.1145/3203245

Published:25 July 2018Publication History

ACM Computing Surveys

Abstract

Monitoring the “physics” of cyber-physical systems to detect attacks is a growing area of research. In its basic form, a security monitor creates time-series models of sensor readings for an industrial control system and identifies anomalies in these measurements to identify potentially false control commands or false sensor readings. In this article, we review previous work on physics-based anomaly detection based on a unified taxonomy that allows us to identify limitations and unexplored challenges and to propose new solutions.

References

Muhammad Qasim Ali and Ehab Al-Shaer. 2013. Configuration-based IDS for advanced metering infrastructure. In Proceedings of the Conference on Computer 8 Communications Security (CCS’13). 451--462. Google ScholarDigital Library
Riham Al Tawy and Amr M. Youssef. 2016. Security tradeoffs in cyber physical systems: A case study survey on implantable medical devices. IEEE Access 4 (2016), 959--979.Google ScholarCross Ref
Saurabh Amin, Xavier Litrico, Shankar Sastry, and Alexandre M. Bayen. 2013. Cyber security of water SCADA systems--part I: analysis and experimentation of stealthy deception attacks. IEEE Trans. Control Syst. Technol. 21, 5 (2013), 1963--1970.Google ScholarCross Ref
Saurabh Amin, Xavier Litrico, S. Shankar Sastry, and Alexandre M. Bayen. 2013. Cyber security of water SCADA systems--part II: Attack detection using enhanced hydrodynamic models. IEEE Trans. Control Syst. Technol. 21, 5 (2013), 1679--1693.Google ScholarCross Ref
Karl Johan Åström and Peter Eykhoff. 1971. System identification: A survey. Automatica 7, 2 (1971), 123--162. Google ScholarDigital Library
Stefan Axelsson. 2000. The base-rate fallacy and the difficulty of intrusion detection. ACM Trans. Info. Syst. Secur. 3, 3 (2000), 186--205. Google ScholarDigital Library
Cheng-zong Bai and Vijay Gupta. 2014. On Kalman filtering in the presence of a compromised sensor: Fundamental performance bounds. In Proceedings of American Control Conference. 3029--3034.Google Scholar
Cheng-zong Bai, Fabio Pasqualetti, and Vijay Gupta. 2015. Security in stochastic control systems: Fundamental limitations and performance bounds. In Proceedings of American Control Conference.Google Scholar
Robin Berthier and William H. Sanders. 2011. Specification-based intrusion detection for advanced metering infrastructures. In Proceedings of the Pacific Rim International Symposium on Dependable Computing (PRDC’11). IEEE, 184--193. Google ScholarDigital Library
Rakesh B. Bobba, Katherine M. Rogers, Qiyan Wang, Himanshu Khurana, Klara Nahrstedt, and Thomas J. Overbye. 2010. Detecting false data injection attacks on DC state estimation. In Proceedings of Workshop on Secure Control Systems, Vol. 2010.Google Scholar
Paul Brooks. 2001. EtherNet/IP: Industrial Protocol White Paper. Technical Report. Rockwell Automation.Google Scholar
Andrea Carcano, Alessio Coletta, Michele Guglielmi, Marcelo Masera, Igor Nai Fovino, and Alberto Trombetta. 2011. A multidimensional critical state analysis for detecting intrusions in SCADA systems. IEEE Trans. Industr. Info. 7, 2 (2011), 179--186.Google ScholarCross Ref
Alvaro A. Cardenas, Saurabh Amin, Zong-Syun Lin, Yu-Lun Huang, Chi-Yen Huang, and Shankar Sastry. 2011. Attacks against process control systems: Risk assessment, detection, and response. In Proceedings of the ACM Symposium on Information, Computer and Communications Security. 355--366. Google ScholarDigital Library
Alvaro A. Cárdenas, John S. Baras, and Karl Seamon. 2006. A framework for the evaluation of intrusion detection systems. In Proceedings of Symposium on Security and Privacy. IEEE, 15--pp.Google ScholarDigital Library
Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, Tadayoshi Kohno et al. 2011. Comprehensive experimental analyses of automotive attack surfaces. In Proceedings of the USENIX Security Symposium. Google ScholarDigital Library
Steven Cheung, Bruno Dutertre, Martin Fong, Ulf Lindqvist, Keith Skinner, and Alfonso Valdes. 2007. Using model-based intrusion detection for SCADA networks. In Proceedings of the SCADA Security Scientific Symposium, Vol. 46. 1--12.Google Scholar
Michelle S. Chong, Masashi Wakaiki, and Joao P. Hespanha. 2015. Observability of linear systems under adversarial attacks. In Proceedings of the American Control Conference (ACC’15). IEEE, 2439--2444.Google Scholar
Luis F. Cómbita, Jairo Giraldo, Alvaro A. Cárdenas, and Nicanor Quijano. 2015. Response and reconfiguration of cyber-physical control systems: A survey. In Proceedings of the IEEE 2nd Colombian Conference on Automatic Control (CCAC’15). IEEE, 1--6.Google ScholarCross Ref
Valentina Conotter, James F. O’Brien, and Hany Farid. 2012. Exposing digital forgeries in ballistic motion. IEEE Trans. Info. Forensics Secur. 7, 1 (2012), 283--296. Google ScholarDigital Library
Shuguang Cui, Zhu Han, Soummya Kar, Tung T. Kim, H. Vincent Poor, and Ali Tajer. 2012. Coordinated data-injection attack and detection in the smart grid: A detailed look at enriching detection solutions. IEEE Signal Process. Mag. 29, 5 (2012), 106--115.Google ScholarCross Ref
György Dán and Henrik Sandberg. 2010. Stealth attacks and protection schemes for state estimators in power systems. In Proceedings of IEEE Smart Grid Commnunications Conference (SmartGridComm’10).Google ScholarCross Ref
Katherine R. Davis, Kate L. Morrow, Rakesh Bobba, and Erich Heine. 2012. Power flow cyber attacks and perturbation-based defense. In Proceedings of Conference on Smart Grid Communications (SmartGridComm’12). IEEE, 342--347.Google ScholarCross Ref
Van Long Do, Lionel Fillatre, and Igor Nikiforov. 2014. A statistical method for detecting cyber/physical attacks on SCADA systems. In Proceedings of Conference on Control Applications (CCA’14). IEEE, 364--369.Google ScholarCross Ref
Emeka Eyisi and Xenofon Koutsoukos. 2014. Energy-based attack detection in networked control systems. In Proceedings of the Conference on High Confidence Networked Systems (HiCoNS’14). ACM, New York, NY, 115--124. Retrieved from Google ScholarDigital Library
Nicolas Falliere, Liam O. Murchu, and Eric Chien. 2011. W32. stuxnet dossier. White paper, Symantec Corp., Security Response.Google Scholar
Piotr Gaj, Jürgen Jasperneite, and Max Felser. 2013. Computer communication within industrial distributed environment--a survey. IEEE Trans. Industr. Info. 9, 1 (2013), 182--189.Google ScholarCross Ref
Ryan M. Gerdes, Chris Winstead, and Kevin Heaslip. 2013. CPS: An efficiency-motivated attack against autonomous vehicular transportation. In Proceedings of the Annual Computer Security Applications Conference (ACSAC’13). ACM, 99--108. Google ScholarDigital Library
J. J. Gertler. 1988. Survey of model-based failure detection and isolation in complex plants. IEEE Control Syst. Mag. 8, 6 (1988), 3--11.Google ScholarCross Ref
Annarita Giani, Eilyan Bitar, Manuel Garcia, Miles McQueen, Pramod Khargonekar, and Kameshwar Poolla. 2011. Smart grid data integrity attacks: characterizations and countermeasures π. In Proceedings of Conference on Smart Grid Communications (SmartGridComm’11). IEEE, 232--237.Google Scholar
Dina Hadžiosmanović, Lorenzo Simionato, Damiano Bolzoni, Emmanuele Zambon, and Sandro Etalle. 2012. N-gram against the machine: On the feasibility of the n-gram network analysis for binary protocols. In Research in Attacks, Intrusions, and Defenses. Springer, 354--373. Google ScholarDigital Library
Dina Hadžiosmanović, Robin Sommer, Emmanuele Zambon, and Pieter H. Hartel. 2014. Through the eye of the PLC: semantic security monitoring for industrial processes. In Proceedings of the Annual Computer Security Applications Conference (ACSAC’14). ACM, 126--135. Google ScholarDigital Library
S. Han, M. Xie, H. H. Chen, and Y. Ling. 2014. Intrusion Detection in Cyber-Physical Systems: Techniques and Challenges. IEEE Syst. J. 8, 4 (Dec. 2014), 1052--1062.Google Scholar
Hongmei He, Carsten Maple, Tim Watson, Ashutosh Tiwari, Jörn Mehnen, Yaochu Jin, and Bogdan Gabrys. 2016. The security challenges in the IoT enabled cyber-physical systems and opportunities for evolutionary computing 8 other computational intelligence. In Proceedings of the IEEE Congress on Evolutionary Computation (CEC’16). IEEE, 1015--1021.Google ScholarDigital Library
Haibo He and Jun Yan. 2016. Cyber-physical attacks and defences in the smart grid: a survey. IET Cyber-Phys. Syst.: Theory Appl. 1, 1 (2016), 13--27.Google ScholarCross Ref
Xiali Hei, Xiaojiang Du, Shan Lin, and Insup Lee. 2013. PIPAC: Patient infusion pattern based access control scheme for wireless insulin pump system. In Proceedings of INFOCOM. IEEE, 3030--3038.Google ScholarCross Ref
Nathan Henry, Nathanael Paul, and Nicole McFarlane. 2013. Using bowel sounds to create a forensically aware insulin pump system. In Proceedings of Workshop on Health Information Technologies. Google ScholarDigital Library
Baik Hoh, Marco Gruteser, Ryan Herring, Jeff Ban, Daniel Work, Juan-Carlos Herrera, Alexandre M. Bayen, Murali Annavaram, and Quinn Jacobson. 2008. Virtual trip lines for distributed privacy-preserving traffic monitoring. In Proceedings of the Conference on Mobile Systems, Applications, and Services. ACM, 15--28. Google ScholarDigital Library
Fangyuan Hou, Zhonghua Pang, Yuguo Zhou, and Dehui Sun. 2015. False data injection attacks for a class of output tracking control systems. In Proceedings of Chinese Control and Decision Conference. 3319--3323.Google ScholarCross Ref
J. How. 2015. Cyberphysical security in networked control systems {about this issue}. IEEE Control Syst. 35, 1 (Feb. 2015), 8--12. Retrieved fromGoogle Scholar
Abdulmalik Humayed, Jingqiang Lin, Fengjun Li, and Bo Luo. 2017. Cyber-physical systems security—A survey. arXiv preprint arXiv:1701.04525 (2017).Google Scholar
Inseok Hwang, Sungwan Kim, Youdan Kim, and Chze Eng Seah. 2010. A survey of fault detection, isolation, and reconfiguration methods. IEEE Trans. Control Syst. Technol. 18, 3 (2010), 636--653.Google ScholarCross Ref
Rob Millerb Ishtiaq Roufa, Hossen Mustafaa, Sangho Ohb Travis Taylora, Wenyuan Xua, Marco Gruteserb, Wade Trappeb, and Ivan Seskarb. 2010. Security and privacy vulnerabilities of in-car wireless networks: A tire pressure monitoring system case study. In Proceedings of USENIX Security Symposium. 11--13. Google ScholarDigital Library
Marek Jawurek, Florian Kerschbaum, and George Danezis. 2012. Privacy Technologies for Smart Grids—A Survey of Options. Technical Report MSR-TR-2012-119. Retrieved from http://research.microsoft.com/apps/pubs/default.aspx?id=178055.Google Scholar
K. H. Johansson. 2000. The quadruple-tank process: A multivariable laboratory process with an adjustable zero. IEEE Trans. Control Syst. Technol. 8, 3 (May 2000), 456--465. Retrieved fromGoogle ScholarCross Ref
Andrew J. Kerns, Daniel P. Shepard, Jahshan A. Bhatti, and Todd E. Humphreys. 2014. Unmanned aircraft capture and control via GPS spoofing. J. Field Robot. 31, 4 (2014), 617--636. Google ScholarDigital Library
Tùng T. Kim and H. Vincent Poor. 2011. Strategic protection against data injection attacks on power grids. IEEE Trans. Smart Grid 2, 2 (2011), 326--333.Google ScholarCross Ref
Istvan Kiss, Bela Genge, and Piroska Haller. 2015. A clustering-based approach to detect cyber attacks in process control systems. In Proceedings of Conference on Industrial Informatics (INDIN’15). IEEE, 142--148.Google ScholarCross Ref
Nikos Komninos, Eleni Philippou, and Andreas Pitsillides. 2014. Survey in smart grid and smart home security: Issues, challenges and countermeasures. IEEE Commun. Surveys Tutor. 16, 4 (2014), 1933--1954.Google ScholarCross Ref
Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham et al. 2010. Experimental security analysis of a modern automobile. In Proceedings of the IEEE Symposium on Security and Privacy (SP’10). IEEE, 447--462. Google ScholarDigital Library
Oliver Kosut, Liyan Jia, Robert Thomas, and Lang Tong. 2010. Malicious Data Attacks on Smart Grid State Estimation: Attack Strategies and Countermeasures. In Proceedings of IEEE Smart Grid Commnunications Conference (SmartGridComm’10).Google ScholarCross Ref
Georgia Koutsandria, Vishak Muthukumar, Masood Parvania, Sean Peisert, Chuck McParland, and Anna Scaglione. 2014. A Hybrid Network IDS for Protective Digital Relays in the Power Transmission Grid. In Proceedings of Conference on Smart Grid Communications (SmartGridComm’14).Google ScholarCross Ref
Marina Krotofil, Jason Larsen, and Dieter Gollmann. 2015. The process matters: Ensuring data veracity in cyber-physical systems. In Proceedings of the ACM Symposium on Information, Computer and Communications Security (ACSAC’15). ACM, 133--144. Google ScholarDigital Library
Cheolhyeon Kwon, Weiyi Liu, and Inseok Hwang. 2013. Security analysis for cyber-physical systems against stealthy deception attacks. In Proceedings of American Control Conference. 3344--3349.Google Scholar
Ralph Langner. 2011. Stuxnet: Dissecting a cyberwarfare weapon. IEEE Secur. Privacy 9, 3 (2011), 49--51. Google ScholarDigital Library
Michael LeMay and Carl A. Gunter. 2012. Cumulative attestation kernels for embedded systems. IEEE Trans. Smart Grid 3, 2 (2012), 744--760.Google ScholarCross Ref
Jingwen Liang, Oliver Kosut, and Lalitha Sankar. 2014. Cyber attacks on AC state estimation: Unobservability and physical consequences. In Proceedings of PES General Meeting. 1--5. Retrieved fromGoogle ScholarCross Ref
Hui Lin, Adam Slagell, Catello Di Martino, Zbigniew Kalbarczyk, and Ravishankar K. Iyer. 2013. Adapting Bro into SCADA: Building a specification-based intrusion detection system for the DNP3 protocol. In Proceedings of the 8th Annual Cyber Security and Information Intelligence Research Workshop. ACM, 5. Google ScholarDigital Library
Hui Lin, Adam Slagell, Zbigniew Kalbarczyk, Peter W. Sauer, and Ravishankar K. Iyer. 2013. Semantic security analysis of SCADA networks to detect malicious control commands in power grids. In Proceedings of the ACM Workshop on Smart Energy Grid Security. ACM, 29--34. Google ScholarDigital Library
Jing Liu, Yang Xiao, Shuhui Li, Wei Liang, and C. L. Philip Chen. 2012. Cyber security and privacy issues in smart grids. IEEE Commun. Surveys Tutor. 14, 4 (2012), 981--997.Google ScholarCross Ref
Yao Liu, Peng Ning, and Michael K. Reiter. 2009. False data injection attacks against state estimation in electric power grids. In Proceedings of the conference on Computer and communications security (CCS’09). ACM, 21--32. Google ScholarDigital Library
Yao Liu, Peng Ning, and Michael K. Reiter. 2011. False data injection attacks against state estimation in electric power grids. ACM Trans. Info. Syst. Secur. 14, 1 (2011), 13. Google ScholarDigital Library
L. Ljung. 1996. The Control Handbook. CRC Press, Chapter System Identification, 1033--1054.Google Scholar
Lennart Ljung (Ed.). 1999. System Identification (2nd Ed.): Theory for the User. Prentice Hall PTR, Upper Saddle River, NJ. Google ScholarDigital Library
Yuriy Zacchia Lun, Alessandro D’Innocenzo, Ivano Malavolta, and Maria Domenica Di Benedetto. 2016. Cyber-physical systems security: A systematic mapping study. arXiv preprint arXiv:1605.09641 (2016).Google Scholar
M. H. Cintuglu and O. A. Mohammed and K. Akkaya and A. S. Uluagac. 2017. A survey on smart grid cyber-physical system testbeds. IEEE Commun. Surveys Tutor. 19, 1 (2017), 446--464.Google ScholarDigital Library
Daisuke Mashima and Alvaro Cárdenas. 2012. Evaluating electricity theft detectors in smart grid networks. In Research in Attacks, Intrusions, and Defenses. Springer, 210--229. Google ScholarDigital Library
Stephen McLaughlin. 2013. CPS: Stateful policy enforcement for control system device usage. In Proceedings of the Annual Computer Security Applications Conference (ACSAC’13). ACM, New York, NY, USA, 109--118. Google ScholarDigital Library
Stephen McLaughlin and Patrick McDaniel. 2012. SABOT: Specification-based payload generation for programmable logic controllers. In Proceedings of the Conference on Computer and Communications Security (CCS’12). ACM, 439--449. Google ScholarDigital Library
Stephen McLaughlin, Saman Zonouz, Devin Pohly, and Patrick McDaniel. 2014. A trusted safety verifier for process controller code. In Proceedings of the ISOC Network and Distributed Systems Security Symposium (NDSS’14).Google ScholarCross Ref
Fei Miao, Quanyan Zhu, Miroslav Pajic, and George J. Pappas. 2014. Coding sensor outputs for injection attacks detection. In Proceedings of Conference on Decision and Control. 5776--5781.Google Scholar
Shaunak Mishra, Yasser Shoukry, Nikhil Karamchandani, Suhas N. Diggavi, and Paulo Tabuada. 2017. Secure state estimation against sensor attacks in the presence of noise. IEEE Trans. Control Netw. Syst. 4, 1 (2017), 49--59.Google ScholarCross Ref
Robert Mitchell and Ing-Ray Chen. 2014. A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surv. 46, 4, Article 55 (Mar. 2014), 29 pages. Google ScholarDigital Library
Sayan Mitra, Tichakorn Wongpiromsarn, and Richard M. Murray. 2013. Verifying cyber-physical interactions in safety-critical systems. IEEE Secur. Privacy 11, 4 (2013), 28--37. Google ScholarDigital Library
Yilin Mo and Bruno Sinopoli. 2009. Secure control against replay attacks. In Proceedings of the Annual Allerton Conference on Communication, Control, and Computing (Allerton’09). IEEE, 911--918. Google ScholarDigital Library
Yilin Mo, Sean Weerakkody, and Bruno Sinopoli. 2015. Physical authentication of control systems: Designing watermarked control inputs to detect counterfeit sensor outputs. IEEE Control Syst. 35, 1 (2015), 93--109.Google ScholarCross Ref
Y. L. Mo, R. Chabukswar, and B. Sinopoli. 2014. Detecting integrity attacks on SCADA systems. IEEE Trans. Control Syst. Technol. 22, 4 (2014), 1396--1407.Google ScholarCross Ref
Kate L. Morrow, Erich Heine, Katherine M. Rogers, Rakesh B. Bobba, and Thomas J. Overbye. 2012. Topology perturbation for detecting malicious data injection. In Proceedings of Conference on System Science (HICSS’12). IEEE, 2104--2113. Google ScholarDigital Library
C. Murguia and J. Ruths. 2016. Characterization of a CUSUM model-based sensor attack detector. In Proceedings of the IEEE 55th Conference on Decision and Control (CDC’16). 1303--1309.Google Scholar
O. Kocabas, T. Soyata, and M. K. Aktas. 2016. Emerging security mechanisms for medical cyber physical systems. IEEE/ACM Trans. Comput. Biol. Bioinformat. 13, 3 (May 2016), 401--416. Google ScholarDigital Library
ODVA: The CIP Networks Library, Volume 2, “EtherNet/IP Adaptation of CIP”, Edition 1.11, April 2011. Accessed on July 15, 2017.Google Scholar
Yao Pan, Jules White, Douglas C. Schmidt, Ahmad Elhabashy, Logan Sturm, Jaime Camelio, and Christopher Williams. 2017. Taxonomies for reasoning about cyber-physical attacks in IoT-based manufacturing systems. Int. J. Interact. Multimedia Artific. Intel. 4, Special Issue on Advances and Applications in the Internet of Things and Cloud Computing (2017).Google ScholarCross Ref
M. Parvania, G. Koutsandria, V. Muthukumary, S. Peisert, C. McParland, and A. Scaglione. 2014. Hybrid control network intrusion detection systems for automated power distribution systems. In Proceedings of Conference on Dependable Systems and Networks (DSN’14). 774--779. Google ScholarDigital Library
F. Pasqualetti, F. Dorfler, and F. Bullo. 2013. Attack detection and identification in cyber-physical systems. IEEE Trans. Auto. Control 58, 11 (Nov. 2013), 2715--2729.Google ScholarCross Ref
Mohammad Ashiqur Rahman, Ehab Al-Shaer, Md Rahman et al. 2013. A formal model for verifying stealthy attacks on state estimation in power grids. In Proceedings of Conference on Smart Grid Communications (SmartGridComm’13). IEEE, 414--419.Google Scholar
Ishtiaq Rouf, Hossen Mustafa, Miao Xu, Wenyuan Xu, Rob Miller, and Marco Gruteser. 2012. Neighborhood watch: Security and privacy analysis of automatic meter reading systems. In Proceedings of the conference on Computer and communications security (CCS’12). ACM, 462--473. Google ScholarDigital Library
Michael Rushanan, Aviel D. Rubin, Denis Foo Kune, and Colleen M. Swanson. 2014. SoK: Security and privacy in implantable medical devices and body area networks. In Proceedings of Symposium on Security and Privacy (S8P’14). IEEE. Google ScholarDigital Library
Michael Rushanan, Aviel D. Rubin, Denis Foo Kune, and Colleen M. Swanson. 2014. SoK: Security and privacy in implantable medical devices and body area networks. In Proceedings of the IEEE Symposium on Security and Privacy (SP’14). IEEE, 524--539. Google ScholarDigital Library
Imran Sajjad, Daniel D. Dunn, Rajnikant Sharma, and Ryan Gerdes. 2015. Attack mitigation in adversarial platooning using detection-based sliding mode control. In Proceedings of the ACM Workshop on Cyber-Physical Systems-Security and/or Privacy (CPS-SPC’15). ACM, New York, NY, 43--53. Google ScholarDigital Library
Imran Sajjad, Daniel D. Dunn, Rajnikant Sharma, and Ryan Gerdes. 2015. Attack mitigation in adversarial platooning using detection-based sliding mode control. In Proceedings of the Workshop on Cyber-Physical Systems-Security and/or Privacy (CPS-SPC’15). ACM, New York, NY, 43--53. Retrieved from Google ScholarDigital Library
Henrik Sandberg, André Teixeira, and Karl H. Johansson. 2010. On security indices for state estimators in power networks. In Proceedings of the Workshop on Secure Control Systems.Google Scholar
Reza Shokri, George Theodorakopoulos, J.-Y. Le Boudec, and J.-P. Hubaux. 2011. Quantifying location privacy. In Proceedings of Symposium on Security and Privacy (S8P’11). IEEE, 247--262. Google ScholarDigital Library
Yasser Shoukry, Michelle Chong, Masashi Wakaiki, Pierluigi Nuzzo, Alberto L Sangiovanni-Vincentelli, Sanjit A. Seshia, Joao P. Hespanha, and Paulo Tabuada. 2016. SMT-based observer design for cyber-physical systems under sensor attacks. In Proceedings fo the ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS’16). IEEE, 1--10. Google ScholarDigital Library
Yasser Shoukry, Paul Martin, Yair Yona, Suhas Diggavi, and Mani Srivastava. 2015. PyCRA: Physical challenge-response authentication for active sensors under spoofing attacks. In Proceedings of the Conference on Computer and Communications Security (CCS’15). ACM, New York, NY, 1004--1015. Google ScholarDigital Library
Roy Smith. 2011. A decoupled feedback structure for covertly appropriating networked control systems. In Proceedings of World Congress, Vol. 18. 90--95.Google ScholarCross Ref
R. S. Smith. 2015. Covert misappropriation of networked control systems: Presenting a feedback structure. IEEE Control Syst. 35, 1 (Feb. 2015), 82--92.Google Scholar
Eduardo D. Sontag. 1998. Mathematical Control Theory: Deterministic Finite Dimensional Systems. Vol. 6. Springer. Google ScholarDigital Library
Siddharth Sridhar and Manimaran Govindarasu. 2014. Model-based attack detection and mitigation for automatic generation control. IEEE Trans. Smart Grid 5, 2 (2014), 580--591.Google ScholarCross Ref
Rui Tan, Varun Badrinath Krishna, David K. Y. Yau, and Zbigniew Kalbarczyk. 2013. Impact of integrity attacks on real-time pricing in smart grids. In Proceedings of the Conference on Computer 8 Communications Security (CCS’13). ACM, 439--450. Google ScholarDigital Library
S. Tan, D. De, W. Z. Song, J. Yang, and S. K. Das. 2017. Survey of security advances in smart grid: A data driven approach. IEEE Commun. Surveys Tutor. 19, 1 (Firstquarter 2017), 397--422.Google ScholarDigital Library
André Teixeira, Saurabh Amin, Henrik Sandberg, Karl Henrik Johansson, and Shankar S. Sastry. 2010. Cyber security analysis of state estimators in electric power systems. In Proceedings of Conference on Decision and Control (CDC’10). IEEE, 5991--5998.Google Scholar
André Teixeira, György Dán, Henrik Sandberg, and Karl Henrik Johansson. 2011. A cyber security study of a SCADA energy management system: Stealthy deception attacks on the state estimator. In Proceedings of World Congress, Vol. 18. 11271--11277.Google ScholarCross Ref
André Teixeira, Daniel Pérez, Henrik Sandberg, and Karl Henrik Johansson. 2012. Attack models and scenarios for networked control systems. In Proceedings of the conference on High Confidence Networked Systems. ACM, 55--64. Google ScholarDigital Library
André Teixeira, Iman Shames, Henrik Sandberg, and Karl Henrik Johansson. 2012. Revealing stealthy attacks in control systems. In Proceedings of the Annual Allerton Conference on Communication, Control, and Computing (Allerton’12). IEEE, 1806--1813.Google ScholarCross Ref
David Urbina, Jairo Giraldo, Nils Ole Tippenhauer, and Alvaro Cárdenas. 2016. Attacking fieldbus communications in ICS: Applications to the SWaT testbed. In Proceedings of Singapore Cyber Security R8D Conference (SG-CRC’16), Vol. 14. 75--89.Google Scholar
David I. Urbina, Jairo A. Giraldo, Alvaro A. Cardenas, Nils Ole Tippenhauer, Junia Valente, Mustafa Faisal, Justin Ruths, Richard Candell, and Henrik Sandberg. 2016. Limiting the impact of stealthy attacks on industrial control systems. In Proceedings of the Conference on Computer and Communications Security (CCS’16). ACM, 1092--1105. Google ScholarDigital Library
Junia Valente and Alvaro A. Cardenas. 2015. Using visual challenges to verify the integrity of security cameras. In Proceedings of the Annual Computer Security Applications Conference (ACSAC’15). ACM. Google ScholarDigital Library
Junia Valente and Alvaro A. Cardenas. 2017. Remote proofs of video freshness for public spaces. In Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy (CPS’17). ACM, New York, NY, 111--122. Google ScholarDigital Library
Ognjen Vuković and György Dán. 2013. On the security of distributed power system state estimation under targeted attacks. In Proceedings of the Annual ACM Symposium on Applied Computing (ACSAC’13). ACM, 666--672. Google ScholarDigital Library
Dong Wang, Zidong Wang, Bo Shen, Fuad E. Alsaadi, and Tasawar Hayat. 2016. Recent advances on filtering and control for cyber-physical systems under security and resource constraints. J. Franklin Inst. 353, 11 (2016), 2451--2466.Google ScholarCross Ref
Gang Wang, Bolun Wang, Tianyi Wang, Ana Nika, Haitao Zheng, and Ben Y. Zhao. 2016. Defending against Sybil devices in crowdsourced mapping services. In Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services. ACM, 179--191. Google ScholarDigital Library
Yong Wang, Zhaoyan Xu, Jialong Zhang, Lei Xu, Haopei Wang, and Guofei Gu. 2014. SRID: State relation based intrusion detection for false data injection attacks in SCADA. In Proceedings of European Symposium on Research in Computer Security (ESORICS’14). Springer, 401--418. Google ScholarDigital Library
Greg Welch and Gary Bishop. 1995. An introduction to the Kalman filter.Google Scholar
Lee J. Wells, Jaime A. Camelio, Christopher B. Williams, and Jules White. 2014. Cyber-physical security challenges in manufacturing systems. Manufact. Lett. 2, 2 (2014), 74--77.Google ScholarCross Ref
Theodore J. Williams. 1994. The purdue enterprise reference architecture. Comput. Industry 24, 2 (1994), 141--158. Google ScholarDigital Library
Alan S. Willsky. 1976. A survey of design methods for failure detection in dynamic systems. Automatica 12, 6 (1976), 601--611. Google ScholarDigital Library
Wireshark Network Protocol Analyzer. 2016. Retrieved from https://www.wireshark.org/.Google Scholar
xnetfilterq. 2015. Python bindings for libnetfilter_queue. Retrieved from https://github.com/fqrouter/python-netfilterqueue.Google Scholar
xpython. 2015. Python language. Version 2.7.10. Retrieved from https://docs.python.org/2/.Google Scholar
xscapy. 2015. Scapy packet manipulation program. Version 2.3.1. Retrieved from http://www.secdev.org/projects/scapy/doc/.Google Scholar
S. Z. Yong, M. Q. Foo, and E. Frazzoli. 2016. Robust and resilient estimation for cyber-physical systems under adversarial attacks. In Proceedings of the American Control Conference (ACC’16). 308--315.Google Scholar
Steven Eric Zeltmann, Nikhil Gupta, Nektarios Georgios Tsoutsos, Michail Maniatakos, Jeyavijayan Rajendran, and Ramesh Karri. 2016. Manufacturing and security challenges in 3D printing. J. Miner. Metals Mater. 68, 7 (2016), 1872--1881.Google ScholarCross Ref

Index Terms

A Survey of Physics-Based Attack Detection in Cyber-Physical Systems

Recommendations

A hybrid behavior- and Bayesian network-based framework for cyber–physical anomaly detection
Abstract
In recent years, the increasing Internet connectivity and heterogeneity of industrial protocols have been raising the number and nature of cyber-attacks against Industrial Control Systems (ICS). Such cyber-attacks may lead to cyber anomalies and ...
Highlights
- Hybrid behavior- and Bayesian network-based cyber–physical anomaly detection.
- Hybrid anomaly detection framework based on both cyber and physical data from ICS.
- Identification of cyber, physical and cyber–physical anomalies in ICS.
Read More
Adaptive window-based sensor attack detection for cyber-physical systems
DAC '22: Proceedings of the 59th ACM/IEEE Design Automation Conference

Sensor attacks alter sensor readings and spoof Cyber-Physical Systems (CPS) to perform dangerous actions. Existing detection works tend to minimize the detection delay and false alarms at the same time, while there is a clear trade-off between the two ...
Read More
Adversarial attacks and mitigation for anomaly detectors of cyber-physical systems
Highlights
- Successfully evaded RNN-based anomaly detectors in real-world CPSs using a gradient-based adversarial attack.
Abstract
The threats faced by cyber-physical systems (CPSs) in critical infrastructure have motivated research into a multitude of attack detection mechanisms, including anomaly detectors based on neural network models. The effectiveness of ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Computing Surveys Volume 51, Issue 4
July 2019
765 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/3236632
Editor:
Sartaj Sahni
Department of Computer and Information Science and Engineering / University of Florida / Gainesville, FL 32611
Issue’s Table of Contents
Copyright © 2018 ACM
Publication rights licensed to ACM. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of the United States government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 25 July 2018
- Revised: 1 March 2018
- Accepted: 1 March 2018
- Received: 1 May 2017
Published in csur Volume 51, Issue 4

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Cyber-physical systems
industrial control systems
metrics
Qualifiers
- survey
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 291
  Total Citations
  View Citations
- 5,774
  Total Downloads
- Downloads (Last 12 months)960
- Downloads (Last 6 weeks)113
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

A Survey of Physics-Based Attack Detection in Cyber-Physical Systems

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

A hybrid behavior- and Bayesian network-based framework for cyber–physical anomaly detection

Adaptive window-based sensor attack detection for cyber-physical systems

Adversarial attacks and mitigation for anomaly detectors of cyber-physical systems