Abstract
Monitoring the “physics” of cyber-physical systems to detect attacks is a growing area of research. In its basic form, a security monitor creates time-series models of sensor readings for an industrial control system and identifies anomalies in these measurements to identify potentially false control commands or false sensor readings. In this article, we review previous work on physics-based anomaly detection based on a unified taxonomy that allows us to identify limitations and unexplored challenges and to propose new solutions.
- Muhammad Qasim Ali and Ehab Al-Shaer. 2013. Configuration-based IDS for advanced metering infrastructure. In Proceedings of the Conference on Computer 8 Communications Security (CCS’13). 451--462. Google ScholarDigital Library
- Riham Al Tawy and Amr M. Youssef. 2016. Security tradeoffs in cyber physical systems: A case study survey on implantable medical devices. IEEE Access 4 (2016), 959--979.Google ScholarCross Ref
- Saurabh Amin, Xavier Litrico, Shankar Sastry, and Alexandre M. Bayen. 2013. Cyber security of water SCADA systems--part I: analysis and experimentation of stealthy deception attacks. IEEE Trans. Control Syst. Technol. 21, 5 (2013), 1963--1970.Google ScholarCross Ref
- Saurabh Amin, Xavier Litrico, S. Shankar Sastry, and Alexandre M. Bayen. 2013. Cyber security of water SCADA systems--part II: Attack detection using enhanced hydrodynamic models. IEEE Trans. Control Syst. Technol. 21, 5 (2013), 1679--1693.Google ScholarCross Ref
- Karl Johan Åström and Peter Eykhoff. 1971. System identification: A survey. Automatica 7, 2 (1971), 123--162. Google ScholarDigital Library
- Stefan Axelsson. 2000. The base-rate fallacy and the difficulty of intrusion detection. ACM Trans. Info. Syst. Secur. 3, 3 (2000), 186--205. Google ScholarDigital Library
- Cheng-zong Bai and Vijay Gupta. 2014. On Kalman filtering in the presence of a compromised sensor: Fundamental performance bounds. In Proceedings of American Control Conference. 3029--3034.Google Scholar
- Cheng-zong Bai, Fabio Pasqualetti, and Vijay Gupta. 2015. Security in stochastic control systems: Fundamental limitations and performance bounds. In Proceedings of American Control Conference.Google Scholar
- Robin Berthier and William H. Sanders. 2011. Specification-based intrusion detection for advanced metering infrastructures. In Proceedings of the Pacific Rim International Symposium on Dependable Computing (PRDC’11). IEEE, 184--193. Google ScholarDigital Library
- Rakesh B. Bobba, Katherine M. Rogers, Qiyan Wang, Himanshu Khurana, Klara Nahrstedt, and Thomas J. Overbye. 2010. Detecting false data injection attacks on DC state estimation. In Proceedings of Workshop on Secure Control Systems, Vol. 2010.Google Scholar
- Paul Brooks. 2001. EtherNet/IP: Industrial Protocol White Paper. Technical Report. Rockwell Automation.Google Scholar
- Andrea Carcano, Alessio Coletta, Michele Guglielmi, Marcelo Masera, Igor Nai Fovino, and Alberto Trombetta. 2011. A multidimensional critical state analysis for detecting intrusions in SCADA systems. IEEE Trans. Industr. Info. 7, 2 (2011), 179--186.Google ScholarCross Ref
- Alvaro A. Cardenas, Saurabh Amin, Zong-Syun Lin, Yu-Lun Huang, Chi-Yen Huang, and Shankar Sastry. 2011. Attacks against process control systems: Risk assessment, detection, and response. In Proceedings of the ACM Symposium on Information, Computer and Communications Security. 355--366. Google ScholarDigital Library
- Alvaro A. Cárdenas, John S. Baras, and Karl Seamon. 2006. A framework for the evaluation of intrusion detection systems. In Proceedings of Symposium on Security and Privacy. IEEE, 15--pp.Google ScholarDigital Library
- Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, Tadayoshi Kohno et al. 2011. Comprehensive experimental analyses of automotive attack surfaces. In Proceedings of the USENIX Security Symposium. Google ScholarDigital Library
- Steven Cheung, Bruno Dutertre, Martin Fong, Ulf Lindqvist, Keith Skinner, and Alfonso Valdes. 2007. Using model-based intrusion detection for SCADA networks. In Proceedings of the SCADA Security Scientific Symposium, Vol. 46. 1--12.Google Scholar
- Michelle S. Chong, Masashi Wakaiki, and Joao P. Hespanha. 2015. Observability of linear systems under adversarial attacks. In Proceedings of the American Control Conference (ACC’15). IEEE, 2439--2444.Google Scholar
- Luis F. Cómbita, Jairo Giraldo, Alvaro A. Cárdenas, and Nicanor Quijano. 2015. Response and reconfiguration of cyber-physical control systems: A survey. In Proceedings of the IEEE 2nd Colombian Conference on Automatic Control (CCAC’15). IEEE, 1--6.Google ScholarCross Ref
- Valentina Conotter, James F. O’Brien, and Hany Farid. 2012. Exposing digital forgeries in ballistic motion. IEEE Trans. Info. Forensics Secur. 7, 1 (2012), 283--296. Google ScholarDigital Library
- Shuguang Cui, Zhu Han, Soummya Kar, Tung T. Kim, H. Vincent Poor, and Ali Tajer. 2012. Coordinated data-injection attack and detection in the smart grid: A detailed look at enriching detection solutions. IEEE Signal Process. Mag. 29, 5 (2012), 106--115.Google ScholarCross Ref
- György Dán and Henrik Sandberg. 2010. Stealth attacks and protection schemes for state estimators in power systems. In Proceedings of IEEE Smart Grid Commnunications Conference (SmartGridComm’10).Google ScholarCross Ref
- Katherine R. Davis, Kate L. Morrow, Rakesh Bobba, and Erich Heine. 2012. Power flow cyber attacks and perturbation-based defense. In Proceedings of Conference on Smart Grid Communications (SmartGridComm’12). IEEE, 342--347.Google ScholarCross Ref
- Van Long Do, Lionel Fillatre, and Igor Nikiforov. 2014. A statistical method for detecting cyber/physical attacks on SCADA systems. In Proceedings of Conference on Control Applications (CCA’14). IEEE, 364--369.Google ScholarCross Ref
- Emeka Eyisi and Xenofon Koutsoukos. 2014. Energy-based attack detection in networked control systems. In Proceedings of the Conference on High Confidence Networked Systems (HiCoNS’14). ACM, New York, NY, 115--124. Retrieved from Google ScholarDigital Library
- Nicolas Falliere, Liam O. Murchu, and Eric Chien. 2011. W32. stuxnet dossier. White paper, Symantec Corp., Security Response.Google Scholar
- Piotr Gaj, Jürgen Jasperneite, and Max Felser. 2013. Computer communication within industrial distributed environment--a survey. IEEE Trans. Industr. Info. 9, 1 (2013), 182--189.Google ScholarCross Ref
- Ryan M. Gerdes, Chris Winstead, and Kevin Heaslip. 2013. CPS: An efficiency-motivated attack against autonomous vehicular transportation. In Proceedings of the Annual Computer Security Applications Conference (ACSAC’13). ACM, 99--108. Google ScholarDigital Library
- J. J. Gertler. 1988. Survey of model-based failure detection and isolation in complex plants. IEEE Control Syst. Mag. 8, 6 (1988), 3--11.Google ScholarCross Ref
- Annarita Giani, Eilyan Bitar, Manuel Garcia, Miles McQueen, Pramod Khargonekar, and Kameshwar Poolla. 2011. Smart grid data integrity attacks: characterizations and countermeasures π. In Proceedings of Conference on Smart Grid Communications (SmartGridComm’11). IEEE, 232--237.Google Scholar
- Dina Hadžiosmanović, Lorenzo Simionato, Damiano Bolzoni, Emmanuele Zambon, and Sandro Etalle. 2012. N-gram against the machine: On the feasibility of the n-gram network analysis for binary protocols. In Research in Attacks, Intrusions, and Defenses. Springer, 354--373. Google ScholarDigital Library
- Dina Hadžiosmanović, Robin Sommer, Emmanuele Zambon, and Pieter H. Hartel. 2014. Through the eye of the PLC: semantic security monitoring for industrial processes. In Proceedings of the Annual Computer Security Applications Conference (ACSAC’14). ACM, 126--135. Google ScholarDigital Library
- S. Han, M. Xie, H. H. Chen, and Y. Ling. 2014. Intrusion Detection in Cyber-Physical Systems: Techniques and Challenges. IEEE Syst. J. 8, 4 (Dec. 2014), 1052--1062.Google Scholar
- Hongmei He, Carsten Maple, Tim Watson, Ashutosh Tiwari, Jörn Mehnen, Yaochu Jin, and Bogdan Gabrys. 2016. The security challenges in the IoT enabled cyber-physical systems and opportunities for evolutionary computing 8 other computational intelligence. In Proceedings of the IEEE Congress on Evolutionary Computation (CEC’16). IEEE, 1015--1021.Google ScholarDigital Library
- Haibo He and Jun Yan. 2016. Cyber-physical attacks and defences in the smart grid: a survey. IET Cyber-Phys. Syst.: Theory Appl. 1, 1 (2016), 13--27.Google ScholarCross Ref
- Xiali Hei, Xiaojiang Du, Shan Lin, and Insup Lee. 2013. PIPAC: Patient infusion pattern based access control scheme for wireless insulin pump system. In Proceedings of INFOCOM. IEEE, 3030--3038.Google ScholarCross Ref
- Nathan Henry, Nathanael Paul, and Nicole McFarlane. 2013. Using bowel sounds to create a forensically aware insulin pump system. In Proceedings of Workshop on Health Information Technologies. Google ScholarDigital Library
- Baik Hoh, Marco Gruteser, Ryan Herring, Jeff Ban, Daniel Work, Juan-Carlos Herrera, Alexandre M. Bayen, Murali Annavaram, and Quinn Jacobson. 2008. Virtual trip lines for distributed privacy-preserving traffic monitoring. In Proceedings of the Conference on Mobile Systems, Applications, and Services. ACM, 15--28. Google ScholarDigital Library
- Fangyuan Hou, Zhonghua Pang, Yuguo Zhou, and Dehui Sun. 2015. False data injection attacks for a class of output tracking control systems. In Proceedings of Chinese Control and Decision Conference. 3319--3323.Google ScholarCross Ref
- J. How. 2015. Cyberphysical security in networked control systems {about this issue}. IEEE Control Syst. 35, 1 (Feb. 2015), 8--12. Retrieved fromGoogle Scholar
- Abdulmalik Humayed, Jingqiang Lin, Fengjun Li, and Bo Luo. 2017. Cyber-physical systems security—A survey. arXiv preprint arXiv:1701.04525 (2017).Google Scholar
- Inseok Hwang, Sungwan Kim, Youdan Kim, and Chze Eng Seah. 2010. A survey of fault detection, isolation, and reconfiguration methods. IEEE Trans. Control Syst. Technol. 18, 3 (2010), 636--653.Google ScholarCross Ref
- Rob Millerb Ishtiaq Roufa, Hossen Mustafaa, Sangho Ohb Travis Taylora, Wenyuan Xua, Marco Gruteserb, Wade Trappeb, and Ivan Seskarb. 2010. Security and privacy vulnerabilities of in-car wireless networks: A tire pressure monitoring system case study. In Proceedings of USENIX Security Symposium. 11--13. Google ScholarDigital Library
- Marek Jawurek, Florian Kerschbaum, and George Danezis. 2012. Privacy Technologies for Smart Grids—A Survey of Options. Technical Report MSR-TR-2012-119. Retrieved from http://research.microsoft.com/apps/pubs/default.aspx?id=178055.Google Scholar
- K. H. Johansson. 2000. The quadruple-tank process: A multivariable laboratory process with an adjustable zero. IEEE Trans. Control Syst. Technol. 8, 3 (May 2000), 456--465. Retrieved fromGoogle ScholarCross Ref
- Andrew J. Kerns, Daniel P. Shepard, Jahshan A. Bhatti, and Todd E. Humphreys. 2014. Unmanned aircraft capture and control via GPS spoofing. J. Field Robot. 31, 4 (2014), 617--636. Google ScholarDigital Library
- Tùng T. Kim and H. Vincent Poor. 2011. Strategic protection against data injection attacks on power grids. IEEE Trans. Smart Grid 2, 2 (2011), 326--333.Google ScholarCross Ref
- Istvan Kiss, Bela Genge, and Piroska Haller. 2015. A clustering-based approach to detect cyber attacks in process control systems. In Proceedings of Conference on Industrial Informatics (INDIN’15). IEEE, 142--148.Google ScholarCross Ref
- Nikos Komninos, Eleni Philippou, and Andreas Pitsillides. 2014. Survey in smart grid and smart home security: Issues, challenges and countermeasures. IEEE Commun. Surveys Tutor. 16, 4 (2014), 1933--1954.Google ScholarCross Ref
- Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham et al. 2010. Experimental security analysis of a modern automobile. In Proceedings of the IEEE Symposium on Security and Privacy (SP’10). IEEE, 447--462. Google ScholarDigital Library
- Oliver Kosut, Liyan Jia, Robert Thomas, and Lang Tong. 2010. Malicious Data Attacks on Smart Grid State Estimation: Attack Strategies and Countermeasures. In Proceedings of IEEE Smart Grid Commnunications Conference (SmartGridComm’10).Google ScholarCross Ref
- Georgia Koutsandria, Vishak Muthukumar, Masood Parvania, Sean Peisert, Chuck McParland, and Anna Scaglione. 2014. A Hybrid Network IDS for Protective Digital Relays in the Power Transmission Grid. In Proceedings of Conference on Smart Grid Communications (SmartGridComm’14).Google ScholarCross Ref
- Marina Krotofil, Jason Larsen, and Dieter Gollmann. 2015. The process matters: Ensuring data veracity in cyber-physical systems. In Proceedings of the ACM Symposium on Information, Computer and Communications Security (ACSAC’15). ACM, 133--144. Google ScholarDigital Library
- Cheolhyeon Kwon, Weiyi Liu, and Inseok Hwang. 2013. Security analysis for cyber-physical systems against stealthy deception attacks. In Proceedings of American Control Conference. 3344--3349.Google Scholar
- Ralph Langner. 2011. Stuxnet: Dissecting a cyberwarfare weapon. IEEE Secur. Privacy 9, 3 (2011), 49--51. Google ScholarDigital Library
- Michael LeMay and Carl A. Gunter. 2012. Cumulative attestation kernels for embedded systems. IEEE Trans. Smart Grid 3, 2 (2012), 744--760.Google ScholarCross Ref
- Jingwen Liang, Oliver Kosut, and Lalitha Sankar. 2014. Cyber attacks on AC state estimation: Unobservability and physical consequences. In Proceedings of PES General Meeting. 1--5. Retrieved fromGoogle ScholarCross Ref
- Hui Lin, Adam Slagell, Catello Di Martino, Zbigniew Kalbarczyk, and Ravishankar K. Iyer. 2013. Adapting Bro into SCADA: Building a specification-based intrusion detection system for the DNP3 protocol. In Proceedings of the 8th Annual Cyber Security and Information Intelligence Research Workshop. ACM, 5. Google ScholarDigital Library
- Hui Lin, Adam Slagell, Zbigniew Kalbarczyk, Peter W. Sauer, and Ravishankar K. Iyer. 2013. Semantic security analysis of SCADA networks to detect malicious control commands in power grids. In Proceedings of the ACM Workshop on Smart Energy Grid Security. ACM, 29--34. Google ScholarDigital Library
- Jing Liu, Yang Xiao, Shuhui Li, Wei Liang, and C. L. Philip Chen. 2012. Cyber security and privacy issues in smart grids. IEEE Commun. Surveys Tutor. 14, 4 (2012), 981--997.Google ScholarCross Ref
- Yao Liu, Peng Ning, and Michael K. Reiter. 2009. False data injection attacks against state estimation in electric power grids. In Proceedings of the conference on Computer and communications security (CCS’09). ACM, 21--32. Google ScholarDigital Library
- Yao Liu, Peng Ning, and Michael K. Reiter. 2011. False data injection attacks against state estimation in electric power grids. ACM Trans. Info. Syst. Secur. 14, 1 (2011), 13. Google ScholarDigital Library
- L. Ljung. 1996. The Control Handbook. CRC Press, Chapter System Identification, 1033--1054.Google Scholar
- Lennart Ljung (Ed.). 1999. System Identification (2nd Ed.): Theory for the User. Prentice Hall PTR, Upper Saddle River, NJ. Google ScholarDigital Library
- Yuriy Zacchia Lun, Alessandro D’Innocenzo, Ivano Malavolta, and Maria Domenica Di Benedetto. 2016. Cyber-physical systems security: A systematic mapping study. arXiv preprint arXiv:1605.09641 (2016).Google Scholar
- M. H. Cintuglu and O. A. Mohammed and K. Akkaya and A. S. Uluagac. 2017. A survey on smart grid cyber-physical system testbeds. IEEE Commun. Surveys Tutor. 19, 1 (2017), 446--464.Google ScholarDigital Library
- Daisuke Mashima and Alvaro Cárdenas. 2012. Evaluating electricity theft detectors in smart grid networks. In Research in Attacks, Intrusions, and Defenses. Springer, 210--229. Google ScholarDigital Library
- Stephen McLaughlin. 2013. CPS: Stateful policy enforcement for control system device usage. In Proceedings of the Annual Computer Security Applications Conference (ACSAC’13). ACM, New York, NY, USA, 109--118. Google ScholarDigital Library
- Stephen McLaughlin and Patrick McDaniel. 2012. SABOT: Specification-based payload generation for programmable logic controllers. In Proceedings of the Conference on Computer and Communications Security (CCS’12). ACM, 439--449. Google ScholarDigital Library
- Stephen McLaughlin, Saman Zonouz, Devin Pohly, and Patrick McDaniel. 2014. A trusted safety verifier for process controller code. In Proceedings of the ISOC Network and Distributed Systems Security Symposium (NDSS’14).Google ScholarCross Ref
- Fei Miao, Quanyan Zhu, Miroslav Pajic, and George J. Pappas. 2014. Coding sensor outputs for injection attacks detection. In Proceedings of Conference on Decision and Control. 5776--5781.Google Scholar
- Shaunak Mishra, Yasser Shoukry, Nikhil Karamchandani, Suhas N. Diggavi, and Paulo Tabuada. 2017. Secure state estimation against sensor attacks in the presence of noise. IEEE Trans. Control Netw. Syst. 4, 1 (2017), 49--59.Google ScholarCross Ref
- Robert Mitchell and Ing-Ray Chen. 2014. A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surv. 46, 4, Article 55 (Mar. 2014), 29 pages. Google ScholarDigital Library
- Sayan Mitra, Tichakorn Wongpiromsarn, and Richard M. Murray. 2013. Verifying cyber-physical interactions in safety-critical systems. IEEE Secur. Privacy 11, 4 (2013), 28--37. Google ScholarDigital Library
- Yilin Mo and Bruno Sinopoli. 2009. Secure control against replay attacks. In Proceedings of the Annual Allerton Conference on Communication, Control, and Computing (Allerton’09). IEEE, 911--918. Google ScholarDigital Library
- Yilin Mo, Sean Weerakkody, and Bruno Sinopoli. 2015. Physical authentication of control systems: Designing watermarked control inputs to detect counterfeit sensor outputs. IEEE Control Syst. 35, 1 (2015), 93--109.Google ScholarCross Ref
- Y. L. Mo, R. Chabukswar, and B. Sinopoli. 2014. Detecting integrity attacks on SCADA systems. IEEE Trans. Control Syst. Technol. 22, 4 (2014), 1396--1407.Google ScholarCross Ref
- Kate L. Morrow, Erich Heine, Katherine M. Rogers, Rakesh B. Bobba, and Thomas J. Overbye. 2012. Topology perturbation for detecting malicious data injection. In Proceedings of Conference on System Science (HICSS’12). IEEE, 2104--2113. Google ScholarDigital Library
- C. Murguia and J. Ruths. 2016. Characterization of a CUSUM model-based sensor attack detector. In Proceedings of the IEEE 55th Conference on Decision and Control (CDC’16). 1303--1309.Google Scholar
- O. Kocabas, T. Soyata, and M. K. Aktas. 2016. Emerging security mechanisms for medical cyber physical systems. IEEE/ACM Trans. Comput. Biol. Bioinformat. 13, 3 (May 2016), 401--416. Google ScholarDigital Library
- ODVA: The CIP Networks Library, Volume 2, “EtherNet/IP Adaptation of CIP”, Edition 1.11, April 2011. Accessed on July 15, 2017.Google Scholar
- Yao Pan, Jules White, Douglas C. Schmidt, Ahmad Elhabashy, Logan Sturm, Jaime Camelio, and Christopher Williams. 2017. Taxonomies for reasoning about cyber-physical attacks in IoT-based manufacturing systems. Int. J. Interact. Multimedia Artific. Intel. 4, Special Issue on Advances and Applications in the Internet of Things and Cloud Computing (2017).Google ScholarCross Ref
- M. Parvania, G. Koutsandria, V. Muthukumary, S. Peisert, C. McParland, and A. Scaglione. 2014. Hybrid control network intrusion detection systems for automated power distribution systems. In Proceedings of Conference on Dependable Systems and Networks (DSN’14). 774--779. Google ScholarDigital Library
- F. Pasqualetti, F. Dorfler, and F. Bullo. 2013. Attack detection and identification in cyber-physical systems. IEEE Trans. Auto. Control 58, 11 (Nov. 2013), 2715--2729.Google ScholarCross Ref
- Mohammad Ashiqur Rahman, Ehab Al-Shaer, Md Rahman et al. 2013. A formal model for verifying stealthy attacks on state estimation in power grids. In Proceedings of Conference on Smart Grid Communications (SmartGridComm’13). IEEE, 414--419.Google Scholar
- Ishtiaq Rouf, Hossen Mustafa, Miao Xu, Wenyuan Xu, Rob Miller, and Marco Gruteser. 2012. Neighborhood watch: Security and privacy analysis of automatic meter reading systems. In Proceedings of the conference on Computer and communications security (CCS’12). ACM, 462--473. Google ScholarDigital Library
- Michael Rushanan, Aviel D. Rubin, Denis Foo Kune, and Colleen M. Swanson. 2014. SoK: Security and privacy in implantable medical devices and body area networks. In Proceedings of Symposium on Security and Privacy (S8P’14). IEEE. Google ScholarDigital Library
- Michael Rushanan, Aviel D. Rubin, Denis Foo Kune, and Colleen M. Swanson. 2014. SoK: Security and privacy in implantable medical devices and body area networks. In Proceedings of the IEEE Symposium on Security and Privacy (SP’14). IEEE, 524--539. Google ScholarDigital Library
- Imran Sajjad, Daniel D. Dunn, Rajnikant Sharma, and Ryan Gerdes. 2015. Attack mitigation in adversarial platooning using detection-based sliding mode control. In Proceedings of the ACM Workshop on Cyber-Physical Systems-Security and/or Privacy (CPS-SPC’15). ACM, New York, NY, 43--53. Google ScholarDigital Library
- Imran Sajjad, Daniel D. Dunn, Rajnikant Sharma, and Ryan Gerdes. 2015. Attack mitigation in adversarial platooning using detection-based sliding mode control. In Proceedings of the Workshop on Cyber-Physical Systems-Security and/or Privacy (CPS-SPC’15). ACM, New York, NY, 43--53. Retrieved from Google ScholarDigital Library
- Henrik Sandberg, André Teixeira, and Karl H. Johansson. 2010. On security indices for state estimators in power networks. In Proceedings of the Workshop on Secure Control Systems.Google Scholar
- Reza Shokri, George Theodorakopoulos, J.-Y. Le Boudec, and J.-P. Hubaux. 2011. Quantifying location privacy. In Proceedings of Symposium on Security and Privacy (S8P’11). IEEE, 247--262. Google ScholarDigital Library
- Yasser Shoukry, Michelle Chong, Masashi Wakaiki, Pierluigi Nuzzo, Alberto L Sangiovanni-Vincentelli, Sanjit A. Seshia, Joao P. Hespanha, and Paulo Tabuada. 2016. SMT-based observer design for cyber-physical systems under sensor attacks. In Proceedings fo the ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS’16). IEEE, 1--10. Google ScholarDigital Library
- Yasser Shoukry, Paul Martin, Yair Yona, Suhas Diggavi, and Mani Srivastava. 2015. PyCRA: Physical challenge-response authentication for active sensors under spoofing attacks. In Proceedings of the Conference on Computer and Communications Security (CCS’15). ACM, New York, NY, 1004--1015. Google ScholarDigital Library
- Roy Smith. 2011. A decoupled feedback structure for covertly appropriating networked control systems. In Proceedings of World Congress, Vol. 18. 90--95.Google ScholarCross Ref
- R. S. Smith. 2015. Covert misappropriation of networked control systems: Presenting a feedback structure. IEEE Control Syst. 35, 1 (Feb. 2015), 82--92.Google Scholar
- Eduardo D. Sontag. 1998. Mathematical Control Theory: Deterministic Finite Dimensional Systems. Vol. 6. Springer. Google ScholarDigital Library
- Siddharth Sridhar and Manimaran Govindarasu. 2014. Model-based attack detection and mitigation for automatic generation control. IEEE Trans. Smart Grid 5, 2 (2014), 580--591.Google ScholarCross Ref
- Rui Tan, Varun Badrinath Krishna, David K. Y. Yau, and Zbigniew Kalbarczyk. 2013. Impact of integrity attacks on real-time pricing in smart grids. In Proceedings of the Conference on Computer 8 Communications Security (CCS’13). ACM, 439--450. Google ScholarDigital Library
- S. Tan, D. De, W. Z. Song, J. Yang, and S. K. Das. 2017. Survey of security advances in smart grid: A data driven approach. IEEE Commun. Surveys Tutor. 19, 1 (Firstquarter 2017), 397--422.Google ScholarDigital Library
- André Teixeira, Saurabh Amin, Henrik Sandberg, Karl Henrik Johansson, and Shankar S. Sastry. 2010. Cyber security analysis of state estimators in electric power systems. In Proceedings of Conference on Decision and Control (CDC’10). IEEE, 5991--5998.Google Scholar
- André Teixeira, György Dán, Henrik Sandberg, and Karl Henrik Johansson. 2011. A cyber security study of a SCADA energy management system: Stealthy deception attacks on the state estimator. In Proceedings of World Congress, Vol. 18. 11271--11277.Google ScholarCross Ref
- André Teixeira, Daniel Pérez, Henrik Sandberg, and Karl Henrik Johansson. 2012. Attack models and scenarios for networked control systems. In Proceedings of the conference on High Confidence Networked Systems. ACM, 55--64. Google ScholarDigital Library
- André Teixeira, Iman Shames, Henrik Sandberg, and Karl Henrik Johansson. 2012. Revealing stealthy attacks in control systems. In Proceedings of the Annual Allerton Conference on Communication, Control, and Computing (Allerton’12). IEEE, 1806--1813.Google ScholarCross Ref
- David Urbina, Jairo Giraldo, Nils Ole Tippenhauer, and Alvaro Cárdenas. 2016. Attacking fieldbus communications in ICS: Applications to the SWaT testbed. In Proceedings of Singapore Cyber Security R8D Conference (SG-CRC’16), Vol. 14. 75--89.Google Scholar
- David I. Urbina, Jairo A. Giraldo, Alvaro A. Cardenas, Nils Ole Tippenhauer, Junia Valente, Mustafa Faisal, Justin Ruths, Richard Candell, and Henrik Sandberg. 2016. Limiting the impact of stealthy attacks on industrial control systems. In Proceedings of the Conference on Computer and Communications Security (CCS’16). ACM, 1092--1105. Google ScholarDigital Library
- Junia Valente and Alvaro A. Cardenas. 2015. Using visual challenges to verify the integrity of security cameras. In Proceedings of the Annual Computer Security Applications Conference (ACSAC’15). ACM. Google ScholarDigital Library
- Junia Valente and Alvaro A. Cardenas. 2017. Remote proofs of video freshness for public spaces. In Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy (CPS’17). ACM, New York, NY, 111--122. Google ScholarDigital Library
- Ognjen Vuković and György Dán. 2013. On the security of distributed power system state estimation under targeted attacks. In Proceedings of the Annual ACM Symposium on Applied Computing (ACSAC’13). ACM, 666--672. Google ScholarDigital Library
- Dong Wang, Zidong Wang, Bo Shen, Fuad E. Alsaadi, and Tasawar Hayat. 2016. Recent advances on filtering and control for cyber-physical systems under security and resource constraints. J. Franklin Inst. 353, 11 (2016), 2451--2466.Google ScholarCross Ref
- Gang Wang, Bolun Wang, Tianyi Wang, Ana Nika, Haitao Zheng, and Ben Y. Zhao. 2016. Defending against Sybil devices in crowdsourced mapping services. In Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services. ACM, 179--191. Google ScholarDigital Library
- Yong Wang, Zhaoyan Xu, Jialong Zhang, Lei Xu, Haopei Wang, and Guofei Gu. 2014. SRID: State relation based intrusion detection for false data injection attacks in SCADA. In Proceedings of European Symposium on Research in Computer Security (ESORICS’14). Springer, 401--418. Google ScholarDigital Library
- Greg Welch and Gary Bishop. 1995. An introduction to the Kalman filter.Google Scholar
- Lee J. Wells, Jaime A. Camelio, Christopher B. Williams, and Jules White. 2014. Cyber-physical security challenges in manufacturing systems. Manufact. Lett. 2, 2 (2014), 74--77.Google ScholarCross Ref
- Theodore J. Williams. 1994. The purdue enterprise reference architecture. Comput. Industry 24, 2 (1994), 141--158. Google ScholarDigital Library
- Alan S. Willsky. 1976. A survey of design methods for failure detection in dynamic systems. Automatica 12, 6 (1976), 601--611. Google ScholarDigital Library
- Wireshark Network Protocol Analyzer. 2016. Retrieved from https://www.wireshark.org/.Google Scholar
- xnetfilterq. 2015. Python bindings for libnetfilter_queue. Retrieved from https://github.com/fqrouter/python-netfilterqueue.Google Scholar
- xpython. 2015. Python language. Version 2.7.10. Retrieved from https://docs.python.org/2/.Google Scholar
- xscapy. 2015. Scapy packet manipulation program. Version 2.3.1. Retrieved from http://www.secdev.org/projects/scapy/doc/.Google Scholar
- S. Z. Yong, M. Q. Foo, and E. Frazzoli. 2016. Robust and resilient estimation for cyber-physical systems under adversarial attacks. In Proceedings of the American Control Conference (ACC’16). 308--315.Google Scholar
- Steven Eric Zeltmann, Nikhil Gupta, Nektarios Georgios Tsoutsos, Michail Maniatakos, Jeyavijayan Rajendran, and Ramesh Karri. 2016. Manufacturing and security challenges in 3D printing. J. Miner. Metals Mater. 68, 7 (2016), 1872--1881.Google ScholarCross Ref
Index Terms
- A Survey of Physics-Based Attack Detection in Cyber-Physical Systems
Recommendations
A hybrid behavior- and Bayesian network-based framework for cyber–physical anomaly detection
AbstractIn recent years, the increasing Internet connectivity and heterogeneity of industrial protocols have been raising the number and nature of cyber-attacks against Industrial Control Systems (ICS). Such cyber-attacks may lead to cyber anomalies and ...
Highlights- Hybrid behavior- and Bayesian network-based cyber–physical anomaly detection.
- Hybrid anomaly detection framework based on both cyber and physical data from ICS.
- Identification of cyber, physical and cyber–physical anomalies in ICS.
Adaptive window-based sensor attack detection for cyber-physical systems
DAC '22: Proceedings of the 59th ACM/IEEE Design Automation ConferenceSensor attacks alter sensor readings and spoof Cyber-Physical Systems (CPS) to perform dangerous actions. Existing detection works tend to minimize the detection delay and false alarms at the same time, while there is a clear trade-off between the two ...
Adversarial attacks and mitigation for anomaly detectors of cyber-physical systems
Highlights- Successfully evaded RNN-based anomaly detectors in real-world CPSs using a gradient-based adversarial attack.
AbstractThe threats faced by cyber-physical systems (CPSs) in critical infrastructure have motivated research into a multitude of attack detection mechanisms, including anomaly detectors based on neural network models. The effectiveness of ...
Comments