Multistage Downstream Attack Detection in a Cyber Physical System

Qadeer, Rizwan; Murguia, Carlos; Ahmed, Chuadhry Mujeeb; Ruths, Justin

Reference : Multistage Downstream Attack Detection in a Cyber Physical System


	Document type :	Scientific congresses, symposiums and conference proceedings : Paper published in a book
	Discipline(s) :	Engineering, computing & technology : Computer science
	Focus Areas :	Security, Reliability and Trust
	To cite this reference:	http://hdl.handle.net/10993/35400

Title :	Multistage Downstream Attack Detection in a Cyber Physical System
Language :	English
Author, co-author :	Qadeer, Rizwan [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > >]
	Murguia, Carlos [University of Melbourne]
	Ahmed, Chuadhry Mujeeb [Singapore University of Technology and Design]
	Ruths, Justin [The University of Texas at Dallas]
Publication date :	Sep-2017
Main document title :	3rd Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems In Conjunction With ESORICS 2017
Publisher :	Springer
Peer reviewed :	Yes
On invitation :	No
Audience :	International
ISBN :	978-3-319-72817-9
Event name :	3rd Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems In Conjunction With ESORICS 2017
Event date :	15-09-2017 to 20-09-2017
Event place (city) :	Oslo
Event country :	Norway
Keywords :	[en] CPS Security, Critical Infrastructure Security ; ICS Security ; Water Treatment Systems
Abstract :	[en] We present a detection scheme for attacks on a Cyber-Physical System (CPS) in which we leverage the connectivity of a multistage process to detect attacks downstream from the point of attack. Our methods form a control theoretic approach to CPS security by characterizing a real water treatment facility with a mathematical model; obtaining a residual (error) signal from sensor measurements and sensor measurement estimates; and finally using Cumulative Sum (CUSUM) and Bad-Data detection methods to detect the presence of a sensor attack. In particular, the attacks are designed so that they do not raise alarms on the detectors in the same stage where the attack takes place, requiring detection to take place on a separate part of the system. Proposed scheme is implemented on a real world water treatment facility. Extensive experiments are carried out and results show the significance of the proposed scheme.
Permalink :	http://hdl.handle.net/10993/35400

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Open access	paper_13.pdf		Publisher postprint	3.31 MB	View/Open

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices