Intrusion-Damage Assessment and Mitigation in Cyber-Physical Systems for Control Applications

Rouhollah Mahfouzi, A. Aminifar, P. Eles, Zebo Peng, M. Villani
{"title":"Intrusion-Damage Assessment and Mitigation in Cyber-Physical Systems for Control Applications","authors":"Rouhollah Mahfouzi, A. Aminifar, P. Eles, Zebo Peng, M. Villani","doi":"10.1145/2997465.2997478","DOIUrl":null,"url":null,"abstract":"With cyber-physical systems opening to the outside world, security can no longer be considered a secondary issue. One of the key aspects in security of cyber-phyiscal systems is to deal with intrusions. In this paper, we highlight the several unique properties of control applications in cyber-physical systems. Using these unique properties, we propose a systematic intrusion-damage assessment and mitigation mechanism for the class of observable and controllable attacks. On the one hand, in cyber-physical systems, the plants follow certain laws of physics and this can be utilized to address the intrusion-damage assessment problem. That is, the states of the controlled plant should follow those expected according to the physics of the system and any major discrepancy is potentially an indication of intrusion. Here, we use a machine learning algorithm to capture the normal behavior of the system according to its dynamics. On the other hand, the control performance strongly depends on the amount of allocated resources and this can be used to address the intrusion-damage mitigation problem. That is, the intrusion-damage mitigation is based on the idea of allocating more resources to the control application under attack. This is done using a feedback-based approach including a convex optimization.","PeriodicalId":245345,"journal":{"name":"Proceedings of the 24th International Conference on Real-Time Networks and Systems","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-10-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 24th International Conference on Real-Time Networks and Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2997465.2997478","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4

Abstract

With cyber-physical systems opening to the outside world, security can no longer be considered a secondary issue. One of the key aspects in security of cyber-phyiscal systems is to deal with intrusions. In this paper, we highlight the several unique properties of control applications in cyber-physical systems. Using these unique properties, we propose a systematic intrusion-damage assessment and mitigation mechanism for the class of observable and controllable attacks. On the one hand, in cyber-physical systems, the plants follow certain laws of physics and this can be utilized to address the intrusion-damage assessment problem. That is, the states of the controlled plant should follow those expected according to the physics of the system and any major discrepancy is potentially an indication of intrusion. Here, we use a machine learning algorithm to capture the normal behavior of the system according to its dynamics. On the other hand, the control performance strongly depends on the amount of allocated resources and this can be used to address the intrusion-damage mitigation problem. That is, the intrusion-damage mitigation is based on the idea of allocating more resources to the control application under attack. This is done using a feedback-based approach including a convex optimization.
用于控制应用的网络物理系统中的入侵损害评估和缓解
随着网络物理系统对外开放,安全不再是次要问题。处理入侵是网络物理系统安全的关键问题之一。在本文中,我们强调了控制应用在网络物理系统中的几个独特的性质。利用这些独特的性质,我们提出了一种针对可观察和可控攻击的系统入侵损害评估和缓解机制。一方面,在网络物理系统中,植物遵循一定的物理规律,这可以用来解决入侵损害评估问题。也就是说,被控设备的状态应该遵循系统物理特性所期望的状态,任何重大差异都可能是入侵的迹象。在这里,我们使用机器学习算法来根据其动态捕获系统的正常行为。另一方面,控制性能强烈依赖于分配资源的数量,这可以用于解决入侵损害缓解问题。也就是说,入侵损害缓解是基于将更多资源分配给受攻击的控制应用程序的思想。这是使用基于反馈的方法完成的,包括一个凸优化。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信