{"title":"Defense-in-depth against insider attacks in cyber-physical systems","authors":"Xirong Ning, Jin Jiang","doi":"10.1016/j.iotcps.2022.12.001","DOIUrl":null,"url":null,"abstract":"<div><p>In a cyber-physical system (CPS) built on Internet-of-things (IoT) technologies, whenever measurement and control signals are transferred over communication networks across cyber and physical systems, it potentially becomes a target for adversaries. The problem becomes especially serious if the adversaries are insiders. A single layer of defense may not be strong enough in such a case, as it is difficult to assess the extent of knowledge that the inside attackers may have known about the physical and cyber system configurations, communication networks/protocols, and their respective vulnerabilities. Hence, it is paramount to have a reliable and fail-safe defense-in-depth architecture to fence off would-be-attackers. In this paper, a multi-layer defense-in-depth approach has been developed. For an inside attacker with legitimate access, the first line of defense, such as access control, may have already been compromised. Given this fact, the focus of the current paper has been on detection and mitigation. Both data-driven and model-based techniques are considered to catch stealthy attacks and stop them in their tracks. Effective mitigation techniques can then be deployed to minimize the adverse effects. To demonstrate this design philosophy and validate the effectiveness of the developed methodologies, a lab-scale cyber-physical system platform based on industry-grade communication networks and physical sensors has been used for validation.</p></div>","PeriodicalId":100724,"journal":{"name":"Internet of Things and Cyber-Physical Systems","volume":"2 ","pages":"Pages 203-211"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S266734522200027X/pdfft?md5=fb3ebb68af90fd90774bf8956beede7a&pid=1-s2.0-S266734522200027X-main.pdf","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet of Things and Cyber-Physical Systems","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S266734522200027X","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
In a cyber-physical system (CPS) built on Internet-of-things (IoT) technologies, whenever measurement and control signals are transferred over communication networks across cyber and physical systems, it potentially becomes a target for adversaries. The problem becomes especially serious if the adversaries are insiders. A single layer of defense may not be strong enough in such a case, as it is difficult to assess the extent of knowledge that the inside attackers may have known about the physical and cyber system configurations, communication networks/protocols, and their respective vulnerabilities. Hence, it is paramount to have a reliable and fail-safe defense-in-depth architecture to fence off would-be-attackers. In this paper, a multi-layer defense-in-depth approach has been developed. For an inside attacker with legitimate access, the first line of defense, such as access control, may have already been compromised. Given this fact, the focus of the current paper has been on detection and mitigation. Both data-driven and model-based techniques are considered to catch stealthy attacks and stop them in their tracks. Effective mitigation techniques can then be deployed to minimize the adverse effects. To demonstrate this design philosophy and validate the effectiveness of the developed methodologies, a lab-scale cyber-physical system platform based on industry-grade communication networks and physical sensors has been used for validation.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
