楼宇自动化系统中基于域的攻击模型

2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA) Pub Date : 2019-09-01 DOI:10.1109/ETFA.2019.8869477

Caezarina Marie Calimbahin, S. Pancho-Festin, J. Pedrasa

{"title":"楼宇自动化系统中基于域的攻击模型","authors":"Caezarina Marie Calimbahin, S. Pancho-Festin, J. Pedrasa","doi":"10.1109/ETFA.2019.8869477","DOIUrl":null,"url":null,"abstract":"Ensuring data integrity is one of the critical needs in cyber-physical systems (CPS). An integrity breach in a CPS can drive the underlying controlled physical process into undesired operating conditions. To evaluate CPS security against malicious entities, attacker models are often employed. In this work, our objective is to incorporate domain-knowledge in modeling attacks in building automation systems (BAS). Specifically, we modify the general sensor integrity attack model based on targeted attacks. We use the model to formulate different attacker types, including a powerful attacker who becomes stealthier as the number of captured node increases. We simulate the attacks by injecting corruption on real-world data obtained from a retrofitted BAS testbed for air conditioning (AC) control. Results show that the vulnerabilities of an underlying system can be explored by leveraging on domain-based attack testing.","PeriodicalId":6682,"journal":{"name":"2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)","volume":"370 1","pages":"1752-1758"},"PeriodicalIF":0.0000,"publicationDate":"2019-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Domain-based Attack Models in Building Automation Systems\",\"authors\":\"Caezarina Marie Calimbahin, S. Pancho-Festin, J. Pedrasa\",\"doi\":\"10.1109/ETFA.2019.8869477\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Ensuring data integrity is one of the critical needs in cyber-physical systems (CPS). An integrity breach in a CPS can drive the underlying controlled physical process into undesired operating conditions. To evaluate CPS security against malicious entities, attacker models are often employed. In this work, our objective is to incorporate domain-knowledge in modeling attacks in building automation systems (BAS). Specifically, we modify the general sensor integrity attack model based on targeted attacks. We use the model to formulate different attacker types, including a powerful attacker who becomes stealthier as the number of captured node increases. We simulate the attacks by injecting corruption on real-world data obtained from a retrofitted BAS testbed for air conditioning (AC) control. Results show that the vulnerabilities of an underlying system can be explored by leveraging on domain-based attack testing.\",\"PeriodicalId\":6682,\"journal\":{\"name\":\"2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)\",\"volume\":\"370 1\",\"pages\":\"1752-1758\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ETFA.2019.8869477\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ETFA.2019.8869477","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

确保数据完整性是网络物理系统(CPS)的关键需求之一。CPS中的完整性破坏可能会导致底层受控物理过程进入不期望的操作条件。为了评估CPS对恶意实体的安全性，通常使用攻击者模型。在这项工作中，我们的目标是将领域知识整合到建筑自动化系统(BAS)中的建模攻击中。具体来说，我们基于目标攻击对一般传感器完整性攻击模型进行了改进。我们使用该模型来制定不同的攻击者类型，包括一个强大的攻击者，随着捕获节点数量的增加而变得更加隐蔽。我们通过对从空调(AC)控制的改装BAS试验台获得的真实数据注入损坏来模拟攻击。结果表明，可以利用基于域的攻击测试来探索底层系统的漏洞。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Domain-based Attack Models in Building Automation Systems

Ensuring data integrity is one of the critical needs in cyber-physical systems (CPS). An integrity breach in a CPS can drive the underlying controlled physical process into undesired operating conditions. To evaluate CPS security against malicious entities, attacker models are often employed. In this work, our objective is to incorporate domain-knowledge in modeling attacks in building automation systems (BAS). Specifically, we modify the general sensor integrity attack model based on targeted attacks. We use the model to formulate different attacker types, including a powerful attacker who becomes stealthier as the number of captured node increases. We simulate the attacks by injecting corruption on real-world data obtained from a retrofitted BAS testbed for air conditioning (AC) control. Results show that the vulnerabilities of an underlying system can be explored by leveraging on domain-based attack testing.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)

自引率

0.00%

发文量