Abstract
Nowadays, the development of cloud computing has given power to the resource-constrained network control system (NCS) to out-source heavy computations to the cloud server. However, the development of Cloud Computing produced many security challenges regarding the cyber-physical connection between the cloud and control system. The connection between the control system and cloud server can be subjected to distributed denial of service (DDoS) attack by an attacker to destabilize the NCS. In this paper, we will address this issue by building a secure mechanism for such systems. We will design a detection approach and a mitigation approach for better stable performance of NCS. To ensure the stability of NCS at the time of DDoS attack, we will also design a switching mechanism (SM) for cloud control system (CCS) when there are no more real time solutions available from the cloud. Finally, we will apply the proposed mechanism to an unmanned arial vehicle (UAV). Our simulation results show that the mechanism works well in stability and protection of NCS under DDoS attack.
Similar content being viewed by others
References
Y. Xia. Cloud control system. IEEE/CAA of Journal of Automatica Sinica, 2015, 2(2): 134–142.
Y. Xia, M. Y. Fu, G. P. Liu. Analysis and Synthesis of Networked Control Systems. Berlin: Springer, 2011.
Z. Xu, Q. Zhu. Secure and resilient control design for cloudenabled networked control systems. Proceedings of the 1st ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy, Denver: ACM, 2015: 31–42
L. Turnbull, B. Samanta. Cloud robotics: Formation control of a multi robot system utilizing cloud infrastructure. Proceedings of IEEE SoutheastCon, Jacksonville: IEEE, 2013: 362–365
R. Arumugam, V. Enti, L. Bingbing, et al. A cloud computing framework for service robots. IEEE International Conference on Robotics and Automation, Anchorage: IEEE, 2010: 3084–3089
B. Kehoe, S. Patil, P. Abbeel, et al. A survey of research on cloud robotics and automation. IEEE Transaction on Automation Science and Engineering, 2015, 12(2): 398–409.
X. Lei, X. Liao, T. Huang, et al. Outsourcing large matrix inversion computation to a public cloud. IEEE Transactions on Cloud Computing, 2013, 1(1): 1–87.
J. Wan, S. Tang, H. Yan, et al. Cloud robotics: current status and open issues. IEEE Access, 2016, 4: 2797–2807.
M. Long, C. Wu, J. Hung. Denial of service attacks on networkbased control systems: impact and mitigation. IEEE Transactions on Industrial Informatics, 2005, 1(2): 85–96.
P. Srikantha, D. Kundur. Denial of service attacks and mitigation for stability in cyber-enabled power grid. IEEE Power & Energy Society Innovative Smart Grid Technologies Conference, Washington, D.C.: IEEE, 2015.
H. Beitollahi, G. Deconinck. A dependable architecture to mitigate distributed denial of service attacks on network-based control systems. International Journal of Critical Infrastructure Protection, 2011, 4(3): 107–123.
J. Wu, L. Zhang, T. Chen. Model predictive control for networked control systems. International Journal of Robust and Nonlinear Control, 2009, 19(9): 1016–1035.
P. Varutti, B. Kern, T. Faulwasser, et al. Event-based model predictive control for networked control systems. Proceedings of the 48th IEEE Conference on Decision and Control Held Jointly with the 28th Chinese Control Conference, Shanghai: IEEE, 2009: 567–572
S. Liu, P. X. Liu, X. Wang. H∞ control of networked control systems with stochastic measurement losses. IEEE International Conference on Information and Automation, Ningbo: IEEE, 2016: 1691–1696
A. Cetinkaya, H. Ishii, T. Hayakawa. Enhanced stability analysis for networked control systems under random and malicious packet losses. IEEE 55th Conference on Decision and Control, Las Vegas: IEEE, 2016: 2721–2726
Y. Xia. From networked control systems to cloud control systems. Proceeding of the 31th Chinese Control Conference, Hefei: IEEE, 2012: 5878–5883
Y. Xia, Y. L. Gao, L. P. Yan, et al. Recent progress in networked control systems: a survey. International Journal of Automation and Computing, 2015, 12(4): 343–367.
J. Kuffner. Cloud-enabled humanoid robots. IEEE-RAS International Conference on Humanoid Robotics, Nashville, U.S.A., 2010.
B. Bitzer, T. Kleesuwan. Cloud-based smart grid monitoring and controlling system. 50th International Universities Power Engineering Conference, England: IEEE, 2015: DOI 10.1109/ UPEC.2015.7339938.
S. Yu. Distributed Denial of Service Attack and Defense. Dordrecht: Springer, 2013.
B. Stone-Gross, M. Cova, L. Cavallaro, et al. Your botnet is my botnet: Analysis of a botnet takeover. Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago: ACM, 2009: 635–647
K. Tsui. Tutorial–Virus (Malicious Agent). Canada: University of Calgary, 2001.
J. S. Kim, T. W. Yoon, A. Jadbabaie, et al. Input-to-state stabilizing MPC for neutrally stable linear systems subject to input constraints. Proceedings of the 43rd IEEE Conference on Decision and Control, Bahamas: IEEE, 2004: 5041–5046
X. Lei, X. Liao, T. Huang, et al. Cloud computing service: the case of large matrix determinant computation. IEEE Transactions on Services Computing, 2015, 8(5): 688–700.
D. S. Yeung, S. Jin, X. Wang. Covariance-matrix modeling and detecting various flooding attacks. IEEE Transactions On Systems, Man, and Cybernetics–Part A: Systems & Humans, 2007, 37(2): 157–169.
T. Basar, P. Bernhard. H∞ Optimal Control and Related Minimax Design Problems: A Dynamic Game Approach. Basel: Birkhäuser, 2008.
G. Cai, B. M. Chen, X. Dong, et al. Design and implementation of a robust and nonlinear flight control system for an unmanned helicopter. Mechatronics, 2011, 21(5): 803–820.
Author information
Authors and Affiliations
Corresponding author
Additional information
This work was supported by the Beijing Natural Science Foundation (No. 4161001), the NSFC Projects of International Cooperation and Exchanges (No. 61720106010) and the Foundation for Innovative Research Groups of the NSFC (No. 61621063).
Yasir ALI received his M.Sc. degree from Beijing Institute of Technology China, in Control Science and Engineering. He has studied Electrical Engineering from University of Engineering and Technology in Peshawar, Pakistan. Currently, he is working on security of cloud control system, and Professor Yuanqing Xia is his supervisor. His research interests focus on network security, cloud control system security, unmanned arial vehicles, and cloud computing. E-mail: yasirali@bit.edu.cn.
Yuanqing XIA was born in Anhui, China, in 1971, and graduated from the Department of Mathematics, Chuzhou University, Chuzhou, China, in 1991. He received his M.Sc. degree in Fundamental Mathematics from Anhui University, China, in 1998, and his Ph.D. degree in Control Theory and Control Engineering from Beijing University of Aeronautics and Astronautics, Beijing, China, in 2001. From 1991 to 1995, he was with Tongcheng Middle-School, Anhui, China, where he worked as a teacher. During January 2002–November 2003, he was a Postdoctoral Research Associate in the Institute of Systems Science, Academy of Mathematics and System Sciences, Chinese Academy of Sciences, Beijing, China, where he worked on navigation, guidance and control. From November 2003 to February 2004, he was with the National University of Singapore as a Research Fellow, where he worked on variable structure control. From February 2004 to February 2006, he was with the University of Glamorgan, Pontypridd, U.K., as a Research Fellow, where he worked on networked control systems. From February 2007 to June 2008, he was a Guest Professor with Innsbruck Medical University, Innsbruck, Austria, where he worked on biomedical signal processing. Since July 2004, he has been with the School of Automation, Beijing Institute of Technology, Beijing, first as an Associate Professor, then, since 2008, as a Professor. And in 2012, he was appointed as Xu Teli Distinguished Professor at the Beijing Institute of Technology, then in 2016, as Chair Professor. In 2012, he obtained the National Science Foundation for Distinguished Young Scholars of China, and in 2016, he was honored as the Yangtze River Scholar Distinguished Professor and was supported by National High Level Talents Special Support Plan (“Million People Plan”) by the Organization Department of the CPC Central Committee. He is now the dean of School of Automation, Beijing Institute of Technology.
His current research interests are in the fields of networked control systems, robust control and signal processing, active disturbance rejection control and flight control. He has published eight monographs in Springer, John Wiley and CRC, and more than 100 papers in international scientific journals. He is a Deputy Editor of the Journal of Beijing Institute of Technology, Associate Editor of Acta Automatica Sinica, Control Theory and Applications, International Journal of Innovative Computing, Information and Control, International Journal of Automation and Computing. He obtained the Second Award of the Beijing Municipal Science and Technology (No. 1) in 2010 and 2015, the Second National Award for Science and Technology (No. 2) in 2011, and the Second Natural Science Award of the Ministry of Education (No. 1) in 2012. E-mail: xia_yuanqing@bit.edu.cn.
Liang MA received his B.Sc. degree from Minzu University of China. In September 2015, he started pursuing his M.Sc. degree in Beijing Institute of Technology, and Professor Yuanqing Xia is his supervisor. During his study for a M.Sc. degree, he finished one experiment platform of cloud control System and made a great progress in cloud control system. E-mail: muc_maliang@163.com.
Ahmad HAMMAD received his M.Sc. degree in Control Engineering from Beijing Institute of Technology, Beijing, China, and B.Sc. degree in Mechatronics and Control Engineering from University of Engineering and Technology, UET-Lahore, Pakistan. His areas of research interest are robotics, teleoperation, tele-manipulation, control system and automation. During his study for his M.Sc. degree, he published a research paper on Humanoid Robotics in IEEE. E-mail: hammad.bit.ce@gmail.com.
Rights and permissions
About this article
Cite this article
Ali, Y., Xia, Y., Ma, L. et al. Secure design for cloud control system against distributed denial of service attack. Control Theory Technol. 16, 14–24 (2018). https://doi.org/10.1007/s11768-018-8002-8
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11768-018-8002-8