Skip to main content
SpringerLink
Log in

Multistage Downstream Attack Detection in a Cyber Physical System

  • Conference paper
  • First Online:
Computer Security (SECPRE 2017, CyberICPS 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10683))

Abstract

We present an attack detection scheme for a water treatment system. We leverage the connectivity of two stages of the process to detect attacks downstream from the point of attack. Based on a mathematical model of the process, carefully crafted and executed attacks, are detected by deploying CUSUM and Bad-Data detectors. Extensive experiments are carried out and the results show the performance of the proposed scheme.

This work was supported in part by the National Research Foundation (NRF), Prime Minister’s Office, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2014NCR-NCR001-040) and administered by the National Cybersecurity R&D Directorate.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Ahmed, C.M., Sridhar, A., Aditya, M.: Limitations of state estimation based cyber attack detection schemes in industrial control systems. In: IEEE Smart City Security and Privacy Workshop, CPSWeek (2016)

    Google Scholar 

  2. Ahmed, C.M., Murguia, C., Ruths, J.: Model-based attack detection scheme for smart water distribution networks. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, ASIA CCS 2017, pp. 101–113. ACM, New York (2017). http://doi.acm.org/10.1145/3052973.3053011

  3. Bai, C.Z., Gupta, V.: On Kalman filtering in the presence of a compromised sensor: fundamental performance bounds. In: 2014 American Control Conference, pp. 3029–3034. IEEE (2014)

    Google Scholar 

  4. Bai, C.Z., Pasqualetti, F., Gupta, V.: Security in stochastic control systems: fundamental limitations and performance bounds. In: 2015 American Control Conference (ACC), pp. 195–200. IEEE (2015)

    Google Scholar 

  5. Cardenas, A.A., Amin, S., Lin, Z.S., Huang, Y.L., Huang, C.Y., Sastry, S.: Attacks against process control systems: risk assessment, detection, and response. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp. 355–366. ACM (2011)

    Google Scholar 

  6. ICS-CERT: Ics-mm201408: May-august 2014. Report no., U.S. Department of Homeland Security-Industrial Control Systems-Cyber Emergency Response Team, Washington, D.C. (2014). https://ics-cert.us-cert.gov

  7. Kwon, C., Liu, W., Hwang, I.: Security analysis for cyber-physical systems against stealthy deception attacks. In: American Control Conference (ACC), pp. 3344–3349 (2013)

    Google Scholar 

  8. Lee, E.A.: Cyber physical systems: design challenges. EECS Department, University of California, Berkeley, Technical report UCB/EECS-2008-8, January 2008. http://www.eecs.berkeley.edu/Pubs/TechRpts/2008/EECS-2008-8.html

  9. Miao, F., Zhu, Q., Pajic, M., Pappas, G.J.: Coding sensor outputs for injection attacks detection. In: IEEE Conference in Decision and Control (CDC), pp. 5776–5781 (2014)

    Google Scholar 

  10. Mo, Y., Garone, E., Casavola, A., Sinopoli, B.: False data injection attacks against state estimation in wireless sensor networks. In: 49th IEEE Conference on Decision and Control (CDC), pp. 5967–5972. IEEE (2010)

    Google Scholar 

  11. Mujeeb, C.A., Mathur, A.P.: Hardware identification via sensor fingerprinting in a cyber physical system. In: 2017 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C), pp. 517–524. IEEE (2017)

    Google Scholar 

  12. Murguia, C., Ruths, J.: Characterization of a CUSUM model-based sensor attack detector. In: 55th IEEE Conference on Decision and Control Conference (CDC) (2016)

    Google Scholar 

  13. Murguia, C., Ruths, J.: CUSUM and chi-squared attack detection of compromised sensors. In: 2016 IEEE Conference on Control Applications (CCA), pp. 474–480, September 2016

    Google Scholar 

  14. Pasqualetti, F., Dörfler, F., Bullo, F.: Attack detection and identification in cyber-physical systems. IEEE Trans. Autom. Control 58(11), 2715–2729 (2013)

    Article  MathSciNet  MATH  Google Scholar 

  15. Ross, M.: Introduction to Probability Models, 9th edn. Academic Press Inc., Orlando (2006)

    MATH  Google Scholar 

  16. Sridhar, A., Aditya, M.: Generalized attacker and attack models for cyber physical systems. In: 40th IEEE COMPSAC (2016)

    Google Scholar 

  17. Urbina, D., Giraldo, J., Tippenhauer, N.O., Cardenas, A.: Attacking Fieldbus communications in ICS: applications to the SWaT Testbed. In: Singapore Cyber-Security Conference (SG-CRC), vol. 14, pp. 75–89 (2016)

    Google Scholar 

  18. Urbina, D.I., Giraldo, J., Cardenas, A.A., Tippenhauer, N.O., Valente, J., Faisal, M., Ruths, J., Candell, R., Sandberg, H.: Limiting the impact of stealthy attacks on industrial control systems. In: ACM CCS 3(iii) (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Singapore University of Technology and Design, Singapore, Singapore

    Rizwan Qadeer, Carlos Murguia & Chuadhry Mujeeb Ahmed

  2. University of Texas Dallas, Richardson, USA

    Justin Ruths

Authors
  1. Rizwan Qadeer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carlos Murguia
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chuadhry Mujeeb Ahmed
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Justin Ruths
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rizwan Qadeer .

Editor information

Editors and Affiliations

  1. Norwegian University of Science and Technology, Gjøvik, Norway

    Sokratis K. Katsikas

  2. IMT Atlantique, Brest, France

    Frédéric Cuppens

  3. IMT Atlantique, Brest, France

    Nora Cuppens

  4. University of Piraeus, Piraeus, Greece

    Costas Lambrinoudakis

  5. University of the Aegean, Mytilene, Greece

    Christos Kalloniatis

  6. University of Toronto, Toronto, Ontario, Canada

    John Mylopoulos

  7. Georgia Institute of Technology, Atlanta, Georgia, USA

    Annie Antón

  8. University of the Aegean, Karlovassi, Greece

    Stefanos Gritzalis

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Qadeer, R., Murguia, C., Ahmed, C.M., Ruths, J. (2018). Multistage Downstream Attack Detection in a Cyber Physical System. In: Katsikas, S., et al. Computer Security. SECPRE CyberICPS 2017 2017. Lecture Notes in Computer Science(), vol 10683. Springer, Cham. https://doi.org/10.1007/978-3-319-72817-9_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-72817-9_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-72816-2

  • Online ISBN: 978-3-319-72817-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation