Biblio

Filters: Author is Cárdenas, A. A.  [Clear All Filters]
2021-01-25
Giraldo, J., Kafash, S. H., Ruths, J., Cárdenas, A. A..  2020.  DARIA: Designing Actuators to Resist Arbitrary Attacks Against Cyber-Physical Systems. 2020 IEEE European Symposium on Security and Privacy (EuroS P). :339–353.

In the past decade we have seen an active research community proposing attacks and defenses to Cyber-Physical Systems (CPS). Most of these attacks and defenses have been heuristic in nature, limiting the attacker to a set of predefined operations, and proposing defenses with unclear security guarantees. In this paper, we propose a generic adversary model that can capture any type of attack (our attacker is not constrained to follow specific attacks such as replay, delay, or bias) and use it to design security mechanisms with provable security guarantees. In particular, we propose a new secure design paradigm we call DARIA: Designing Actuators to Resist arbItrary Attacks. The main idea behind DARIA is the design of physical limits to actuators in order to prevent attackers from arbitrarily manipulating the system, irrespective of their point of attack (sensors or actuators) or the specific attack algorithm (bias, replay, delays, etc.). As far as we are aware, we are the first research team to propose the design of physical limits to actuators in a control loop in order to keep the system secure against attacks. We demonstrate the generality of our proposal on simulations of vehicular platooning and industrial processes.

2019-01-21
Kafash, S. H., Giraldo, J., Murguia, C., Cárdenas, A. A., Ruths, J..  2018.  Constraining Attacker Capabilities Through Actuator Saturation. 2018 Annual American Control Conference (ACC). :986–991.
For LTI control systems, we provide mathematical tools - in terms of Linear Matrix Inequalities - for computing outer ellipsoidal bounds on the reachable sets that attacks can induce in the system when they are subject to the physical limits of the actuators. Next, for a given set of dangerous states, states that (if reached) compromise the integrity or safe operation of the system, we provide tools for designing new artificial limits on the actuators (smaller than their physical bounds) such that the new ellipsoidal bounds (and thus the new reachable sets) are as large as possible (in terms of volume) while guaranteeing that the dangerous states are not reachable. This guarantees that the new bounds cut as little as possible from the original reachable set to minimize the loss of system performance. Computer simulations using a platoon of vehicles are presented to illustrate the performance of our tools.
2018-12-10
Lobato, A. G. P., Lopez, M. A., Sanz, I. J., Cárdenas, A. A., Duarte, O. C. M. B., Pujolle, G..  2018.  An Adaptive Real-Time Architecture for Zero-Day Threat Detection. 2018 IEEE International Conference on Communications (ICC). :1–6.

Attackers create new threats and constantly change their behavior to mislead security systems. In this paper, we propose an adaptive threat detection architecture that trains its detection models in real time. The major contributions of the proposed architecture are: i) gather data about zero-day attacks and attacker behavior using honeypots in the network; ii) process data in real time and achieve high processing throughput through detection schemes implemented with stream processing technology; iii) use of two real datasets to evaluate our detection schemes, the first from a major network operator in Brazil and the other created in our lab; iv) design and development of adaptive detection schemes including both online trained supervised classification schemes that update their parameters in real time and learn zero-day threats from the honeypots, and online trained unsupervised anomaly detection schemes that model legitimate user behavior and adapt to changes. The performance evaluation results show that proposed architecture maintains an excellent trade-off between threat detection and false positive rates and achieves high classification accuracy of more than 90%, even with legitimate behavior changes and zero-day threats.

2017-02-27
Cómbita, L. F., Giraldo, J., Cárdenas, A. A., Quijano, N..  2015.  Response and reconfiguration of cyber-physical control systems: A survey. 2015 IEEE 2nd Colombian Conference on Automatic Control (CCAC). :1–6.

The integration of physical systems with distributed embedded computing and communication devices offers advantages on reliability, efficiency, and maintenance. At the same time, these embedded computers are susceptible to cyber-attacks that can harm the performance of the physical system, or even drive the system to an unsafe state; therefore, it is necessary to deploy security mechanisms that are able to automatically detect, isolate, and respond to potential attacks. Detection and isolation mechanisms have been widely studied for different types of attacks; however, automatic response to attacks has attracted considerably less attention. Our goal in this paper is to identify trends and recent results on how to respond and reconfigure a system under attack, and to identify limitations and open problems. We have found two main types of attack protection: i) preventive, which identifies the vulnerabilities in a control system and then increases its resiliency by modifying either control parameters or the redundancy of devices; ii) reactive, which responds as soon as the attack is detected (e.g., modifying the non-compromised controller actions).