| Title | Noise Matters: Using Sensor and Process Noise Fingerprint to Detect Stealthy Cyber Attacks and Authenticate Sensors in CPS |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Ahmed, Chuadhry Mujeeb, Zhou, Jianying, Mathur, Aditya P. |
| Conference Name | Proceedings of the 34th Annual Computer Security Applications Conference |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-6569-7 |
| Keywords | actuator security, Attacks on Sensors, authentication, composability, CPS/ICS Security, cyber physical systems, Device Fingerprinting, Human Behavior, Metrics, physical attacks, pubcrawl, Resiliency, security, sensor fingerprinting, Sensors and Actuators |
| Abstract | A novel scheme is proposed to authenticate sensors and detect data integrity attacks in a Cyber Physical System (CPS). The proposed technique uses the hardware characteristics of a sensor and physics of a process to create unique patterns (herein termed as fingerprints) for each sensor. The sensor fingerprint is a function of sensor and process noise embedded in sensor measurements. Uniqueness in the noise appears due to manufacturing imperfections of a sensor and due to unique features of a physical process. To create a sensor's fingerprint a system-model based approach is used. A noise-based fingerprint is created during the normal operation of the system. It is shown that under data injection attacks on sensors, noise pattern deviations from the fingerprinted pattern enable the proposed scheme to detect attacks. Experiments are performed on a dataset from a real-world water treatment (SWaT) facility. A class of stealthy attacks is designed against the proposed scheme and extensive security analysis is carried out. Results show that a range of sensors can be uniquely identified with an accuracy as high as 98%. Extensive sensor identification experiments are carried out on a set of sensors in SWaT testbed. The proposed scheme is tested on a variety of attack scenarios from the reference literature which are detected with high accuracy |
| URL | http://doi.acm.org/10.1145/3274694.3274748 |
| DOI | 10.1145/3274694.3274748 |
| Citation Key | ahmed_noise_2018 |
Noise Matters: Using Sensor and Process Noise Fingerprint to Detect Stealthy Cyber Attacks and Authenticate Sensors in CPS