Biblio

Today cyber-attacks to critical infrastructures can perform outages, economical loss, physical damage to people and the environment, among many others. In particular, the smart grid is one of the main targets. In this paper, we develop and evaluate software detectors for integrity attacks to smart meter readings. The detectors rely upon different techniques and models, such as autoregressive models, clustering, and neural networks. Our evaluation considers different “attack scenarios”, then resembling the plethora of attacks found in last years. Starting from previous works in the literature, we carry out a detailed experimentation and analysis, so to identify which “detectors” best fit for each “attack scenario”. Our results contradict some findings of previous works and also offer a light for choosing the techniques that can address best the attacks to smart meters.

The usage of robot is rapidly growth in our society. The communication link and applications connect the robots to their clients or users. This communication link and applications are normally connected through some kind of network connections. This network system is amenable of being attached and vulnerable to the security threats. It is a critical part for ensuring security and privacy for robotic platforms. The paper, also discusses about several cyber-physical security threats that are only for robotic platforms. The peer to peer applications use in the robotic platforms for threats target integrity, availability and confidential security purposes. A Remote Administration Tool (RAT) was introduced for specific security attacks. An impact oriented process was performed for analyzing the assessment outcomes of the attacks. Tests and experiments of attacks were performed in simulation environment which was based on Gazbo Turtlebot simulator and physically on the robot. A software tool was used for simulating, debugging and experimenting on ROS platform. Integrity attacks performed for modifying commands and manipulated the robot behavior. Availability attacks were affected for Denial-of-Service (DoS) and the robot was not listened to Turtlebot commands. Integrity and availability attacks resulted sensitive information on the robot.

Surveillance cameras, which is a form of Cyber Physical System, are deployed extensively to provide visual surveillance monitoring of activities of interest or anomalies. However, these cameras are at risks of physical security attacks against their physical attributes or configuration like tampering of their recording coverage, camera positions or recording configurations like focus and zoom factors. Such adversarial alteration of physical configuration could also be invoked through cyber security attacks against the camera's software vulnerabilities to administratively change the camera's physical configuration settings. When such Cyber Physical attacks occur, they affect the integrity of the targeted cameras that would in turn render these cameras ineffective in fulfilling the intended security functions. There is a significant measure of research work in detection mechanisms of cyber-attacks against these Cyber Physical devices, however it is understudied area with such mechanisms against integrity attacks on physical configuration. This research proposes the use of the novel use of deep learning algorithms to detect such physical attacks originating from cyber or physical spaces. Additionally, we proposed the novel use of deep learning-based video frame interpolation for such detection that has comparatively better performance to other anomaly detectors in spatiotemporal environments.

In this paper, we consider the problem of designing system parameters to improve detection of attacks in control systems. Specifically, we study control systems which are vulnerable to integrity attacks on sensors and actuators. We aim to defend against strong model aware adversaries that can read and modify all sensors and actuators. Previous work has proposed a moving target defense for detecting integrity attacks on control systems. Here, an authenticating subsystem with time-varying dynamics coupled to the original plant is introduced. Due to this coupling, an attack on the original system will affect the authenticating subsystem and in turn be revealed by a set of sensors measuring the extended plant. Moreover, the time-varying dynamics of the extended plant act as a moving target, preventing an adversary from developing an effective adaptive attack strategy. Previous work has failed to consider the design of the time-varying system matrices and as such provides little in terms of guidelines for implementation in real systems. This paper proposes two optimization problems for designing these matrices. The first designs the auxiliary actuators to maximize detection performance while the second designs the coupling matrices to maximize system estimation performance. Numerical examples are presented that validate our approach.

Due to the wide implementation of communication networks, industrial control systems are vulnerable to malicious attacks, which could cause potentially devastating results. Adversaries launch integrity attacks by injecting false data into systems to create fake events or cover up the plan of damaging the systems. In addition, the complexity and nonlinearity of control systems make it more difficult to detect attacks and defense it. Therefore, a novel security situation awareness framework based on particle filtering, which has good ability in estimating state for nonlinear systems, is proposed to provide an accuracy understanding of system situation. First, a system state estimation based on particle filtering is presented to estimate nodes state. Then, a voting scheme is introduced into hazard situation detection to identify the malicious nodes and a local estimator is constructed to estimate the actual system state by removing the identified malicious nodes. Finally, based on the estimated actual state, the actual measurements of the compromised nodes are predicted by using the situation prediction algorithm. At the end of this paper, a simulation of a continuous stirred tank is conducted to verify the efficiency of the proposed framework and algorithms.

In this paper, we present a work-in-progress approach to detect integrity attacks to Smart Grids by analyzing the readings from smart meters. Our approach is based on process mining and time-evolving graphs. In particular, process mining is used to discover graphs, from the dataset collecting the readings over a time period, that represent the behaviour of a customer. The time-evolving graphs are then compared in order to detect anomalous behavior of a customer. To evaluate the feasibility of our approach, we have conducted preliminary experiments by using the dataset provided by the Ireland's Commission for Energy Regulation (CER).