-
ICCPS: Impact discovery using causal inference for cyber attacks in CPSs
Authors:
Rajib Ranjan Maiti,
Sridhar Adepu,
Emil Lupu
Abstract:
We propose a new method to quantify the impact of cyber attacks in Cyber Physical Systems (CPSs). In particular, our method allows to identify the Design Parameter (DPs) affected due to a cyber attack launched on a different set of DPs in the same CPS. To achieve this, we adopt causal graphs to causally link DPs with each other and quantify the impact of one DP on another. Using SWaT, a real world…
▽ More
We propose a new method to quantify the impact of cyber attacks in Cyber Physical Systems (CPSs). In particular, our method allows to identify the Design Parameter (DPs) affected due to a cyber attack launched on a different set of DPs in the same CPS. To achieve this, we adopt causal graphs to causally link DPs with each other and quantify the impact of one DP on another. Using SWaT, a real world testbed of a water treatment system, we demonstrate that causal graphs can be build in two ways: i) using domain knowledge of the control logic and the physical connectivity structure of the DPs, we call these causal domain graphs and ii) learning from operational data logs, we call these causal learnt graphs. We then compare these graphs when a same set of DPs is used. Our analysis shows a common set of edges between the causal domain graphs and the causal learnt graphs exists, which helps validate the causal learnt graphs. Additionally, we show that the learnt graphs can discover new causal relations, not initially considered in the domain graphs, that help significantly characterising the impact of the attack. We use causal domain graphs to estimate the parameters of the graphs, and the causal learnt graphs for causal inference. To learn the structure of the causal learnt graphs in all the six-stages of SWaT, we experiment with three learning algorithms: Peter Clarke (PC), Hill Climb (HC) search and Chow-Lie (CH). Finally, we demonstrate how causal graphs can be used to analyse the impact of cyber attacks by analysing nine well known cyber attacks on the SWaT test bed. We find that by using causal learnt graphs the DPs impacted by the attacks are correctly discovered with a probability greater than 0.9.
△ Less
Submitted 26 July, 2023;
originally announced July 2023.
-
A Game-Theoretical Self-Adaptation Framework for Securing Software-Intensive Systems
Authors:
Mingyue Zhang,
Nianyu Li,
Sridhar Adepu,
Eunsuk Kang,
Zhi Jin
Abstract:
The increasing prevalence of security attacks on software-intensive systems calls for new, effective methods for detecting and responding to these attacks. As one promising approach, game theory provides analytical tools for modeling the interaction between the system and the adversarial environment and designing reliable defense. In this paper, we propose an approach for securing software-intensi…
▽ More
The increasing prevalence of security attacks on software-intensive systems calls for new, effective methods for detecting and responding to these attacks. As one promising approach, game theory provides analytical tools for modeling the interaction between the system and the adversarial environment and designing reliable defense. In this paper, we propose an approach for securing software-intensive systems using a rigorous game-theoretical framework. First, a self-adaptation framework is deployed on a component-based software intensive system, which periodically monitors the system for anomalous behaviors. A learning-based method is proposed to detect possible on-going attacks on the system components and predict potential threats to components. Then, an algorithm is designed to automatically build a \emph{Bayesian game} based on the system architecture (of which some components might have been compromised) once an attack is detected, in which the system components are modeled as independent players in the game. Finally, an optimal defensive policy is computed by solving the Bayesian game to achieve the best system utility, which amounts to minimizing the impact of the attack. We conduct two sets of experiments on two general benchmark tasks for security domain. Moreover, we systematically present a case study on a real-world water treatment testbed, i.e. the Secure Water Treatment System. Experiment results show the applicability and the effectiveness of our approach.
△ Less
Submitted 12 December, 2021;
originally announced December 2021.
-
Learning-Guided Network Fuzzing for Testing Cyber-Physical System Defences
Authors:
Yuqi Chen,
Christopher M. Poskitt,
Jun Sun,
Sridhar Adepu,
Fan Zhang
Abstract:
The threat of attack faced by cyber-physical systems (CPSs), especially when they play a critical role in automating public infrastructure, has motivated research into a wide variety of attack defence mechanisms. Assessing their effectiveness is challenging, however, as realistic sets of attacks to test them against are not always available. In this paper, we propose smart fuzzing, an automated, m…
▽ More
The threat of attack faced by cyber-physical systems (CPSs), especially when they play a critical role in automating public infrastructure, has motivated research into a wide variety of attack defence mechanisms. Assessing their effectiveness is challenging, however, as realistic sets of attacks to test them against are not always available. In this paper, we propose smart fuzzing, an automated, machine learning guided technique for systematically finding 'test suites' of CPS network attacks, without requiring any knowledge of the system's control programs or physical processes. Our approach uses predictive machine learning models and metaheuristic search algorithms to guide the fuzzing of actuators so as to drive the CPS into different unsafe physical states. We demonstrate the efficacy of smart fuzzing by implementing it for two real-world CPS testbeds---a water purification plant and a water distribution system---finding attacks that drive them into 27 different unsafe states involving water flow, pressure, and tank levels, including six that were not covered by an established attack benchmark. Finally, we use our approach to test the effectiveness of an invariant-based defence system for the water treatment plant, finding two attacks that were not detected by its physical invariant checks, highlighting a potential weakness that could be exploited in certain conditions.
△ Less
Submitted 11 September, 2019;
originally announced September 2019.
-
Investigation of Cyber Attacks on a Water Distribution System
Authors:
Sridhar Adepu,
Venkata Reddy Palleti,
Gyanendra Mishra,
Aditya Mathur
Abstract:
A Cyber Physical System (CPS) consists of cyber components for computation and communication, and physical components such as sensors and actuators for process control. These components are networked and interact in a feedback loop. CPS are found in critical infrastructure such as water distribution, power grid, and mass transportation. Often these systems are vulnerable to attacks as the cyber co…
▽ More
A Cyber Physical System (CPS) consists of cyber components for computation and communication, and physical components such as sensors and actuators for process control. These components are networked and interact in a feedback loop. CPS are found in critical infrastructure such as water distribution, power grid, and mass transportation. Often these systems are vulnerable to attacks as the cyber components such as Supervisory Control and Data Acquisition workstations, Human Machine Interface and Programmable Logic Controllers are potential targets for attackers. In this work, we report a study to investigate the impact of cyber attacks on a water distribution (WADI) system. Attacks were designed to meet attacker objectives and launched on WADI using a specially designed tool. This tool enables the launch of single and multi-point attacks where the latter are designed to specifically hide one or more attacks. The outcome of the experiments led to a better understanding of attack propagation and behavior of WADI in response to the attacks as well as to the design of an attack detection mechanism for water distribution system.
△ Less
Submitted 5 June, 2019;
originally announced June 2019.
-
Control Behavior Integrity for Distributed Cyber-Physical Systems
Authors:
Sridhar Adepu,
Ferdinand Brasser,
Luis Garcia,
Michael Rodler,
Lucas Davi,
Ahmad-Reza Sadeghi,
Saman Zonouz
Abstract:
Cyber-physical control systems, such as industrial control systems (ICS), are increasingly targeted by cyberattacks. Such attacks can potentially cause tremendous damage, affect critical infrastructure or even jeopardize human life when the system does not behave as intended. Cyberattacks, however, are not new and decades of security research have developed plenty of solutions to thwart them. Unfo…
▽ More
Cyber-physical control systems, such as industrial control systems (ICS), are increasingly targeted by cyberattacks. Such attacks can potentially cause tremendous damage, affect critical infrastructure or even jeopardize human life when the system does not behave as intended. Cyberattacks, however, are not new and decades of security research have developed plenty of solutions to thwart them. Unfortunately, many of these solutions cannot be easily applied to safety-critical cyber-physical systems. Further, the attack surface of ICS is quite different from what can be commonly assumed in classical IT systems.
We present Scadman, a system with the goal to preserve the Control Behavior Integrity (CBI) of distributed cyber-physical systems. By observing the system-wide behavior, the correctness of individual controllers in the system can be verified. This allows Scadman to detect a wide range of attacks against controllers, like programmable logic controller (PLCs), including malware attacks, code-reuse and data-only attacks. We implemented and evaluated Scadman based on a real-world water treatment testbed for research and training on ICS security. Our results show that we can detect a wide range of attacks--including attacks that have previously been undetectable by typical state estimation techniques--while causing no false-positive warning for nominal threshold values.
△ Less
Submitted 19 December, 2018;
originally announced December 2018.
-
Assessing the Effectiveness of Attack Detection at a Hackfest on Industrial Control Systems
Authors:
Sridhar Adepu,
Aditya Mathur
Abstract:
A hackfest named SWaT Security Showdown (S3) has been organized consecutively for two years. S3 has enabled researchers and practitioners to assess the effectiveness of methods and products aimed at detecting cyber attacks launched in real-time on an operational water treatment plant, namely, Secure Water Treatment (SWaT). In S3 independent attack teams design and launch attacks on SWaT while defe…
▽ More
A hackfest named SWaT Security Showdown (S3) has been organized consecutively for two years. S3 has enabled researchers and practitioners to assess the effectiveness of methods and products aimed at detecting cyber attacks launched in real-time on an operational water treatment plant, namely, Secure Water Treatment (SWaT). In S3 independent attack teams design and launch attacks on SWaT while defence teams protect the plant passively and raise alarms upon attack detection. Attack teams are scored according to how successful they are in performing attacks based on specific intents while the defense teams are scored based on the effectiveness of their methods to detect the attacks. This paper focuses on the first two instances of S3 and summarizes the benefits of hackfest and the performance of an attack detection mechanism, named Water Defense, that was exposed to attackers during S3.
△ Less
Submitted 13 September, 2018;
originally announced September 2018.
-
Gamifying Education and Research on ICS Security: Design, Implementation and Results of S3
Authors:
Daniele Antonioli,
Hamid Reza Ghaeini,
Sridhar Adepu,
Martín Ochoa,
Nils Ole Tippenhauer
Abstract:
In this work, we consider challenges relating to security for Industrial Control Systems (ICS) in the context of ICS security education and research targeted both to academia and industry. We propose to address those challenges through gamified attack training and countermeasure evaluation. We tested our proposed ICS security gamification idea in the context of the (to the best of our knowledge) f…
▽ More
In this work, we consider challenges relating to security for Industrial Control Systems (ICS) in the context of ICS security education and research targeted both to academia and industry. We propose to address those challenges through gamified attack training and countermeasure evaluation. We tested our proposed ICS security gamification idea in the context of the (to the best of our knowledge) first Capture-The-Flag (CTF) event targeted to ICS security called SWaT Security Showdown (S3). Six teams acted as attackers in a security competition leveraging an ICS testbed, with several academic defense systems attempting to detect the ongoing attacks. The event was conducted in two phases. The online phase (a jeopardy-style CTF) served as a training session. The live phase was structured as an attack-defense CTF. We acted as judges and we assigned points to the attacker teams according to a scoring system that we developed internally based on multiple factors, including realistic attacker models. We conclude the paper with an evaluation and discussion of the S3, including statistics derived from the data collected in each phase of S3.
△ Less
Submitted 10 February, 2017;
originally announced February 2017.