Mitigating adversarial attacks on data-driven invariant checkers for cyber-physical systems

Mitigating adversarial attacks on data-driven invariant checkers for cyber-physical systems

The use of invariants in developing security mechanisms has become an attractive research area because of their potential to both prevent attacks and detect attacks in Cyber-Physical Systems (CPS). In general, an invariant is a property that is expressed using design parameters along with Boolean op...

Full description

Saved in:
Bibliographic Details
Main Authors: MAITI, Rajib Ranjan, YOONG, Cheah Huei, PALLETI, Venkata Reddy, SILVA, Arlindo, POSKITT, Christopher M.
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2023
Subjects:
Cyber-physical systems
Data-driven invariants
Design-driven invariants
Axiomatic design
Adversarial attacks
Databases and Information Systems
Information Security
Software Engineering
Online Access:https://ink.library.smu.edu.sg/sis_research/7198
https://ink.library.smu.edu.sg/context/sis_research/article/8201/viewcontent/mitigating_adversarial_attacks_tdsc22.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:The use of invariants in developing security mechanisms has become an attractive research area because of their potential to both prevent attacks and detect attacks in Cyber-Physical Systems (CPS). In general, an invariant is a property that is expressed using design parameters along with Boolean operators and which always holds in normal operation of a system, in particular, a CPS. Invariants can be derived by analysing operational data of various design parameters in a running CPS, or by analysing the system's requirements/design documents, with both of the approaches demonstrating significant potential to detect and prevent cyber-attacks on a CPS. While data-driven invariant generation can be fully automated, design-driven invariant generation has a substantial manual intervention. In this paper, we aim to highlight the shortcomings in data-driven invariants by demonstrating a set of adversarial attacks on such invariants. We propose a solution strategy to detect such attacks by complementing them with design-driven invariants. We perform all our experiments on a real water treatment testbed. We shall demonstrate that our approach can significantly reduce false positives and achieve high accuracy in attack detection on CPSs.

Similar Items