Mitigating adversarial attacks on data-driven invariant checkers for cyber-physical systems
The use of invariants in developing security mechanisms has become an attractive research area because of their potential to both prevent attacks and detect attacks in Cyber-Physical Systems (CPS). In general, an invariant is a property that is expressed using design parameters along with Boolean op...
Saved in:
Main Authors: | , , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2023
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/7198 https://ink.library.smu.edu.sg/context/sis_research/article/8201/viewcontent/mitigating_adversarial_attacks_tdsc22.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-8201 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-82012024-02-28T05:43:23Z Mitigating adversarial attacks on data-driven invariant checkers for cyber-physical systems MAITI, Rajib Ranjan YOONG, Cheah Huei PALLETI, Venkata Reddy SILVA, Arlindo POSKITT, Christopher M. The use of invariants in developing security mechanisms has become an attractive research area because of their potential to both prevent attacks and detect attacks in Cyber-Physical Systems (CPS). In general, an invariant is a property that is expressed using design parameters along with Boolean operators and which always holds in normal operation of a system, in particular, a CPS. Invariants can be derived by analysing operational data of various design parameters in a running CPS, or by analysing the system's requirements/design documents, with both of the approaches demonstrating significant potential to detect and prevent cyber-attacks on a CPS. While data-driven invariant generation can be fully automated, design-driven invariant generation has a substantial manual intervention. In this paper, we aim to highlight the shortcomings in data-driven invariants by demonstrating a set of adversarial attacks on such invariants. We propose a solution strategy to detect such attacks by complementing them with design-driven invariants. We perform all our experiments on a real water treatment testbed. We shall demonstrate that our approach can significantly reduce false positives and achieve high accuracy in attack detection on CPSs. 2023-07-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/7198 info:doi/10.1109/tdsc.2022.3194089 https://ink.library.smu.edu.sg/context/sis_research/article/8201/viewcontent/mitigating_adversarial_attacks_tdsc22.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Cyber-physical systems Data-driven invariants Design-driven invariants Axiomatic design Adversarial attacks Databases and Information Systems Information Security Software Engineering |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
Cyber-physical systems Data-driven invariants Design-driven invariants Axiomatic design Adversarial attacks Databases and Information Systems Information Security Software Engineering |
spellingShingle |
Cyber-physical systems Data-driven invariants Design-driven invariants Axiomatic design Adversarial attacks Databases and Information Systems Information Security Software Engineering MAITI, Rajib Ranjan YOONG, Cheah Huei PALLETI, Venkata Reddy SILVA, Arlindo POSKITT, Christopher M. Mitigating adversarial attacks on data-driven invariant checkers for cyber-physical systems |
description |
The use of invariants in developing security mechanisms has become an attractive research area because of their potential to both prevent attacks and detect attacks in Cyber-Physical Systems (CPS). In general, an invariant is a property that is expressed using design parameters along with Boolean operators and which always holds in normal operation of a system, in particular, a CPS. Invariants can be derived by analysing operational data of various design parameters in a running CPS, or by analysing the system's requirements/design documents, with both of the approaches demonstrating significant potential to detect and prevent cyber-attacks on a CPS. While data-driven invariant generation can be fully automated, design-driven invariant generation has a substantial manual intervention. In this paper, we aim to highlight the shortcomings in data-driven invariants by demonstrating a set of adversarial attacks on such invariants. We propose a solution strategy to detect such attacks by complementing them with design-driven invariants. We perform all our experiments on a real water treatment testbed. We shall demonstrate that our approach can significantly reduce false positives and achieve high accuracy in attack detection on CPSs. |
format |
text |
author |
MAITI, Rajib Ranjan YOONG, Cheah Huei PALLETI, Venkata Reddy SILVA, Arlindo POSKITT, Christopher M. |
author_facet |
MAITI, Rajib Ranjan YOONG, Cheah Huei PALLETI, Venkata Reddy SILVA, Arlindo POSKITT, Christopher M. |
author_sort |
MAITI, Rajib Ranjan |
title |
Mitigating adversarial attacks on data-driven invariant checkers for cyber-physical systems |
title_short |
Mitigating adversarial attacks on data-driven invariant checkers for cyber-physical systems |
title_full |
Mitigating adversarial attacks on data-driven invariant checkers for cyber-physical systems |
title_fullStr |
Mitigating adversarial attacks on data-driven invariant checkers for cyber-physical systems |
title_full_unstemmed |
Mitigating adversarial attacks on data-driven invariant checkers for cyber-physical systems |
title_sort |
mitigating adversarial attacks on data-driven invariant checkers for cyber-physical systems |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2023 |
url |
https://ink.library.smu.edu.sg/sis_research/7198 https://ink.library.smu.edu.sg/context/sis_research/article/8201/viewcontent/mitigating_adversarial_attacks_tdsc22.pdf |
_version_ |
1794549717034598400 |