Baiting for defense against stealthy attacks on cyber-physical systems

Author(s)
Flamholz, David B.
Thumbnail
Download1102320463-MIT.pdf (6.151Mb)
Other Contributors
Massachusetts Institute of Technology. Department of Mechanical Engineering.
Advisor
Anuradha M. Annaswamy.
Terms of use
MIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission. http://dspace.mit.edu/handle/1721.1/7582
Metadata
Show full item record
Abstract
The goal of this thesis is to develop a defense methodology for a cyber-physical system (CPS) by which an attempted stealthy cyber-attack is detected in near real time. Improvements in networked communication have enabled vast and complex dynamic control systems to exploit networked control schemes to seamlessly integrate parts and processes. These cyber-physical systems exhibit a level of flexibility that was previously unavailable but also introduce communication channels that are vulnerable to outside interference and malicious intervention. This thesis considers the effects of a type of stealthy attack on a class of CPS that can be modeled as linear time-invariant systems. The effects of this attack are studied from both the perspective of the attacker as well as the defender. A previously developed method for conducting stealthy attacks is introduced and analyzed.
 
This method consists of injecting malicious actuation signals into the control input of a CPS and then designing a sensor attack to conceal the effect of the actuator attack. The result is an attack that cannot be detected upon inspection of the Kalman filter residual. Successful implementation of this attack is shown to require the attacker to attain perfect model knowledge in order for the attack to be stealthy. Based on the execution of past attacks on CPS, this thesis proposes an attacker who starts their attack by "fishing" for critical and confidential system information such as the model parameters. A method is then proposed in which the defender attempts to feed the attacker a slightly falsified model, baiting the fishing attacker with data that will make an attack detectable. Because the attacker's model is no longer correct, their attack design will induce a mean-shift in the Kalman filter residual, breaking the stealthiness of the original attack formula.
 
It is then shown that the defender can not only detect this faulty attack, but use observations of the Kalman filter residual to regain more accurate state estimates, mitigating the effect of the attack.
 
Description
Thesis: S.M., Massachusetts Institute of Technology, Department of Mechanical Engineering, 2019
 
Cataloged from PDF version of thesis.
 
Includes bibliographical references (pages 63-64).
 
Date issued
2019
URI
https://hdl.handle.net/1721.1/121858
Department
Massachusetts Institute of Technology. Department of Mechanical Engineering
Publisher
Massachusetts Institute of Technology
Keywords
Mechanical Engineering.
Collections