Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Limiting the impact of stealthy attacks on Industrial Control Systems
Show others and affiliations
2016 (English)In: CCS '16 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, ACM Digital Library, 2016, p. 1092-1105Conference paper, Published paper (Refereed)
Abstract [en]

While attacks on information systems have for most practical purposes binary outcomes (information was manipulated/eavesdropped, or not), attacks manipulating the sensor or control signals of Industrial Control Systems (ICS) can be tuned by the attacker to cause a continuous spectrum in damages. Attackers that want to remain undetected can attempt to hide their manipulation of the system by following closely the expected behavior of the system, while injecting just enough false information at each time step to achieve their goals. In this work, we study if physics-based attack detection can limit the impact of such stealthy attacks. We start with a comprehensive review of related work on attack detection schemes in the security and control systems community. We then show that many of these works use detection schemes that are not limiting the impact of stealthy attacks. We propose a new metric to measure the impact of stealthy attacks and how they relate to our selection on an upper bound on false alarms. We finally show that the impact of such attacks can be mitigated in several cases by the proper combination and configuration of detection schemes. We demonstrate the effectiveness of our algorithms through simulations and experiments using real ICS testbeds and real ICS systems.

Place, publisher, year, edition, pages
ACM Digital Library, 2016. p. 1092-1105
Series
Proceedings of the ACM Conference on Computer and Communications Security, ISSN 1543-7221 ; 24
Keywords [en]
Cyber-physical systems, Industrial Control Systems, Intrusion detection, Physics-based detection, Security metrics, Stealthy attacks, Control systems, Embedded systems, Cyber physical systems (CPSs), Physics-based, Intelligent control
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:kth:diva-202289DOI: 10.1145/2976749.2978388Scopus ID: 2-s2.0-84995482299ISBN: 9781450341394 (print)OAI: oai:DiVA.org:kth-202289DiVA, id: diva2:1075748
Conference
23rd ACM Conference on Computer and Communications Security, CCS 2016, Vienna, Austria, 24 October 2016 through 28 October 2016
Projects
CERCES
Note

 QC 20170221

Available from: 2017-02-21 Created: 2017-02-21 Last updated: 2017-10-12Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records BETA

Sandberg, Henrik

Search in DiVA

By author/editor
Sandberg, Henrik
By organisation
Automatic Control
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 1279 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf