Baiting for defense against stealthy attacks on cyber-physical systems

• Main Author: Flamholz, David B.
• Other Authors: Anuradha M. Annaswamy.
• Format: Others
• Language: English
• Published: Massachusetts Institute of Technology 2019
• Subjects: Mechanical Engineering.
• Online Access: https://hdl.handle.net/1721.1/121858

Thesis: S.M., Massachusetts Institute of Technology, Department of Mechanical Engineering, 2019 === Cataloged from PDF version of thesis. === Includes bibliographical references (pages 63-64). === The goal of this thesis is to develop a defense methodology for a cyber-physical system (CPS) by which an attempted stealthy cyber-attack is detected in near real time. Improvements in networked communication have enabled vast and complex dynamic control systems to exploit networked control schemes to seamlessly integrate parts and processes. These cyber-physical systems exhibit a level of flexibility that was previously unavailable but also introduce communication channels that are vulnerable to outside interference and malicious intervention. This thesis considers the effects of a type of stealthy attack on a class of CPS that can be modeled as linear time-invariant systems. The effects of this attack are studied from both the perspective of the attacker as well as the defender. A previously developed method for conducting stealthy attacks is introduced and analyzed. === This method consists of injecting malicious actuation signals into the control input of a CPS and then designing a sensor attack to conceal the effect of the actuator attack. The result is an attack that cannot be detected upon inspection of the Kalman filter residual. Successful implementation of this attack is shown to require the attacker to attain perfect model knowledge in order for the attack to be stealthy. Based on the execution of past attacks on CPS, this thesis proposes an attacker who starts their attack by "fishing" for critical and confidential system information such as the model parameters. A method is then proposed in which the defender attempts to feed the attacker a slightly falsified model, baiting the fishing attacker with data that will make an attack detectable. Because the attacker's model is no longer correct, their attack design will induce a mean-shift in the Kalman filter residual, breaking the stealthiness of the original attack formula. === It is then shown that the defender can not only detect this faulty attack, but use observations of the Kalman filter residual to regain more accurate state estimates, mitigating the effect of the attack. === by David B. Flamholz. === S.M. === S.M. Massachusetts Institute of Technology, Department of Mechanical Engineering