(2019) Zero Residual Attacks on Industrial Control Systems and Stateful Countermeasures.
|
Text
ghaeini19zera.pdf Download (1MB) | Preview |
Abstract
In this paper, we discuss the practical implementation of stealthy attacks on industrial control systems. We start by reviewing the attacks proposed in prior works. Then, we offer Zero-Residual Attacks (ZeRA), which allow the attacker to launch stealthy attacks leveraging estimation of the stateful anomaly detector and matching of residuals as a fraction of actual estimation residual. To perform the zero residual attack, the attacker will require the use of two state estimators each for the physical system state and the detector system state, adding complexity that was so far not discussed. We implement ZeRA and demonstrate its efficacy. Then, we propose to use a Stateful Detector (SD) to precisely detect such stealthy attacks. We design and implement the SD detector. The obtained results from the performance evaluation demonstrate that we can detect stealthy attacks such as the ZeRA, with precision above 99%, sensitivity above 99%, and Matthews correlation coefficient above 0.98.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Divisions: | Nils Ole Tippenhauer (SCy-Phy) |
| Conference: | ARES International Conference on Availability, Reliability and Security |
| Depositing User: | Nils Ole Tippenhauer |
| Date Deposited: | 10 Mar 2020 16:32 |
| Last Modified: | 15 Oct 2022 14:31 |
| Primary Research Area: | NRA3: Threat Detection and Defenses |
| URI: | https://publications.cispa.saarland/id/eprint/3040 |
Actions
Actions (login required)
 |
View Item |