Zero Residual Attacks on Industrial Control Systems and Stateful Countermeasures

Ghaeini, Hamid Reza and Tippenhauer, Nils Ole and Zhou, Jianying
(2019) Zero Residual Attacks on Industrial Control Systems and Stateful Countermeasures.
In: International Conference on Availability, Reliability and Security (ARES).
Conference: None | Not Set

Full text not available from this repository.
Official URL: https://dl.acm.org/doi/10.1145/3339252.3340331

Abstract

In this paper, we discuss the practical implementation of stealthy attacks on industrial control systems. We start by reviewing the attacks proposed in prior works. Then, we offer Zero-Residual Attacks (ZeRA), which allow the attacker to launch stealthy attacks leveraging estimation of the stateful anomaly detector and matching of residuals as a fraction of actual estimation residual. To perform the zero residual attack, the attacker will require the use of two state estimators each for the physical system state and the detector system state, adding complexity that was so far not discussed. We implement ZeRA and demonstrate its efficacy. Then, we propose to use a Stateful Detector (SD) to precisely detect such stealthy attacks. We design and implement the SD detector. The obtained results from the performance evaluation demonstrate that we can detect stealthy attacks such as the ZeRA, with precision above 99%, sensitivity above 99%, and Matthews correlation coefficient above 0.98.

Actions

Actions (login required)

View Item View Item