Dai, Zhihao, He, Ligang, Yang, Shuang-Hua and Leeke, Matthew (2023) Revealing ongoing sensor attacks in industrial control system via setpoint modification. In: 2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), Abu Dhabi, United Arab Emirates, 14-17 Nov 2023 pp. 191-199. ISBN 9798350304602. doi:10.1109/DASC/PiCom/CBDCom/Cy59711.2023.10361334 ISSN 2837-0740.
Preview |
PDF
WRAP-revealing-ongoing-sensor-attacks-industrial-control-system-via-setpoint-modification-2024.pdf - Accepted Version - Requires a PDF viewer. Download (1MB) | Preview |
Abstract
A variety of Intrusion Detection Systems (IDSs) for Industrial Control Systems have been proposed to detect attacks and alert operators. Passive and active detection schemes are characterised by whether or not they interact with the process under control, though both categories of approach have limitations relating to either known correlations in the process data or the use of explicit system modelling. We propose setpoint modification as a strategy to address those limitations. The approach superimposes Gaussian noises on setpoint values, which aids in revealing latent correlations between setpoints and measurements, thereby allowing machine learning-based IDSs to learn them during training and verify during inference. We show that by applying the approach to a linear system with PID control, statistical tests can be configured such that the distortion power of sensor attacks is nullified. Building on this foundation, we further adapt passive IDSs for active discovery of sensor attacks in a process-agnostic fashion. The proposed strategy is evaluated using a nonlinear and simulated industrial benchmark, affirming that the approach enhances intrusion detection performance when the specific sensor under consideration is targeted whilst incurring marginal cost. Finally, we explore changing setpoints concurrently when the attacker could manipulate an arbitrary sensor, which also boosts detection performance and motivates the exploration of setpoint selection.
| Item Type: | Conference Item (Paper) |
|---|---|
| Subjects: | Q Science > Q Science (General) Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software T Technology > TK Electrical engineering. Electronics Nuclear engineering T Technology > TS Manufactures |
| Divisions: | Faculty of Science, Engineering and Medicine > Science > Computer Science |
| Library of Congress Subject Headings (LCSH): | Process control -- Security measures , Computer networks -- Security measures , Computer security , Intrusion detection systems (Computer security), Supervised learning (Machine learning) |
| Publisher: | IEEE |
| ISBN: | 9798350304602 |
| ISSN: | 2837-0740 |
| Book Title: | 2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech) |
| Official Date: | 25 December 2023 |
| Dates: | Date Event 25 December 2023 Published 14 November 2023 Accepted |
| Page Range: | pp. 191-199 |
| DOI: | 10.1109/DASC/PiCom/CBDCom/Cy59711.2023.10361334 |
| Status: | Peer Reviewed |
| Publication Status: | Published |
| Re-use Statement: | © 2024 Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. |
| Access rights to Published version: | Restricted or Subscription Access |
| Date of first compliant deposit: | 16 February 2024 |
| Date of first compliant Open Access: | 16 February 2024 |
| RIOXX Funder/Project Grant: | Project/Grant ID RIOXX Funder Name Funder ID |
| Conference Paper Type: | Paper |
| Title of Event: | 2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech) |
| Type of Event: | Conference |
| Location of Event: | Abu Dhabi, United Arab Emirates |
| Date(s) of Event: | 14-17 Nov 2023 |
| URI: | https://wrap.warwick.ac.uk/183441/ |
Request changes or add full text files to a record
Repository staff actions (login required)
 |
View Item |