Correlation-Based Deception Attack Detection for Cyber–Physical Control Systems With Multiple-Security Level Transmission Channels

IF 9.9 1区计算机科学 Q1 AUTOMATION & CONTROL SYSTEMS IEEE Transactions on Industrial Informatics Pub Date : 2025-01-13 DOI:10.1109/TII.2024.3523547

Xixing Xue;Junhong Wang;Yang Shi;Xiang Yu;Dong Zhao

{"title":"Correlation-Based Deception Attack Detection for Cyber–Physical Control Systems With Multiple-Security Level Transmission Channels","authors":"Xixing Xue;Junhong Wang;Yang Shi;Xiang Yu;Dong Zhao","doi":"10.1109/TII.2024.3523547","DOIUrl":null,"url":null,"abstract":"In this article, the deception attack detection problem is studied in scenarios involving multisecurity level transmission channels. Powerful attackers can construct stealthy deception attacks by exploiting data from reliable and unreliable channels. From the perspective of data correlation, we develop three detection schemes with different resource consumption. First, a fully security channel is utilized to establish innovation-based time-varying data correlation, which triggers residual covariance variation under attacks. Second, a noise-encryption mechanism is introduced without requiring the fully security channel. For the initial two methods, we propose a targeted optimization method to improve the detection performance by exploiting the quantified residual covariance variation. Third, we propose a time-shift coding method from the perspective of dynamic system stability, which is rigorously proved to be sensitive to attack behavior. For these proposed methods, we quantify the residual covariance variation induced by attacks and achieve detection by the <inline-formula><tex-math>$\\chi ^{2}$</tex-math></inline-formula> test and generalized likelihood ratio test. Finally, the efficiency and reliability of these detection schemes are validated by examples.","PeriodicalId":13301,"journal":{"name":"IEEE Transactions on Industrial Informatics","volume":"21 4","pages":"3087-3096"},"PeriodicalIF":9.9000,"publicationDate":"2025-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Industrial Informatics","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10839231/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"AUTOMATION & CONTROL SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

In this article, the deception attack detection problem is studied in scenarios involving multisecurity level transmission channels. Powerful attackers can construct stealthy deception attacks by exploiting data from reliable and unreliable channels. From the perspective of data correlation, we develop three detection schemes with different resource consumption. First, a fully security channel is utilized to establish innovation-based time-varying data correlation, which triggers residual covariance variation under attacks. Second, a noise-encryption mechanism is introduced without requiring the fully security channel. For the initial two methods, we propose a targeted optimization method to improve the detection performance by exploiting the quantified residual covariance variation. Third, we propose a time-shift coding method from the perspective of dynamic system stability, which is rigorously proved to be sensitive to attack behavior. For these proposed methods, we quantify the residual covariance variation induced by attacks and achieve detection by the

$\chi ^{2}$

test and generalized likelihood ratio test. Finally, the efficiency and reliability of these detection schemes are validated by examples.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于关联的多安全级传输通道网络物理控制系统欺骗攻击检测

本文研究了多安全级传输通道场景下的欺骗攻击检测问题。强大的攻击者可以通过利用可靠和不可靠通道中的数据来构建隐蔽的欺骗攻击。从数据相关性的角度出发，我们开发了三种不同资源消耗的检测方案。首先，利用全安全通道建立基于创新的时变数据相关性，在攻击下触发残差协方差变异；其次，在不需要完全安全通道的情况下引入了噪声加密机制。对于前两种方法，我们提出了一种针对性的优化方法，利用量化的残差协方差变化来提高检测性能。第三，我们从系统动态稳定性的角度提出了一种时移编码方法，并严格证明了该方法对攻击行为的敏感性。对于这些方法，我们量化了攻击引起的残差协方差变化，并通过$\chi ^{2}$检验和广义似然比检验实现了检测。最后，通过实例验证了这些检测方案的有效性和可靠性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Transactions on Industrial Informatics 工程技术-工程：工业

CiteScore

24.10

自引率

8.90%

发文量

1202

审稿时长

5.1 months

期刊介绍： The IEEE Transactions on Industrial Informatics is a multidisciplinary journal dedicated to publishing technical papers that connect theory with practical applications of informatics in industrial settings. It focuses on the utilization of information in intelligent, distributed, and agile industrial automation and control systems. The scope includes topics such as knowledge-based and AI-enhanced automation, intelligent computer control systems, flexible and collaborative manufacturing, industrial informatics in software-defined vehicles and robotics, computer vision, industrial cyber-physical and industrial IoT systems, real-time and networked embedded systems, security in industrial processes, industrial communications, systems interoperability, and human-machine interaction.