A technique to detect and mitigate false data injection attacks in Cyber–Physical Systems

IF 5.4 2区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Computers & Security Pub Date : 2025-03-01 Epub Date: 2024-12-07 DOI:10.1016/j.cose.2024.104253
Sushree Padhan, Ashok Kumar Turuk
{"title":"A technique to detect and mitigate false data injection attacks in Cyber–Physical Systems","authors":"Sushree Padhan,&nbsp;Ashok Kumar Turuk","doi":"10.1016/j.cose.2024.104253","DOIUrl":null,"url":null,"abstract":"<div><div>The advancement in communication, computation, and control technology has led to the integration of the cyber-world and physical-world. This has also increased the incidence of malicious attacks in Cyber–Physical Systems (CPSs), of which false data injection (FDI) attacks are critical. FDI attacks can simultaneously modify the cyber-data and physical data in CPSs. An attacker can guess the system parameters and disrupt the system’s operation by designing stealthy attack sequences. There must be more than a detection scheme to defend against FDI attacks. Therefore, a combined detection and mitigation mechanism is required to secure the CPSs against FDI attacks. This paper discusses a technique for detecting and mitigating FDI attacks where the physical system, sensor measurements, and actuator inputs are compromised simultaneously. We use a watermarking scheme for attack detection, and we use the control input synthesis and operating region concept for attack mitigation. The defender can detect the attacks and reduce the attacker’s effectiveness. A numerical example from a trajectory tracking control system is taken to evaluate the efficacy of the proposed security scheme.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"150 ","pages":"Article 104253"},"PeriodicalIF":5.4000,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824005595","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2024/12/7 0:00:00","PubModel":"Epub","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

The advancement in communication, computation, and control technology has led to the integration of the cyber-world and physical-world. This has also increased the incidence of malicious attacks in Cyber–Physical Systems (CPSs), of which false data injection (FDI) attacks are critical. FDI attacks can simultaneously modify the cyber-data and physical data in CPSs. An attacker can guess the system parameters and disrupt the system’s operation by designing stealthy attack sequences. There must be more than a detection scheme to defend against FDI attacks. Therefore, a combined detection and mitigation mechanism is required to secure the CPSs against FDI attacks. This paper discusses a technique for detecting and mitigating FDI attacks where the physical system, sensor measurements, and actuator inputs are compromised simultaneously. We use a watermarking scheme for attack detection, and we use the control input synthesis and operating region concept for attack mitigation. The defender can detect the attacks and reduce the attacker’s effectiveness. A numerical example from a trajectory tracking control system is taken to evaluate the efficacy of the proposed security scheme.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
一种检测和减轻网络物理系统中虚假数据注入攻击的技术
通信、计算和控制技术的进步导致了网络世界和物理世界的融合。这也增加了网络物理系统(cps)中恶意攻击的发生率,其中虚假数据注入(FDI)攻击至关重要。FDI攻击可以同时修改cps中的网络数据和物理数据。攻击者可以通过设计隐蔽的攻击序列来猜测系统参数并破坏系统的运行。要防范外国直接投资的攻击,必须有不止一个检测方案。因此,需要一种结合检测和缓解机制来保护cps免受FDI攻击。本文讨论了一种检测和减轻物理系统、传感器测量和执行器输入同时受到损害的FDI攻击的技术。我们使用水印方案进行攻击检测,并使用控制输入综合和操作区域概念进行攻击缓解。防御者可以检测攻击,降低攻击者的有效性。以一个轨迹跟踪控制系统为例,对所提出的安全方案的有效性进行了评价。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Computers & Security
Computers & Security 工程技术-计算机:信息系统
CiteScore
12.40
自引率
7.10%
发文量
365
审稿时长
10.7 months
期刊介绍: Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
期刊最新文献
RanDS: A large-Scale open dataset of raw binaries and extracted features for ransomware research Unifying mixed boolean-arithmetic obfuscation by architectural and anti-generalization hardening Bridging industrial control systems design and testing through threat modeling-driven penetration testing - a microgrid case study The FABRICS framework: A Bayesian approach to financial quantification of cyber risk Reliable location selection and hierarchical interleaved bloom filter based iris template protection
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1