Caezarina Marie Calimbahin, S. Pancho-Festin, J. Pedrasa
{"title":"楼宇自动化系统中基于域的攻击模型","authors":"Caezarina Marie Calimbahin, S. Pancho-Festin, J. Pedrasa","doi":"10.1109/ETFA.2019.8869477","DOIUrl":null,"url":null,"abstract":"Ensuring data integrity is one of the critical needs in cyber-physical systems (CPS). An integrity breach in a CPS can drive the underlying controlled physical process into undesired operating conditions. To evaluate CPS security against malicious entities, attacker models are often employed. In this work, our objective is to incorporate domain-knowledge in modeling attacks in building automation systems (BAS). Specifically, we modify the general sensor integrity attack model based on targeted attacks. We use the model to formulate different attacker types, including a powerful attacker who becomes stealthier as the number of captured node increases. We simulate the attacks by injecting corruption on real-world data obtained from a retrofitted BAS testbed for air conditioning (AC) control. Results show that the vulnerabilities of an underlying system can be explored by leveraging on domain-based attack testing.","PeriodicalId":6682,"journal":{"name":"2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)","volume":"370 1","pages":"1752-1758"},"PeriodicalIF":0.0000,"publicationDate":"2019-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Domain-based Attack Models in Building Automation Systems\",\"authors\":\"Caezarina Marie Calimbahin, S. Pancho-Festin, J. Pedrasa\",\"doi\":\"10.1109/ETFA.2019.8869477\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Ensuring data integrity is one of the critical needs in cyber-physical systems (CPS). An integrity breach in a CPS can drive the underlying controlled physical process into undesired operating conditions. To evaluate CPS security against malicious entities, attacker models are often employed. In this work, our objective is to incorporate domain-knowledge in modeling attacks in building automation systems (BAS). Specifically, we modify the general sensor integrity attack model based on targeted attacks. We use the model to formulate different attacker types, including a powerful attacker who becomes stealthier as the number of captured node increases. We simulate the attacks by injecting corruption on real-world data obtained from a retrofitted BAS testbed for air conditioning (AC) control. Results show that the vulnerabilities of an underlying system can be explored by leveraging on domain-based attack testing.\",\"PeriodicalId\":6682,\"journal\":{\"name\":\"2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)\",\"volume\":\"370 1\",\"pages\":\"1752-1758\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ETFA.2019.8869477\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ETFA.2019.8869477","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Domain-based Attack Models in Building Automation Systems
Ensuring data integrity is one of the critical needs in cyber-physical systems (CPS). An integrity breach in a CPS can drive the underlying controlled physical process into undesired operating conditions. To evaluate CPS security against malicious entities, attacker models are often employed. In this work, our objective is to incorporate domain-knowledge in modeling attacks in building automation systems (BAS). Specifically, we modify the general sensor integrity attack model based on targeted attacks. We use the model to formulate different attacker types, including a powerful attacker who becomes stealthier as the number of captured node increases. We simulate the attacks by injecting corruption on real-world data obtained from a retrofitted BAS testbed for air conditioning (AC) control. Results show that the vulnerabilities of an underlying system can be explored by leveraging on domain-based attack testing.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
