Relevant bibliographies by topics / Stealthy attacks on ICS / Journal articles

Journal articles on the topic 'Stealthy attacks on ICS'

To see the other types of publications on this topic, follow the link: Stealthy attacks on ICS.
Author: Grafiati
Published: 10 December 2022
Last updated: 28 January 2023

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Stealthy attacks on ICS.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Mokhtari, Sohrab, Alireza Abbaspour, Kang K. Yen, and Arman Sargolzaei. "A Machine Learning Approach for Anomaly Detection in Industrial Control Systems Based on Measurement Data." Electronics 10, no. 4 (February 8, 2021): 407. http://dx.doi.org/10.3390/electronics10040407.

Full text
Abstract:
Attack detection problems in industrial control systems (ICSs) are commonly known as a network traffic monitoring scheme for detecting abnormal activities. However, a network-based intrusion detection system can be deceived by attackers that imitate the system’s normal activity. In this work, we proposed a novel solution to this problem based on measurement data in the supervisory control and data acquisition (SCADA) system. The proposed approach is called measurement intrusion detection system (MIDS), which enables the system to detect any abnormal activity in the system even if the attacker tries to conceal it in the system’s control layer. A supervised machine learning model is generated to classify normal and abnormal activities in an ICS to evaluate the MIDS performance. A hardware-in-the-loop (HIL) testbed is developed to simulate the power generation units and exploit the attack dataset. In the proposed approach, we applied several machine learning models on the dataset, which show remarkable performances in detecting the dataset’s anomalies, especially stealthy attacks. The results show that the random forest is performing better than other classifier algorithms in detecting anomalies based on measured data in the testbed.
APA, Harvard, Vancouver, ISO, and other styles
2

Zhao, Xiaosong, Lei Zhang, Yixin Cao, Kai Jin, and Yupeng Hou. "Anomaly Detection Approach in Industrial Control Systems Based on Measurement Data." Information 13, no. 10 (September 25, 2022): 450. http://dx.doi.org/10.3390/info13100450.

Full text
Abstract:
Anomaly detection problems in industrial control systems (ICSs) are always tackled by a network traffic monitoring scheme. However, traffic-based anomaly detection systems may be deceived by anomalous behaviors that mimic normal system activities and fail to achieve effective anomaly detection. In this work, we propose a novel solution to this problem based on measurement data. The proposed method combines a one-dimensional convolutional neural network (1DCNN) and a bidirectional long short-term memory network (BiLSTM) and uses particle swarm optimization (PSO), which is called PSO-1DCNN-BiLSTM. It enables the system to detect any abnormal activity in the system, even if the attacker tries to conceal it in the system’s control layer. A supervised deep learning model was generated to classify normal and abnormal activities in an ICS to evaluate the method’s performance. This model was trained and validated against the open-source simulated power system dataset from Mississippi State University. In the proposed approach, we applied several deep-learning models to the dataset, which showed remarkable performance in detecting the dataset’s anomalies, especially stealthy attacks. The results show that PSO-1DCNN-BiLSTM performed better than other classifier algorithms in detecting anomalies based on measured data.
APA, Harvard, Vancouver, ISO, and other styles
3

Puzankov, Sergey. "Stealthy SS7 Attacks." Journal of ICT Standardization 5, no. 1 (2017): 39–52. http://dx.doi.org/10.13052/jicts2245-800x.512.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Na, Gyujin, Hanbit Lee, and Yongsoon Eun. "A Multiplicative Coordinated Stealthy Attack for Nonlinear Cyber-Physical Systems with Homogeneous Property." Mathematical Problems in Engineering 2019 (August 29, 2019): 1–13. http://dx.doi.org/10.1155/2019/7280474.

Full text
Abstract:
Stealthy attacks to cyber-physical systems (CPS) refer to the ones that avoid attack detection mechanisms augmented to the systems typically in the form of anomaly detectors. Various types of stealthy attacks have been reported in the literature. Among the attacks with stealthy property, a recently reported multiplicative coordinated attack is particularly dangerous in that it corrupts sensor and actuator data in a coordinated manner, and it does not require precise system knowledge in order to be stealthy. It must be noted that most of these attacks are applicable to CPS, the physical counterparts of which are of linear dynamics. This could be a limitation since most of the physical dynamic systems that are encountered from CPS perspective are of nonlinear nature. In this work, we present a version of multiplicative coordinated stealthy attack for a class of CPS, the physical counterpart of which possesses nonlinear dynamics. Specifically, for the physical systems with homogeneous property, the attack is constructed and the effect is analyzed. Various simulations are carried out to illustrate the effect of the attack.
APA, Harvard, Vancouver, ISO, and other styles
5

SHINOHARA, Takumi, and Toru NAMERIKAWA. "Perfect Stealthy Attacks in Cyber-physical Systems." Transactions of the Society of Instrument and Control Engineers 54, no. 3 (2018): 309–19. http://dx.doi.org/10.9746/sicetr.54.309.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Degue, Kwassi Holali, Jerome Le Ny, and Denis Efimov. "Stealthy attacks and attack-resilient interval observers." Automatica 146 (December 2022): 110558. http://dx.doi.org/10.1016/j.automatica.2022.110558.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Wang, Zhenqian, and Yongqiang Wang. "Pulse-Coupled Oscillators Resilient to Stealthy Attacks." IEEE Transactions on Signal Processing 66, no. 12 (June 1, 2018): 3086–99. http://dx.doi.org/10.1109/tsp.2018.2824285.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Li, Xuerong, Ping Zhang, and Hongli Dong. "Robust Stealthy Covert Attacks on Cyber-Physical Systems." IFAC-PapersOnLine 55, no. 6 (2022): 520–25. http://dx.doi.org/10.1016/j.ifacol.2022.07.181.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Rubinstein, Benjamin I. P., Blaine Nelson, Ling Huang, Anthony D. Joseph, Shing-hon Lau, Satish Rao, Nina Taft, and J. D. Tygar. "Stealthy poisoning attacks on PCA-based anomaly detectors." ACM SIGMETRICS Performance Evaluation Review 37, no. 2 (October 16, 2009): 73–74. http://dx.doi.org/10.1145/1639562.1639592.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Dash, Pritam, Mehdi Karimibiuki, and Karthik Pattabiraman. "Stealthy Attacks against Robotic Vehicles Protected by Control-based Intrusion Detection Techniques." Digital Threats: Research and Practice 2, no. 1 (March 2021): 1–25. http://dx.doi.org/10.1145/3419474.

Full text
Abstract:
Robotic vehicles (RV) are increasing in adoption in many industrial sectors. RVs use auto-pilot software for perception and navigation and rely on sensors and actuators for operating autonomously in the physical world. Control algorithms have been used in RVs to minimize the effects of noisy sensors, prevent faulty actuator output, and, recently, to detect attacks against RVs. In this article, we demonstrate the vulnerabilities in control-based intrusion detection techniques and propose three kinds of stealthy attacks that evade detection and disrupt RV missions. We also propose automated algorithms for performing the attacks without requiring the attacker to expend significant effort or to know specific details of the RV, thus making the attacks applicable to a wide range of RVs. We demonstrate the attacks on eight RV systems including three real vehicles in the presence of an Intrusion Detection System using control-based techniques to monitor RV’s runtime behavior and detect attacks. We find that the control-based techniques are incapable of detecting our stealthy attacks and that the attacks can have significant adverse impact on the RV’s mission (e.g., deviate it significantly from its target, or cause it to crash).
APA, Harvard, Vancouver, ISO, and other styles
11

Keliris, Anastasis, and Michail Maniatakos. "Demystifying Advanced Persistent Threats for Industrial Control Systems." Mechanical Engineering 139, no. 03 (March 1, 2017): S13—S17. http://dx.doi.org/10.1115/1.2017-mar-6.

Full text
Abstract:
This article discusses a comprehensive methodology for designing an Advanced Persistent Threat (APT), which is a stealthy and continuous type of cyberattack with a high level of sophistication suitable for the complex environment of Industrial Control Systems (ICS). The article also explains defensive strategies that can assist in thwarting cyberattacks. The APT design process begins with Reconnaissance, which is continuously undertaken throughout the lifetime of a cyberattack campaign. With regard to securing the network infrastructure of an ICS, best practices for network security should be enforced. These could include the use of firewalls, Intrusion Detection or Prevention Systems (IDS/IPS), and network separation between corporate and field networks. A new field of research for securing ICS relates to process-aware defense mechanisms. These mechanisms analyze information directly from the field and try to detect anomalies specific to the physical characteristics of an ICS process.
APA, Harvard, Vancouver, ISO, and other styles
12

Wang, Mufeng, Yangyang Geng, Jingpei Wang, Ke Liu, Xin Che, and Qiang Wei. "H∞ Control for ICPS with Hybrid-Triggered Mechanism Encountering Stealthy DoS Jamming Attacks." Actuators 11, no. 7 (July 16, 2022): 193. http://dx.doi.org/10.3390/act11070193.

Full text
Abstract:
In recent years, with the upgrading of the attack technology, stealthy DoS jamming attacks have become the primary factor to threaten the security of Industrial Cyber-Physical Systems (ICPS). Considering the complex industrial scenarios of ICPS, which are influenced by a variety of external and internal interference, a H∞ controller designing problem is studied in this paper for an ICPS which deploys a hybrid-triggered mechanism (HTM) in the wireless channel encountering stealthy DoS jamming attacks. By employing a compensation mechanism which is employed in the controller to mitigate the impacts of attacks, external disturbance, limited channel capacity, wireless channel noise, we establish a closed-loop system and prove the closed-loop system is mean square exponentially stable and can achieve the desired H∞ disturbance rejection level theoretically. Finally, simulation examples are used to demonstrate effectiveness of the proposed H∞ controller.
APA, Harvard, Vancouver, ISO, and other styles
13

Li, Weize, Lun Xie, and Zhiliang Wang. "A Novel Covert Agent for Stealthy Attacks on Industrial Control Systems Using Least Squares Support Vector Regression." Journal of Electrical and Computer Engineering 2018 (2018): 1–14. http://dx.doi.org/10.1155/2018/7204939.

Full text
Abstract:
Research on stealthiness has become an important topic in the field of data integrity (DI) attacks. To construct stealthy DI attacks, a common assumption in most related studies is that attackers have prior model knowledge of physical systems. In this paper, such assumption is relaxed and a covert agent is proposed based on the least squares support vector regression (LSSVR). By estimating a plant model from control and sensory data, the LSSVR-based covert agent can closely imitate the behavior of the physical plant. Then, the covert agent is used to construct a covert loop, which can keep the controller’s input and output both stealthy over a finite time window. Experiments have been carried out to show the effectiveness of the proposed method.
APA, Harvard, Vancouver, ISO, and other styles
14

Duan, Qi, Ehab Al-Shaer, Samrat Chatterjee, Mahantesh Halappanavar, and Christopher Oehmen. "Proactive routing mutation against stealthy Distributed Denial of Service attacks: metrics, modeling, and analysis." Journal of Defense Modeling and Simulation: Applications, Methodology, Technology 15, no. 2 (October 13, 2017): 219–30. http://dx.doi.org/10.1177/1548512917731002.

Full text
Abstract:
Infrastructure Distributed Denial of Service (IDDoS) attacks continue to be one of the most devastating challenges facing cyber systems. The new generation of IDDoS attacks exploits the inherent weakness of cyber infrastructure, including the deterministic nature of routing, skewed distribution of flows, and Internet ossification to discover the network critical links and launch highly stealthy flooding attacks that are not observable at the victim’s end. In this paper, first, we propose a new metric to quantitatively measure the potential susceptibility of any arbitrary target server or domain to stealthy IDDoS attacks, and estimate the impact of such susceptibility on enterprises. Second, we develop proactive route mutation techniques to minimize the susceptibility to these attacks by dynamically changing the flow paths periodically to invalidate the adversary knowledge about the network and avoid targeted critical links. Our proposed approach actively changes these network paths while satisfying security and Quality of Service requirements. We implemented the proactive path mutation technique on a Software Defined Network using the OpenDaylight controller to demonstrate a feasible deployment of this approach. Our evaluation validates the correctness, effectiveness, and scalability of the proposed approaches.
APA, Harvard, Vancouver, ISO, and other styles
15

Bonczek, Paul J., and Nicola Bezzo. "Memoryless Cumulative Sign Detector for Stealthy CPS Sensor Attacks." IFAC-PapersOnLine 53, no. 2 (2020): 838–44. http://dx.doi.org/10.1016/j.ifacol.2020.12.840.

Full text
APA, Harvard, Vancouver, ISO, and other styles
16

Sun, Jianwen, Tianwei Zhang, Xiaofei Xie, Lei Ma, Yan Zheng, Kangjie Chen, and Yang Liu. "Stealthy and Efficient Adversarial Attacks against Deep Reinforcement Learning." Proceedings of the AAAI Conference on Artificial Intelligence 34, no. 04 (April 3, 2020): 5883–91. http://dx.doi.org/10.1609/aaai.v34i04.6047.

Full text
Abstract:
Adversarial attacks against conventional Deep Learning (DL) systems and algorithms have been widely studied, and various defenses were proposed. However, the possibility and feasibility of such attacks against Deep Reinforcement Learning (DRL) are less explored. As DRL has achieved great success in various complex tasks, designing effective adversarial attacks is an indispensable prerequisite towards building robust DRL algorithms. In this paper, we introduce two novel adversarial attack techniques to stealthily and efficiently attack the DRL agents. These two techniques enable an adversary to inject adversarial samples in a minimal set of critical moments while causing the most severe damage to the agent. The first technique is the critical point attack: the adversary builds a model to predict the future environmental states and agent's actions, assesses the damage of each possible attack strategy, and selects the optimal one. The second technique is the antagonist attack: the adversary automatically learns a domain-agnostic model to discover the critical moments of attacking the agent in an episode. Experimental results demonstrate the effectiveness of our techniques. Specifically, to successfully attack the DRL agent, our critical point technique only requires 1 (TORCS) or 2 (Atari Pong and Breakout) steps, and the antagonist technique needs fewer than 5 steps (4 Mujoco tasks), which are significant improvements over state-of-the-art methods.
APA, Harvard, Vancouver, ISO, and other styles
17

Iori, Yugo, and Hideaki Ishii. "Resilient Synchronization of Pulse-Coupled Oscillators under Stealthy Attacks." IFAC-PapersOnLine 54, no. 14 (2021): 424–29. http://dx.doi.org/10.1016/j.ifacol.2021.10.391.

Full text
APA, Harvard, Vancouver, ISO, and other styles
18

Constante-Flores, Gonzalo E., Antonio J. Conejo, and Jiankang Wang. "Stealthy monitoring-control attacks to disrupt power system operations." Electric Power Systems Research 203 (February 2022): 107636. http://dx.doi.org/10.1016/j.epsr.2021.107636.

Full text
APA, Harvard, Vancouver, ISO, and other styles
19

Sui, Tianju, and Xi-Ming Sun. "The vulnerability of distributed state estimator under stealthy attacks." Automatica 133 (November 2021): 109869. http://dx.doi.org/10.1016/j.automatica.2021.109869.

Full text
APA, Harvard, Vancouver, ISO, and other styles
20

Newman, Sean. "Under the radar: the danger of stealthy DDoS attacks." Network Security 2019, no. 2 (February 2019): 18–19. http://dx.doi.org/10.1016/s1353-4858(19)30025-x.

Full text
APA, Harvard, Vancouver, ISO, and other styles
21

Sood, Aditya K., Sherali Zeadally, and Rohit Bansal. "Exploiting Trust: Stealthy Attacks Through Socioware and Insider Threats." IEEE Systems Journal 11, no. 2 (June 2017): 415–26. http://dx.doi.org/10.1109/jsyst.2015.2388707.

Full text
APA, Harvard, Vancouver, ISO, and other styles
22

Yu, Wenbin, Yiyin Wang, and Lei Song. "A Two Stage Intrusion Detection System for Industrial Control Networks Based on Ethernet/IP." Electronics 8, no. 12 (December 15, 2019): 1545. http://dx.doi.org/10.3390/electronics8121545.

Full text
Abstract:
Standard Ethernet (IEEE 802.3 and the TCP/IP protocol suite) is gradually applied in industrial control system (ICS) with the development of information technology. It breaks the natural isolation of ICS, but contains no security mechanisms. An improved intrusion detection system (IDS), which is strongly correlated to specific industrial scenarios, is necessary for modern ICS. On one hand, this paper outlines three kinds of attack models, including infiltration attacks, creative forging attacks, and false data injection attacks. On the other hand, a two stage IDS is proposed, which contains a traffic prediction model and an anomaly detection model. The traffic prediction model, which is based on the autoregressive integrated moving average (ARIMA), can forecast the traffic of the ICS network in the short term and detect infiltration attacks precisely according to the abnormal changes in traffic patterns. Furthermore, the anomaly detection model, using a one class support vector machine (OCSVM), is able to detect malicious control instructions by analyzing the key field in Ethernet/IP packets. The confusion matrix is selected to testify to the effectiveness of the proposed method, and two other innovative IDSs are used for comparison. The experiment results show that the proposed two stage IDS in this paper has an outstanding performance in detecting infiltration attacks, forging attacks, and false data injection attacks compared with other IDSs.
APA, Harvard, Vancouver, ISO, and other styles
23

Zhao, Feng, Li Zhou, Qi Zhong, Rushi Lan, and Leo Yu Zhang. "Natural Backdoor Attacks on Deep Neural Networks via Raindrops." Security and Communication Networks 2022 (March 26, 2022): 1–11. http://dx.doi.org/10.1155/2022/4593002.

Full text
Abstract:
Recently, deep learning has made significant inroads into the Internet of Things due to its great potential for processing big data. Backdoor attacks, which try to influence model prediction on specific inputs, have become a serious threat to deep neural network models. However, because the poisoned data used to plant a backdoor into the victim model typically follows a fixed specific pattern, most existing backdoor attacks can be readily prevented by common defense. In this paper, we leverage natural behavior and present a stealthy backdoor attack for image classification tasks: the raindrop backdoor attack (RDBA). We use raindrops as the backdoor trigger, and they are naturally merged with clean instances to synthesize poisoned data that are close to their natural counterparts in the rain. The raindrops dispersed over images are more diversified than the triggers in the literature, which are fixed, confined, and unpleasant patterns to the host content, making the triggers more stealthy. Extensive experiments on ImageNet and GTSRB datasets demonstrate the fidelity, effectiveness, stealthiness, and sustainability of RDBA in attacking models with current popular defense mechanisms.
APA, Harvard, Vancouver, ISO, and other styles
24

Tripathi, Nikhil, and Neminath Hubballi. "Application Layer Denial-of-Service Attacks and Defense Mechanisms." ACM Computing Surveys 54, no. 4 (May 2021): 1–33. http://dx.doi.org/10.1145/3448291.

Full text
Abstract:
Application layer Denial-of-Service (DoS) attacks are generated by exploiting vulnerabilities of the protocol implementation or its design. Unlike volumetric DoS attacks, these are stealthy in nature and target a specific application running on the victim. There are several attacks discovered against popular application layer protocols in recent years. In this article, we provide a structured and comprehensive survey of the existing application layer DoS attacks and defense mechanisms. We classify existing attacks and defense mechanisms into different categories, describe their working, and compare them based on relevant parameters. We conclude the article with directions for future research.
APA, Harvard, Vancouver, ISO, and other styles
25

Zhou, Boyang, Chunming Wu, Qiang Yang, Xiang Chen, and Dong Zhang. "A Persistent Route Diversification Mechanism for Defending against Stealthy Crossfire Attack." Security and Communication Networks 2022 (December 31, 2022): 1–20. http://dx.doi.org/10.1155/2022/2566681.

Full text
Abstract:
Computer networks are facing the challenge of stealthy crossfire attacks that flood through persistent routes (PRs) towards their decoys at a low rate for disrupting end-to-end connectivity of the target. At first, the PRs can be stealthily probed at the initial stage of the attack. Later, some undefended and vulnerable PRs can be speculated at the renaissance stage of the attack, which yet remains unconcerned. To achieve an effective defense against the two-stage attacks, this paper investigates a new persistent route diversification defense (PRDD) mechanism to mitigate each identified PR under the attacks. The PRDD effectively stops the flooding on the PRs to mitigate their congestion. Meanwhile, it makes the adversary unable to probe or speculate the PRs under their corresponding attack stages. Thus, it disables every flooding choice for the adversary, avoiding the attacks. The PRDD is designed with scalable algorithmic complexity in computation and overhead. The PRDD is extensively assessed using NS-3 and Mininet, and the results show the following. (a) It is more effective in mitigating more attacked PRs compared with the existing solutions. (b) The defense performance of the PRDD remains highly scalable in computation, while maintaining an acceptable overhead.
APA, Harvard, Vancouver, ISO, and other styles
26

Cheng, Donny, Jun Shang, and Tongwen Chen. "Finite-Horizon Strictly Stealthy Deterministic Attacks on Cyber-Physical Systems." IEEE Control Systems Letters 6 (2022): 1640–45. http://dx.doi.org/10.1109/lcsys.2021.3130077.

Full text
APA, Harvard, Vancouver, ISO, and other styles
27

Zhang, Qi, Carla Seatzu, Zhiwu Li, and Alessandro Giua. "Stealthy Sensor Attacks for Plants Modeled by Labeled Petri Nets." IFAC-PapersOnLine 53, no. 4 (2020): 14–20. http://dx.doi.org/10.1016/j.ifacol.2021.04.048.

Full text
APA, Harvard, Vancouver, ISO, and other styles
28

Huang, Jiahao, Yang Tang, Wen Yang, and Fangfei Li. "Resilient Consensus-Based Distributed Filtering: Convergence Analysis Under Stealthy Attacks." IEEE Transactions on Industrial Informatics 16, no. 7 (July 2020): 4878–88. http://dx.doi.org/10.1109/tii.2019.2960042.

Full text
APA, Harvard, Vancouver, ISO, and other styles
29

Chen, Li Ming, Meng Chang Chen, Wanjiun Liao, and Yeali S. Sun. "A scalable network forensics mechanism for stealthy self-propagating attacks." Computer Communications 36, no. 13 (July 2013): 1471–84. http://dx.doi.org/10.1016/j.comcom.2013.05.005.

Full text
APA, Harvard, Vancouver, ISO, and other styles
30

Zhao, Chengcheng, Jianping He, Peng Cheng, and Jiming Chen. "Analysis of Consensus-Based Distributed Economic Dispatch Under Stealthy Attacks." IEEE Transactions on Industrial Electronics 64, no. 6 (June 2017): 5107–17. http://dx.doi.org/10.1109/tie.2016.2638400.

Full text
APA, Harvard, Vancouver, ISO, and other styles
31

Khalil, Issa, and Saurabh Bagchi. "Stealthy Attacks in Wireless Ad Hoc Networks: Detection and Countermeasure." IEEE Transactions on Mobile Computing 10, no. 8 (August 2011): 1096–112. http://dx.doi.org/10.1109/tmc.2010.249.

Full text
APA, Harvard, Vancouver, ISO, and other styles
32

Dutta, Abhishek, and Cedric Langbort. "Stealthy output injection attacks on control systems with bounded variables." International Journal of Control 90, no. 7 (July 27, 2016): 1389–402. http://dx.doi.org/10.1080/00207179.2016.1207099.

Full text
APA, Harvard, Vancouver, ISO, and other styles
33

Li, Yi-Gang, and Guang-Hong Yang. "Optimal stealthy false data injection attacks in cyber-physical systems." Information Sciences 481 (May 2019): 474–90. http://dx.doi.org/10.1016/j.ins.2019.01.001.

Full text
APA, Harvard, Vancouver, ISO, and other styles
34

Cao, Yixin, Lei Zhang, Xiaosong Zhao, Kai Jin, and Ziyi Chen. "An Intrusion Detection Method for Industrial Control System Based on Machine Learning." Information 13, no. 7 (July 3, 2022): 322. http://dx.doi.org/10.3390/info13070322.

Full text
Abstract:
The integration of communication networks and the internet of industrial control in Industrial Control System (ICS) increases their vulnerability to cyber attacks, causing devastating outcomes. Traditional Intrusion Detection Systems (IDS) largely rely on predefined models and are trained mostly on specific cyber attacks, which means the traditional IDS cannot cope with unknown attacks. Additionally, most IDS do not consider the imbalanced nature of ICS datasets, thus suffering from low accuracy and high False Positive Rates when being put to use. In this paper, we propose the NCO–double-layer DIFF_RF–OPFYTHON intrusion detection method for ICS, which consists of NCO modules, double-layer DIFF_RF modules, and OPFYTHON modules. Detected traffic will be divided into three categories by the double-layer DIFF_RF module: known attacks, unknown attacks, and normal traffic. Then, the known attacks will be classified into specific attacks by the OPFYTHON module according to the feature of attack traffic. Finally, we use the NCO module to improve the model input and enhance the accuracy of the model. The results show that the proposed method outperforms traditional intrusion detection methods, such as XGboost and SVM. The detection of unknown attacks is also considerable. The accuracy of the dataset used in this paper reaches 98.13%. The detection rates for unknown attacks and known attacks reach 98.21% and 95.1%, respectively. Moreover, the method we proposed has achieved suitable results on other public datasets.
APA, Harvard, Vancouver, ISO, and other styles
35

Zhao, Bo, Peng Sun, Tao Wang, and Keyu Jiang. "FedInv: Byzantine-Robust Federated Learning by Inversing Local Model Updates." Proceedings of the AAAI Conference on Artificial Intelligence 36, no. 8 (June 28, 2022): 9171–79. http://dx.doi.org/10.1609/aaai.v36i8.20903.

Full text
Abstract:
Federated learning (FL) is a privacy-preserving distributed machine learning paradigm that enables multiple clients to collaboratively train statistical models without disclosing raw training data. However, the inaccessible local training data and uninspectable local training process make FL susceptible to various Byzantine attacks (e.g., data poisoning and model poisoning attacks), aiming to manipulate the FL model training process and degrade the model performance. Most of the existing Byzantine-robust FL schemes cannot effectively defend against stealthy poisoning attacks that craft poisoned models statistically similar to benign models. Things worsen when many clients are compromised or data among clients are highly non-independent and identically distributed (non-IID). In this work, to address these issues, we propose FedInv, a novel Byzantine-robust FL framework by inversing local model updates. Specifically, in each round of local model aggregation in FedInv, the parameter server first inverses the local model updates submitted by each client to generate a corresponding dummy dataset. Then, the server identifies those dummy datasets with exceptional Wasserstein distances from others and excludes the related local model updates from model aggregation. We conduct an exhaustive experimental evaluation of FedInv. The results demonstrate that FedInv significantly outperforms the existing robust FL schemes in defending against stealthy poisoning attacks under highly non-IID data partitions.
APA, Harvard, Vancouver, ISO, and other styles
36

Emake, Erhovwosere Donald, Ibrahim Adepoju Adeyanju, and Godwin Obruozie Uzedhe. "Industrial Control Systems (ICS): Cyber-attacks & Security Optimization." International Journal of Computer Engineering and Information Technology 12, no. 5 (May 31, 2020): 31–41. http://dx.doi.org/10.47277/ijceit/12(5)1.

Full text
Abstract:
Cyber-security of digital industrial control system in reality is complex and challenging research area, due to various interconnections of electro-mechanical related components driving national critical infrastructures. These networked system components performs monitoring and controlling tasks in several industries and organization through the access of Internet connectivity across the world. More recently, there are myriad of security threats and attacks by malicious elements on ICS which now presents a priority to organizations and researchers for optimal security solutions. Development of the Internet and communication systems has also exacerbated such security concerns. Activities of cyber-attacks malicious elements on ICS may result in serious disaster in industrial environments, human casualties and loss. This paper critically looks at the SCADA/industrial control systems, architecture, cyber-attacks. Other aspect of the paper examines current ICS security technologies including a computational secured algorithm for PLC
APA, Harvard, Vancouver, ISO, and other styles
37

Ziayi, Parimah, Seyed Mostafa Farmanbar, and Mohsen Rezvani. "YAICD: Yet Another IMSI Catcher Detector in GSM." Security and Communication Networks 2021 (January 28, 2021): 1–13. http://dx.doi.org/10.1155/2021/8847803.

Full text
Abstract:
In GSM, the network is not authenticated which allows for man-in-the-middle (MITM) attacks. Attackers can track traffic and trace users of cellular networks by creating a rogue base transceiver station (BTS). Such a defect in addition to the need for backward compatibility of mobile networks makes all GSM, UMTS, and LTE networks susceptible to MITMs. These attacks are conducted using IMSI-Catchers (ICs). Most of the solutions proposed for detecting ICs in the literature are based on using specific mobile devices with root access. Also, they cannot identify ICs to which users are not connected. In this paper, we propose an approach called YAICD for detecting ICs in the GSM network. YAICD consists of a sensor that can be installed on Android mobile devices. It detects ICs by extracting 15 parameters from signals received from BTSs. We also established a lab-scale testbed to evaluate YAICD for various detection parameters and for comparing it against existing solutions in the literature. The experimental results show that YAICD not only successfully detects ICs using the parameters but also identifies ICs to which users are not yet connected to the network.
APA, Harvard, Vancouver, ISO, and other styles
38

L, Rajesh, and Penke Satyanarayana. "Detection and Blocking of Replay, False Command, and False Access Injection Commands in SCADA Systems with Modbus Protocol." Security and Communication Networks 2021 (September 27, 2021): 1–15. http://dx.doi.org/10.1155/2021/8887666.

Full text
Abstract:
Industrial control systems (ICS) are being used for surveillance and controlling numerous industrial process plants in national critical infrastructures. Supervisory control and data acquisition (SCADA) system is a core component in ICS systems for continuous monitoring and controlling these process plants. Legacy SCADA systems are working in isolated networks and using proprietary communication protocols which made them less exposed to cyber threats. In recent times, these ICS systems have been connected to Internet and corporate networks for data sharing and remote monitoring. They are also using open protocols and operating systems. This leads to vulnerabilities of the system to cyberattacks. Cybersecurity threats are more prevalent than ever in ICS systems. These attacks may be external or internal. Modbus is a widely deployed communication protocol for SCADA communications. There is no security in design of Modbus protocol, and it is vulnerable to numerous cyberattacks. In this paper, we worked for False Command Injection attack, False Access Injection attack, and replay attacks on Modbus protocol. Initially, a real-time SCADA testbed was set up, and we envisaged the impact of these attacks on Modbus protocol data using the testbed. In this work, we used local area network (LAN) environment only for simulating the attacks. We assumed that the attacks penetrated the LAN network. We proposed and developed (a) a method to detect replay attacks by incorporating time stamp and sequence number in Modbus communications and (b) a frame filtering module which will block unauthorized attacks like False Command Injection and False Access Injection attacks to reach programmable logic controller (PLC). Numbers of attacks were simulated and the performance of the method was measured using attack block rate (ABR). It blocked 97% of malicious Modbus transactions or attacks to reach the PLC. It protects SCADA systems from attackers, which is a core component of industrial control systems. The solution enhanced the security of SCADA systems with Modbus protocol.
APA, Harvard, Vancouver, ISO, and other styles
39

Zhang, Yipeng, Min Li, Xiaoming Zhang, Yueying He, and Zhoujun Li. "Defeat Magic with Magic: A Novel Ransomware Attack Method to Dynamically Generate Malicious Payloads Based on PLC Control Logic." Applied Sciences 12, no. 17 (August 23, 2022): 8408. http://dx.doi.org/10.3390/app12178408.

Full text
Abstract:
The Industrial Control System (ICS) is a public facility that provides services to lots of users; thus, its security has always been a critical factor in measuring its availability. Recently, a new type of attack on ICS has occurred frequently, which realizes the extortion of users by invading the information domain and destroying the physical domain. However, due to the diversity and unavailability of an ICS control logic, the targets of such attacks are usually limited to PCs and servers, leaving more disruptive attack methods unexplored. To contribute more possible attack methods to strengthen the immunity of ICS, in this paper, we propose a novel ransomware attack method named Industrial Control System Automatic Ransomware Constructor (ICS-ARC). Compared to existing ICS ransomware, ICS-ARC can automatically generate an International Electrotechnical Commission (IEC) compliant payload to compromise the Programmable Logic Controller (PLC) without a pre-known control logic, dramatically reducing adversary requirements and leaving room for error. To evaluate the attack capability of ICS-ARC, we built a tap water treatment system as the simulation experiment target for verification. The experimental results determine that ICS-ARC can automatically generate malicious code without the control logic and complete the attack against target PLCs. In addition, to assist the related research on future attacks and defenses, we present the statistical results and corresponding analysis of PLC based on Shodan.
APA, Harvard, Vancouver, ISO, and other styles
40

Liyakkathali, Salimah, Francisco Furtado, Gayathri Sugumar, and Aditya Mathur. "A Mechanism to Assess the Effectiveness Anomaly Detectors in Industrial Control Systems." Journal of Integrated Design and Process Science 24, no. 3-4 (April 11, 2022): 35–50. http://dx.doi.org/10.3233/jid-210023.

Full text
Abstract:
The rise in attacks on Industrial Control Systems (ICS) makes it imperative for the anomaly detection mechanisms (ADMs) to be complete with respect to a set of attacks. In this work, a method is proposed to create and launch simulated attacks on ICS. In the proposed method, referred to as ICS Resilience (ICSRes), attacks are generated using a tool suite named A6. A6 mutates data exchanged between any two PLCs connected via the communications network as well as between a PLC and the sensors and actuators connected to it via a Remote Input/Output (RIO) unit. It consists of both single-point and multi-point mutations that can be manipulated in static or in dynamic form. A two-part case study was conducted to assess the effectiveness and completeness of ICSRes and A6 when compared with that of launching humanly designed attacks. Effectiveness is defined as the ability to detect complex attacks that causes process anomalies and completeness refers to the ability to detect the type of attack. In Part I of the study, the attacks were automatically generated and launched using A6. In Part II a set of attacks was generated and launched manually while participating in an international cyber-exercise. In both parts of the study three ADMs, installed in an operational water treatment testbed, were used to assess their completeness with respect to the generated attacks. The results demonstrate the effectiveness of ICSRes and the tools in highlighting the strength and weaknesses of the ADMs and the value of using A6.
APA, Harvard, Vancouver, ISO, and other styles
41

Liu, Hao, Ben Niu, and Jiahu Qin. "Reachability Analysis for Linear Discrete-Time Systems Under Stealthy Cyber Attacks." IEEE Transactions on Automatic Control 66, no. 9 (September 2021): 4444–51. http://dx.doi.org/10.1109/tac.2021.3050549.

Full text
APA, Harvard, Vancouver, ISO, and other styles
42

James Ranjith Kumar, R., and Biplab Sikdar. "Detection of Stealthy Cyber-Physical Line Disconnection Attacks in Smart Grid." IEEE Transactions on Smart Grid 12, no. 5 (September 2021): 4484–93. http://dx.doi.org/10.1109/tsg.2021.3082543.

Full text
APA, Harvard, Vancouver, ISO, and other styles
43

Aydeger, Abdullah, Mohammad Hossein Manshaei, Mohammad Ashiqur Rahman, and Kemal Akkaya. "Strategic Defense Against Stealthy Link Flooding Attacks: A Signaling Game Approach." IEEE Transactions on Network Science and Engineering 8, no. 1 (January 1, 2021): 751–64. http://dx.doi.org/10.1109/tnse.2021.3052090.

Full text
APA, Harvard, Vancouver, ISO, and other styles
44

Manohar, RamPradheep, and E. Baburaj. "GA BASED CONTAINMENT ALGORITHM AGAINST STEALTHY ATTACKS IN WIRELESS SENSOR NETWORKS." International Journal of Advanced Research 4, no. 8 (August 31, 2016): 953–59. http://dx.doi.org/10.21474/ijar01/1292.

Full text
APA, Harvard, Vancouver, ISO, and other styles
45

Li, Yi-Gang, and Guang-Hong Yang. "Optimal completely stealthy attacks against remote estimation in cyber-physical systems." Information Sciences 590 (April 2022): 15–28. http://dx.doi.org/10.1016/j.ins.2022.01.014.

Full text
APA, Harvard, Vancouver, ISO, and other styles
46

Kwon, Cheolhyeon, Weiyi Liu, and Inseok Hwang. "Analysis and Design of Stealthy Cyber Attacks on Unmanned Aerial Systems." Journal of Aerospace Information Systems 11, no. 8 (August 2014): 525–39. http://dx.doi.org/10.2514/1.i010201.

Full text
APA, Harvard, Vancouver, ISO, and other styles
47

Fang, Chongrong, Yifei Qi, Jiming Chen, Rui Tan, and Wei Xing Zheng. "Stealthy Actuator Signal Attacks in Stochastic Control Systems: Performance and Limitations." IEEE Transactions on Automatic Control 65, no. 9 (September 2020): 3927–34. http://dx.doi.org/10.1109/tac.2019.2950072.

Full text
APA, Harvard, Vancouver, ISO, and other styles
48

Kalutarage, Harsha K., Siraj A. Shaikh, Indika P. Wickramasinghe, Qin Zhou, and Anne E. James. "Detecting stealthy attacks: Efficient monitoring of suspicious activities on computer networks." Computers & Electrical Engineering 47 (October 2015): 327–44. http://dx.doi.org/10.1016/j.compeleceng.2015.07.007.

Full text
APA, Harvard, Vancouver, ISO, and other styles
49

Li, Xin, Guoliang Wei, and Derui Ding. "Interval Observer Design Under Stealthy Attacks and Improved Event-Triggered Protocols." IEEE Transactions on Signal and Information Processing over Networks 6 (2020): 570–79. http://dx.doi.org/10.1109/tsipn.2020.3012254.

Full text
APA, Harvard, Vancouver, ISO, and other styles
50

Muruganandam, D., and J. Martin Leo Manickam. "An efficient technique for mitigating stealthy attacks using MNDA in MANET." Neural Computing and Applications 31, S1 (July 31, 2018): 15–22. http://dx.doi.org/10.1007/s00521-018-3634-7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography