NoisePrint: Attack detection using sensor and process noise fingerprint in cyber physical systems
An attack detection scheme is proposed to detect data integrity attacks on sensors in Cyber-Physical Systems (CPSs). A combined fingerprint for sensor and process noise is created during the normal operation of the system. Under sensor spoofing attack, noise pattern deviates from the fingerprinted p...
- Autores:
- Tipo de recurso:
- Fecha de publicación:
- 2018
- Institución:
- Universidad del Rosario
- Repositorio:
- Repositorio EdocUR - U. Rosario
- Idioma:
- eng
- OAI Identifier:
- oai:repository.urosario.edu.co:10336/23055
- Acceso en línea:
- https://doi.org/10.1145/3196494.3196532
https://repository.urosario.edu.co/handle/10336/23055
- Palabra clave:
- Actuators
Cyber Physical System
Embedded systems
Frequency domain analysis
Learning algorithms
Learning systems
Sensors
State estimation
Testbeds
Water supply systems
Water treatment
CPS/ICS Security
Cyber physical systems (cpss)
Data integrity attacks
Device fingerprinting
Frequency domains
Physical attacks
Security
Water distributions
Palmprint recognition
Actuators
CPS/ICS Security
Cyber Physical Systems
Device Fingerprinting
Physical Attacks
Security
Sensors
- Rights
- License
- http://purl.org/coar/access_right/c_abf2
id |
EDOCUR2_c90f7733c91c7e17d5d9fa036fc8e765 |
---|---|
oai_identifier_str |
oai:repository.urosario.edu.co:10336/23055 |
network_acronym_str |
EDOCUR2 |
network_name_str |
Repositorio EdocUR - U. Rosario |
repository_id_str |
|
spelling |
NoisePrint: Attack detection using sensor and process noise fingerprint in cyber physical systemsActuatorsCyber Physical SystemEmbedded systemsFrequency domain analysisLearning algorithmsLearning systemsSensorsState estimationTestbedsWater supply systemsWater treatmentCPS/ICS SecurityCyber physical systems (cpss)Data integrity attacksDevice fingerprintingFrequency domainsPhysical attacksSecurityWater distributionsPalmprint recognitionActuatorsCPS/ICS SecurityCyber Physical SystemsDevice FingerprintingPhysical AttacksSecuritySensorsAn attack detection scheme is proposed to detect data integrity attacks on sensors in Cyber-Physical Systems (CPSs). A combined fingerprint for sensor and process noise is created during the normal operation of the system. Under sensor spoofing attack, noise pattern deviates from the fingerprinted pattern enabling the proposed scheme to detect attacks. To extract the noise (difference between expected and observed value) a representative model of the system is derived. A Kalman filter is used for the purpose of state estimation. By subtracting the state estimates from the real system states, a residual vector is obtained. It is shown that in steady state the residual vector is a function of process and sensor noise. A set of time domain and frequency domain features is extracted from the residual vector. Feature set is provided to a machine learning algorithm to identify the sensor and process. Experiments are performed on two testbeds, a real-world water treatment (SWaT) facility and a water distribution (WADI) testbed. A class of zero-alarm attacks, designed for statistical detectors on SWaT are detected by the proposed scheme. It is shown that a multitude of sensors can be uniquely identified with accuracy higher than 90% based on the noise fingerprint. © 2018 Association for Computing Machinery.Association for Computing Machinery, Inc20182020-05-25T23:59:30Zinfo:eu-repo/semantics/conferenceObjecthttp://purl.org/coar/version/c_970fb48d4fbd8a85http://purl.org/coar/resource_type/c_c94fapplication/pdfhttps://doi.org/10.1145/3196494.3196532https://repository.urosario.edu.co/handle/10336/23055instname:Universidad del Rosarioreponame:Repositorio Institucional EdocURenghttps://www.scopus.com/inward/record.uri?eid=2-s2.0-85049213203&doi=10.1145%2f3196494.3196532&partnerID=40&md5=d6fe0f65b66b694e6f50d8b69f12ce63http://purl.org/coar/access_right/c_abf2Ahmed C.M.Qadeer R.Ochoa M.Murguia C.Zhou J.Mathur A.P.Ruths J.oai:repository.urosario.edu.co:10336/230552022-05-02T07:37:14Z |
dc.title.none.fl_str_mv |
NoisePrint: Attack detection using sensor and process noise fingerprint in cyber physical systems |
title |
NoisePrint: Attack detection using sensor and process noise fingerprint in cyber physical systems |
spellingShingle |
NoisePrint: Attack detection using sensor and process noise fingerprint in cyber physical systems Actuators Cyber Physical System Embedded systems Frequency domain analysis Learning algorithms Learning systems Sensors State estimation Testbeds Water supply systems Water treatment CPS/ICS Security Cyber physical systems (cpss) Data integrity attacks Device fingerprinting Frequency domains Physical attacks Security Water distributions Palmprint recognition Actuators CPS/ICS Security Cyber Physical Systems Device Fingerprinting Physical Attacks Security Sensors |
title_short |
NoisePrint: Attack detection using sensor and process noise fingerprint in cyber physical systems |
title_full |
NoisePrint: Attack detection using sensor and process noise fingerprint in cyber physical systems |
title_fullStr |
NoisePrint: Attack detection using sensor and process noise fingerprint in cyber physical systems |
title_full_unstemmed |
NoisePrint: Attack detection using sensor and process noise fingerprint in cyber physical systems |
title_sort |
NoisePrint: Attack detection using sensor and process noise fingerprint in cyber physical systems |
dc.subject.none.fl_str_mv |
Actuators Cyber Physical System Embedded systems Frequency domain analysis Learning algorithms Learning systems Sensors State estimation Testbeds Water supply systems Water treatment CPS/ICS Security Cyber physical systems (cpss) Data integrity attacks Device fingerprinting Frequency domains Physical attacks Security Water distributions Palmprint recognition Actuators CPS/ICS Security Cyber Physical Systems Device Fingerprinting Physical Attacks Security Sensors |
topic |
Actuators Cyber Physical System Embedded systems Frequency domain analysis Learning algorithms Learning systems Sensors State estimation Testbeds Water supply systems Water treatment CPS/ICS Security Cyber physical systems (cpss) Data integrity attacks Device fingerprinting Frequency domains Physical attacks Security Water distributions Palmprint recognition Actuators CPS/ICS Security Cyber Physical Systems Device Fingerprinting Physical Attacks Security Sensors |
description |
An attack detection scheme is proposed to detect data integrity attacks on sensors in Cyber-Physical Systems (CPSs). A combined fingerprint for sensor and process noise is created during the normal operation of the system. Under sensor spoofing attack, noise pattern deviates from the fingerprinted pattern enabling the proposed scheme to detect attacks. To extract the noise (difference between expected and observed value) a representative model of the system is derived. A Kalman filter is used for the purpose of state estimation. By subtracting the state estimates from the real system states, a residual vector is obtained. It is shown that in steady state the residual vector is a function of process and sensor noise. A set of time domain and frequency domain features is extracted from the residual vector. Feature set is provided to a machine learning algorithm to identify the sensor and process. Experiments are performed on two testbeds, a real-world water treatment (SWaT) facility and a water distribution (WADI) testbed. A class of zero-alarm attacks, designed for statistical detectors on SWaT are detected by the proposed scheme. It is shown that a multitude of sensors can be uniquely identified with accuracy higher than 90% based on the noise fingerprint. © 2018 Association for Computing Machinery. |
publishDate |
2018 |
dc.date.none.fl_str_mv |
2018 2020-05-25T23:59:30Z |
dc.type.none.fl_str_mv |
info:eu-repo/semantics/conferenceObject |
dc.type.coarversion.fl_str_mv |
http://purl.org/coar/version/c_970fb48d4fbd8a85 |
dc.type.coar.fl_str_mv |
http://purl.org/coar/resource_type/c_c94f |
dc.identifier.none.fl_str_mv |
https://doi.org/10.1145/3196494.3196532 https://repository.urosario.edu.co/handle/10336/23055 |
url |
https://doi.org/10.1145/3196494.3196532 https://repository.urosario.edu.co/handle/10336/23055 |
dc.language.none.fl_str_mv |
eng |
language |
eng |
dc.relation.none.fl_str_mv |
https://www.scopus.com/inward/record.uri?eid=2-s2.0-85049213203&doi=10.1145%2f3196494.3196532&partnerID=40&md5=d6fe0f65b66b694e6f50d8b69f12ce63 |
dc.rights.coar.fl_str_mv |
http://purl.org/coar/access_right/c_abf2 |
rights_invalid_str_mv |
http://purl.org/coar/access_right/c_abf2 |
dc.format.none.fl_str_mv |
application/pdf |
dc.publisher.none.fl_str_mv |
Association for Computing Machinery, Inc |
publisher.none.fl_str_mv |
Association for Computing Machinery, Inc |
dc.source.none.fl_str_mv |
instname:Universidad del Rosario reponame:Repositorio Institucional EdocUR |
instname_str |
Universidad del Rosario |
institution |
Universidad del Rosario |
reponame_str |
Repositorio Institucional EdocUR |
collection |
Repositorio Institucional EdocUR |
repository.name.fl_str_mv |
|
repository.mail.fl_str_mv |
|
_version_ |
1803710482383634432 |