We consider the problem of resilient control of networked control system (NCS) under denial-of-service (DoS) attack via a unified game approach. The DoS attacks lead to extra constraints in the NCS, ...where the packets may be jammed by a malicious adversary. Considering the attack-induced packet dropout, optimal control strategies with multitasking and central-tasking structures are developed using game theory in the delta domain, respectively. Based on the optimal control structures, we propose optimality criteria and algorithms for both cyber defenders and DoS attackers. Both simulation and experimental results are provided to illustrate the effectiveness of the proposed design procedure.
•In general, the cyber-attacks in the literature can be classified into three main types: denial of service (DoS) attacks, deception attacks, and replay attacks. The focus of this paper will be on ...each of the aforementioned attacks such that the modeling and detection of each attack will be addressed, and the control of CPS under such attack will be discussed in details.•After a preliminary introduction of the subject, the paper is organized as follows. Detection of cyber-attacks are summarized in Section 2. In Section 3 the DoS attack is addressed. In Section 4, the results on the deception attack are given. Section 5 covers the replay attack.•Finally, challenges and future work are discussed in Section 6.
Cyber Physical Systems (CPS) are almost everywhere; they can be accessed and controlled remotely. These features make them more vulnerable to cyber attacks. Since these systems provide critical services, having them under attack would have dangerous consequences. Unfortunately, cyber attacks may be detected, but after the damage is done. Therefore, developing a cyber system that can survive an attack is a challenge. In this paper, we are surveying the literature on security aspects of CPSs. First, we present some of existing methods for detecting cyber attacks. Second, we focus on three main cyber attacks, which are: Denial of service (DoS), deception, and replay attacks. In our discussion, we have surveyed some exiting models of these attacks, approaches of filtering CPS subject to these attacks, and approaches of control CPS subject to these attacks.
In this paper, the input-to-state stability (ISS) problem of switched linear system with unstabilizable modes is investigated under denial-of-service (DoS) attacks and external disturbance. In ...contrast to earlier results which consider only stabilizable modes and usually impose certain constraints on the switching behavior and the DoS attacks, the switched system with unstabilizable modes is studied and a flexible description is proposed to specify the unstabilizable modes. Besides, a more general situation is considered that it allows switching during the active period of DoS attack and the attacks can take place arbitrarily independent of switching. Thus, it leads to a better description of switched system under DoS attacks and a more general result. Moreover, under the sampling scheme and DoS attacks, the asynchronous problem arises. Despite these added complications, a sufficient condition concerning DoS attacks frequency and duration is derived to ensure the ISS of the system under DoS attacks, and the result reveals the trade-off between the average time proportion of unstabilizable modes and the resilience of the system against DoS attacks. Finally, a numerical example and a comparative study are given to show the effectiveness of the proposed method.
This paper is concerned with the input-to-state stabilizing control problem for cyber-physical systems (CPSs) with multiple transmission channels under denial-of-service (DoS) attacks. Under the data ...update policy with bounded update interval, a new control scheme that discards the outdated information is proposed, and the stability analysis of CPSs under DoS attacks is transformed into analyzing the stability of the system under a switched controller with the help of a class of linear matrix inequalities (LMIs). Then, inspired by the techniques for switched systems, sufficient conditions on the duration and frequency of the DoS attacks, under which the stability of the closed-loop systems is still guaranteed, are proposed. Compared with the existing method for the single-channel case, the considered multiple-channel case is more challenging, and the proposed LMI-based method is more flexible.
This paper considers a cyber-physical system (CPS) under denial-of-service (DoS) attacks. The measurements of a sensor are transmitted to a remote estimator over a multi-channel network, which may be ...congested by a malicious attacker. Among these multiple communication paths with different characteristics and properties at each time step, the sensor needs to choose a single channel for sending data packets while reducing the probability of being attacked. In the meanwhile, the attacker needs to decide the target channel to jam under an energy budget constraint. To model this interactive decision-making process between the two sides, we formulate a two-player zero-sum stochastic game framework. A Nash Q-learning algorithm is proposed to tackle the computation complexity when solving the optimal strategies for both players. Numerical examples are provided to illustrate the obtained results.
In this paper, we consider a state estimation problem. In this problem, a sensor measures the state of a linear discrete‐time system and sends measurements to an estimator via a packet‐dropping ...communication link. We are concerned with the effect of Denial‐of‐Service (DoS) attacks on stability of the estimation system, and particularly focus on how to examine whether the communication channel is under DoS attack or not as well as how to defend accordingly, if defense is possible. We formulate the detection problem as a hypothesis testing problem provided that the statistics of the communication channel is known a priori. Two defense countermeasures are proposed: one of which uses a secured packet coding approach to partly compensate the previous packet loss; and in the other the sensor's transmission power is raised to resist the jamming effect brought by the DoS attack. Simulations are provided to demonstrate the main results.
The recent years have seen a surge of security issues of cyber-physical systems (CPS). In this paper, denial-of-service (DoS) attack scheduling is investigated in depth. Specifically, we consider a ...system where a remote estimator receives the data packet sent by a sensor over a wireless network at each time instant, and an energy-constrained attacker that cannot launch DoS attacks all the time designs the optimal DoS attack scheduling to maximize the attacking effect on the remote estimation performance. Most of the existing works concerning DoS attacks focus on the ideal scenario in which data packets can be received successfully if there is no DoS attack. To capture the unreliability nature of practical networks, we study the packet-dropping network in which packet dropouts may occur even in the absence of attack. We derive the optimal attack scheduling scheme that maximizes the average expected estimation error, and the one which maximizes the expected terminal estimation error over packet-dropping networks. We also present some countermeasures against DoS attacks, and discuss the optimal defense strategy, and how the optimal attack schedule can serve for more effective and resource-saving countermeasures. We further investigate the optimal attack schedule with multiple sensors. The optimality of the theoretical results is demonstrated by numerical simulations.
Detection of Denial of Service (DoS) attack is one of the most critical issues in cloud computing. The attack detection framework is very complex due to the nonlinear thought of interruption ...activities, unusual conduct of systems traffic, and many attributes in the issue space. This paper proposes an efficient DoS attack detection system that uses the Oppositional Crow Search Algorithm (OCSA), which integrates the Crow Search Algorithm (CSA) and Opposition Based Learning (OBL) method to address such type of issues. The proposed system consists of two stages viz. selection of features using OCSA and classification using Recurrent Neural Network (RNN) classifier. The essential features are selected using the OCSA algorithm and then given to RNN classifier. In the subsequent testing process, incoming data is classified using the RNN classifier. It ensures the separation of standard data (saved in cloud) and the removal of compromised data Using the benchmark data set, the results of experimental evaluation demonstrate that the proposed technique outperforms the other conventional methods by 98.18%, 95.13%, 93.56%, and 94.12% in terms of Precision, Recall, F-Measure, and Accuracy respectively. Further, the proposed work outperforms existing works by 3% on an average for all the metrics used.
•Introducing a new algorithm named Oppositional Crow Search Algorithm (OCSA).•The proposed OCSA is validated on KDD cup 99 dataset.•Feature selection is performed through OCSA algorithm.•Further classification is performed through Recurrent Neural Network (RNN).•OCSA hits with Precision-98.18%, Recall-95.13%, F-measure-93.56% & Accuracy-94.12%.
Cyber–physical systems (CPSs) are complex systems that involve technologies such as control, communication, and computing. Nowadays, CPSs have a wide range of applications in smart cities, smart ...grids, smart manufacturing and intelligent transportation. However, with integration of industrial control systems with modern communication technologies, CPSs would be inevitably exposed to increasing security threats, which could lead to severe degradation of the system performance and even destruction of CPSs. This paper presents a survey on recent advances on security issues of industrial cyber–physical systems (ICPSs). We specifically discuss two typical kinds of attacks, i.e., Denial-of-Service (DoS) attack and Deception attack, and present recent results in terms of attack detection, estimation, and control of ICPSs. Classifications of current studies are analyzed and summarized based on different system modeling and analysis methods. In addition, advantages and disadvantage of various methodologies are also discussed. Finally, the paper concludes with some potential future research directions on secure ICPSs.
•A more comprehensive survey on attack detection, secure estimation, and control of ICPSs from the control science perspective.•Classifications of current studies are analyzed and summarized based on different system modeling and analysis methods.•Advantages and disadvantage of various methodologies are discussed.
We consider a scenario in which a DoS attacker with the limited power resource and the purpose of degrading the system performance, jams a wireless network through which the packet from a sensor is ...sent to a remote estimator. To degrade the estimation quality most effectively with a given energy budget, the attacker aims to solve the problem of how much power to obstruct the channel each time, which is the recently proposed optimal attack energy management problem. The existing works are built on an ideal network model in which the packet dropout never occurs when the attack is absent. To encompass wireless transmission losses, we introduce the signal-to-interference-plus-noise ratio-based network. First we focus on the case when the attacker employs the constant power level. To maximize the expected terminal estimation error at the remote estimator, we provide some more relaxed sufficient conditions compared with the existing work for the existence of an explicit solution to the optimal static attack energy management problem and the solution is constructed. For the other important index of system performance, the average expected estimation error, the associated sufficient conditions are also derived based on a different analysis approach with the existing work. And a feasible method is presented for both indexes to seek the optimal constant attack power level when the system fails to meet the proposed sufficient conditions. Then when the real-time ACK information can be acquired, a Markov decision process (MDP) based algorithm is designed to solve the optimal dynamic attack energy management problem. We further study the optimal tradeoff between attack energy and system degradation. Specifically, by moving the energy constraint into the objective function to maximize the system index and minimize the energy consumption simultaneously, the other MDP based algorithm is proposed to find the optimal dynamic attack power policy which is further shown to have a monotone structure. The theoretical results are illustrated by simulations.