Xinyu Yang,Jie Lin,Paul Moulema,Wei Yu,Xinwen Fu,Wei Zhao

2011-01-01

Abstract:In Cyber-Physical System (CPS), attackers could inject false measurements to the controller through compromised sensor nodes, which not only threaten the security of the system, but also consumes significant network resources. To deal with this issue, a number of en-route filtering schemes have been designed for wireless sensor networks. However, these schemes either lack resilience to the number of compromised nodes or depend on the statically configured routes and node localization, which are not suitable for CPS. In this paper, we propose a Polynomialbased Compromised-Resilient En-route Filtering scheme (PCREF), which can filter false injected data effectively and achieve a high resilience to the number of compromised nodes without relying on static routes and node localization. Different from the existing schemes, PCREF uses polynomials instead of MACs for endorsing measurement reports to achieve the resilience to attacks. Each node stores two types of polynomials: authentication polynomial and check polynomial derived from the primitive polynomial, and used for endorsing and verifying the measurement reports. Through extensive theoretical analysis and simulation experiments, our data show that our scheme achieves better filtering capacity and resilience to the large number of compromised nodes in comparison with the existing schemes. Keywords—Cyber-Physical system, false measurement report, sensor node, polynomial-based en-route filtering

Xinyu Yang,Jie Lin,Wei Yu,Paul-Marie Moulema,Xinwen Fu,Wei Zhao

DOI: https://doi.org/10.1109/TC.2013.177

IF: 3.183

2015-01-01

IEEE Transactions on Computers

Abstract:In Cyber-Physical Networked Systems (CPNS), the adversary can inject false measurements into the controller through compromised sensor nodes, which not only threaten the security of the system, but also consume network resources. To deal with this issue, a number of en-route filtering schemes have been designed for wireless sensor networks. However, these schemes either lack resilience to the number of compromised nodes or depend on the statically configured routes and node localization, which are not suitable for CPNS. In this paper, we propose a Polynomial-based Compromise-Resilient En-route Filtering scheme (PCREF), which can filter false injected data effectively and achieve a high resilience to the number of compromised nodes without relying on static routes and node localization. PCREF adopts polynomials instead of Message Authentication Codes (MACs) for endorsing measurement reports to achieve resilience to attacks. Each node stores two types of polynomials: authentication polynomial and check polynomial, derived from the primitive polynomial, and used for endorsing and verifying the measurement reports. Through extensive theoretical analysis and experiments, our data shows that PCREF achieves better filtering capacity and resilience to the large number of compromised nodes in comparison to the existing schemes.

Jie Lin,Xinyu Yang,Wei Yu,Xinwen Fu

DOI: https://doi.org/10.1109/GLOCOM.2011.6134278

2011-01-01

Abstract:In wireless sensor networks (WSNs), attackers could inject false data into the networks by compromising the sensor nodes. False data injected by the compromised nodes, if undetected, could not only cause false alarms but also consume the limited energy of the sensor nodes, posing serious threats to the lifetime of networks. To mitigate this type of attacks, a number of en-route filtering schemes to filter false data inside the networks have been developed in the past. However, there is lack of a systematical strategy to evaluate those schemes and establishing a foundation for designing en-route filtering techniques. To address these issues, we compare the pros and cons of the existing enroute filtering schemes. To fairly compare the performance of those schemes, we conduct theoretical analysis and derive a set of closed formulae for them. Our extensive simulations validate our findings. Our research summarizes the state-of-art research development and lay out future directions in this area.

Genghong Lu,Dongqin Feng

DOI: https://doi.org/10.23919/icif.2018.8455208

2018-01-01

Abstract:Due to the wide implementation of communication networks, industrial control systems are vulnerable to malicious attacks, which could cause potentially devastating results. Adversaries launch integrity attacks by injecting false data into systems to create fake events or cover up the plan of damaging the systems. In addition, the complexity and nonlinearity of control systems make it more difficult to detect attacks and defense it. Therefore, a novel security situation awareness framework based on particle filtering, which has good ability in estimating state for nonlinear systems, is proposed to provide an accuracy understanding of system situation. First, a system state estimation based on particle filtering is presented to estimate nodes state. Then, a voting scheme is introduced into hazard situation detection to identify the malicious nodes and a local estimator is constructed to estimate the actual system state by removing the identified malicious nodes. Finally, based on the estimated actual state, the actual measurements of the compromised nodes are predicted by using the situation prediction algorithm. At the end of this paper, a simulation of a continuous stirred tank is conducted to verify the efficiency of the proposed framework and algorithms.

Jianzhong Li,Lei Yu,Hong Gao,Shuguang Xiong

DOI: https://doi.org/10.1109/tpds.2011.217

IF: 5.3

2012-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:In wireless sensor networks, the adversary may inject false reports to exhaust network energy or trigger false alarms with compromised sensor nodes. In response to the problems of existing schemes on the security resiliency, applicability and filtering effectiveness, this paper proposes a scheme, referred to as Grouping-enhanced Resilient Probabilistic En-route Filtering (GRPEF). In GRPEF, an efficient distributed algorithm is proposed to group nodes without incurring extra groups, and a multiaxis division based approach for deriving location-aware keys is used to overcome the threshold problem and remove the dependence on the sink immobility and routing protocols. Compared to the existing schemes, GRPEF significantly improves the effectiveness of the en-route filtering and can be applied to the sensor networks with mobile sinks while reserving the resiliency.

YANG Feng,ZHOU Xue-hai,ZHANG Qi-yuan

DOI: https://doi.org/10.3969/j.issn.1007-130x.2010.11.005

2010-01-01

Abstract:Sensor nodes can be compromised by attackers and inject large amounts of bogus data to exhaust network resources.En-route filtering is an effective way to defeat false data injection attacks.We consider two factors that often are overlooked before:coverage and real-timeness.A stepwise refinement distributed group joining method is proposed to improve the coverage performance.En-route nodes dynamically determine whether first to verify a message or first to forward the message.If the network is attacked,the forwarding nodes will verify messages first;otherwise,forwarding nodes will forward message first.We compare the proposed scheme with the traditional ones,and show that the scheme can improve coverage and reduce delay efficiently.

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tcsii.2022.3181827

2022-01-01

Abstract:In cyber-physical power systems (CPPSs), false data injection attack (FDIA) has drawn much attention due to its stealthiness. It is of great importance to investigate the potential behaviors of attackers to improve the cyber-security of CPPSs. However, most FDIA models are often constructed separately on the effect of attackers or the impact of attacks. Accordingly, this brief proposes a multi-objective stealthy FDIA scheme in AC grid model. The attack model is described as a multi-objective optimization problem, where minimization of contaminated measurements and maximization of the attack impact are considered as two objectives while remaining stealthy. To deal with the established attack model, a non-dominated sorting genetic algorithm II (NSGAII) is introduced as the solver. To improve the efficiency of generating attack vector, a new representation mechanism is proposed to describe locations and values of injected states. Additionally, during the evolutionary process, we propose a mutation operation to balance the sparsity and impact of FDIA. Simulation results on the IEEE 14-bus, 30-bus, and 118-bus systems demonstrate the feasibility of the NSGAII-based FDIA model.

ZHANG Shu-guang,ZHOU Xue-hai,YANG Feng,XU Jun

DOI: https://doi.org/10.13190/j.jbupt.2016.01.012

2016-01-01

Abstract:Aiming at the problem of current false data filtering strategies that cannot prevent legitimate packets from discarded by the malicious nodes selectively, an en-route filtering strategy was put forward against selectively discarding packets. In this strategy, each node keeps its one-hop and two-hop neighbor nodes' identifications as well as one-way chain keys. Moreover, what the forwarded packets attached is the latest one-way chain keys of L nodes, not the message authentication codes in traditional en-route fil-tering strategies. Additionally, this strategy uses the stepwise certification to submit data packets by mo-nitoring the communications between common neighbor nodes. Experiment shows that the strategy not on-ly can efficiently filter false data, but also can prevent malicious nodes from selectively discarding pack-ets.

Younan Zhao,Peng Gu,Fanglai Zhu,Tianyi Liu,Runjie Shen

DOI: https://doi.org/10.1016/j.amc.2023.127908

IF: 4.397

2023-01-01

Applied Mathematics and Computation

Abstract:In this paper, based on finite-frequency domain H 00 control techniques, security control issues are investigated for a cyber-physical system (CPS) suffering from false data injection (FDI) attacks on sensors and actuators, where the real system in the physical layer is a complex network system . First, for each subsystem of the complex network system, an H 00 proportion integral (PI) observer is designed to estimate the system states and attack signals on the sensors and actuators simultaneously. Second, a state feedback controller with attack compensation is proposed using the estimates of the attack signals and the states. Thus, an observer-based security control strategy against FDI attack is set up and the stability analysis is accomplished by frequency domain H 00 control techniques. Finally, a simulation example is given to illustrate the better performance of the proposed methods compared with the traditional H 00 method.(c) 2023 Elsevier Inc. All rights reserved.

Feng Yang,Xuehai Zhou,Qiyuan Zhang

DOI: https://doi.org/10.1007/978-3-642-13067-0_17

2010-01-01

Abstract:En-route filtering is an effective way to defeat false data injection attacks Different from traditional one-dimensional en-route filtering mechanisms, we propose a multi-dimensional resilient statistical en-route filtering mechanism (MDSEF) In MDSEF, the overall key pool is divided into multiple sets and each set is composed of a number of groups where each group is composed of a number of keys Each node could join one group in each set and obtain some keys from these groups Since each node obtains keys from multiple groups, the covering performance and filtering effectiveness of the mechanism can be improved simultaneously An axis-rotation method is proposed to associate the terrain with multiple sets and implement location-based key derivation Moreover, a stepwise refinement distributed group joining method is proposed for nodes' group selection Analysis and simulation results show that MDSEF could significantly improve the covering performance and filtering effectiveness without losing the resiliency against node compromise.

Jinyan Li,Xiao-Meng Li,Zhijian Cheng,Hongru Ren,Hongyi Li

DOI: https://doi.org/10.1016/j.ins.2024.121093

IF: 8.1

2024-07-10

Information Sciences

Abstract:This paper mainly studies an event-based secure control problem for cyber-physical systems against false data injection (FDI) attacks. First, a dynamic event-triggered transmission protocol is established to schedule the transmitted data from the sensor to the controller. Subsequently, an imperfect FDI attack model is constructed considering the real network environment, which would bypass the traditional residual-based detection methods. To overcome this drawback, an attack detection strategy based on secure history information is designed, which effectively mitigates the negative impact of uncertainty on the detection results. Based on the detection results, an event-based secure linear quadratic Gaussian control scheme is designed, which can guarantee system performance and reduce the communication load effectively. Finally, a simulation experiment verifies that the proposed control method outperforms other algorithms in the literature, and the detection accuracy is increased by 91% to 98%.

computer science, information systems

Jie Lin,Wei Yu,Xinyu Yang,Guobin Xu

DOI: https://doi.org/10.1049/pbce096e_ch5

2016-01-01

Abstract:The cyber-physical system (CPS) is a system that can efficiently integrate both cyber and physical components by leveraging modern sensing, computing, and networking technologies. As an important role of CPS, sensors can obtain measurements of physical components and transmit the measurement data to the control center through communication networks. Nonetheless, sensor networks can pose serious security challenges to CPSs as well. In this chapter, we first review CPSs and wireless sensor networks in CPSs. We then take the smart grid as an example of a CPS and investigate the impacts of one category of attacks, namely false data injection attacks, against the operation of the smart grid. Through a combination of theoretical analysis and performance evaluation, we find that false data injection attacks can disrupt the electricity market operations, posing an increased electricity price to consumers. We also discuss the impacts of false data injection attacks on other key functions in the smart grid, including energy distribution, state estimation, etc.

Zhen Hong,Rui Wang,Shouling Ji,Raheem Beyah

DOI: https://doi.org/10.1109/tifs.2018.2876839

IF: 7.231

2019-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Cyber-physical systems (CPS) have been deployed in many areas and have reached unprecedented levels of performance and efficiency. However, the security and privacy problems in CPS have not been properly addressed, e.g., the monitored source location can be inferred by an attacker, which can substantially undermine the reliability of CPS. Unfortunately, the existing techniques to protect against the leakage of the source location do not achieve an acceptable balance among the source location privacy, transmission delay, and energy consumption to guarantee high reliability. To address this issue, we propose an attacker location evaluation-based fake source scheduling (FSSE) for source location privacy in CPS to enhance the privacy level and maintain the system performance. The proposed FSSE contains two main phases. The first, backbone construction, is dependent on the probability of capture derived from the communication information of self and neighboring nodes. This phase aims to build a backbone to form a baseline with respect to the source location privacy and transmission delay. The second phase is fake message scheduling, which is established to provide a trade-off among privacy, transmission delay, and communication overhead in terms of the hypothesized location of the attacker by using stochastic processes. Through analysis and simulation, we demonstrate that the proposed method has a more stable privacy level and more efficient transmission delay and energy consumption than the three compared algorithms, i.e., phantom routing, tree-based diversionary routing, and dynamic fake source selection.

Liang Xin,Guang He,Zhiqiang Long

DOI: https://doi.org/10.1109/tase.2023.3347538

IF: 6.636

2024-01-01

IEEE Transactions on Automation Science and Engineering

Abstract:Cyber-physical systems (CPSs) are increasingly threatened by stealthy false data injection (SFDI) attacks, which compromise system integrity by manipulating control signals and introducing false sensor data. These attacks are particularly challenging due to their diversity and often indistinguishable nature. In response to this issue, our work uncovers the fundamental causes behind SFDI attacks in linear time-invariant (LTI) systems and elucidates the principles enabling their stealth. We present a novel virtual extended system framework designed to eliminate strictly stealthy attacks within the entire CPS. Utilizing deep reinforcement learning (DRL) methodologies, we pioneer the use of detection results for real-time SFDI attack classification. Through numerical simulations, we validate our proposed method’s effectiveness, demonstrating a classification accuracy of no less than 95%. Notably, even in scenarios where attackers manage to breach the framework partially, our method continues to provide a reliable success rate in SFDI attack detection and classification, showcasing its robustness and efficacy. Note to Practitioners—Cyber-physical systems (CPSs), a critical component of modern industries, are becoming increasingly susceptible to stealthy false data injection (SFDI) attacks. These attacks compromise system integrity by subtly manipulating control signals and feeding false sensor data, making them challenging to detect. Our research presents an innovative framework that uses deep reinforcement learning techniques to detect and classify these elusive attacks, achieving a classification accuracy of over 95%. The information on SFDI attack categories, ascertained by this method, lays the groundwork for the development of subsequent defence strategies. For professionals working in sectors reliant on CPSs, such as manufacturing, healthcare, and transportation, this framework offers a promising tool to enhance system security. Even in scenarios where the system has been partially compromised, our method continues to provide reliable detection and classification, underscoring its robustness and practical utility. The system remains effective despite full breach attempts on specific attack types, ensuring resilience against a broad range of SFDI attacks. In conclusion, our research offers a substantial advancement in protecting CPSs against cyber threats.

automation & control systems

Beibei Li,Rongxing Lu,Wei Wang,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1016/j.jpdc.2016.12.012

IF: 4.542

2017-05-01

Journal of Parallel and Distributed Computing

Abstract:False data injection (FDI) attacks are crucial security threats to smart grid cyber-physical system (CPS), and could result in cataclysmic consequences to the entire power system. However, due to the high dependence on open information networking, countering FDI attacks is challenging in smart grid CPS. Most existing solutions are based on state estimation (SE) at the highly centralized control center; thus, computationally expensive. In addition, these solutions generally do not provide a high level of security assurance, as evidenced by recent work that smart FDI attackers with knowledge of system configurations can easily circumvent conventional SE-based false data detection mechanisms. In this paper, in order to address these challenges, a novel distributed host-based collaborative detection method is proposed. Specifically, in our approach, we use a conjunctive rule based majority voting algorithm to collaboratively detect false measurement data inserted by compromised phasor measurement units (PMUs). In addition, an innovative reputation system with an adaptive reputation updating algorithm is also designed to evaluate the overall running status of PMUs, by which FDI attacks can be distinctly observed. Extensive simulation experiments are conducted with real-time measurement data obtained from the PowerWorld simulator, and the numerical results fully demonstrate the effectiveness of our proposal.

computer science, theory & methods

Jinyan Li,Xiaomeng Li,Hongru Ren,Hongyi Li

DOI: https://doi.org/10.1002/rnc.7601

IF: 3.8973

2024-08-27

International Journal of Robust and Nonlinear Control

Abstract:This paper focuses on a detection‐based resilient control issue for cyber‐physical systems (CPSs) subject to false data injection (FDI) attacks, where FDI attacks occur in the communication channels from the sensor‐to‐controller and controller‐to‐actuator. Firstly, to reduce the adverse impacts of FDI attacks on estimation performance, an unbiased estimator is constructed by tackling the equality‐constrained optimization problem. Then, an effective attack detection mechanism is devised by introducing a pseudo‐innovation sequence to formulate the detection function, which can successfully detect two‐channel FDI attacks. Based on these detection results, a resilient controller combining linear quadratic Gaussian and H∞ controllers is provided to guarantee the mean‐square asymptotic stability of CPSs with H∞ performance. Finally, the validity of the proposed resilient control approach is demonstrated by a simulation involving satellite control system.

automation & control systems,engineering, electrical & electronic,mathematics, applied

Ximing Yang,Ran Liu,Tieshan Li,Yue Long,Hanqing Yang,Xiaoyang Gao,C. L. Philip Chen

DOI: https://doi.org/10.1109/icist59754.2023.10367183

2023-01-01

Abstract:The issue of security control for cyber-physical systems (CPSs) is now receiving a lot of attention. Among them, the network layer is more seriously affected by cyberattacks than the physical layer. In this paper, we investigate the denial-of-service (DoS) attacks and false data injection (FDI) attack on data transmission. Firstly, the FDI attack that exists in the actuator is estimated by proposing the observer. Then, due to the presence of DoS attacks in the sensor channels, the estimation effect of the former observer is affected. To solve this problem, a new resilient observer is proposed by introducing the switching mechanism. The proposed resilient observer can effectively reduce the adverse effects of DoS attacks on data transmission. Next, a false data estimation-based security controller is proposed, which can ensure the stability of the closed-loop system. Finally, a simulation is given to verify the effectiveness of the proposed method.

Yanan Du,Sai Xu,Shuai Han

DOI: https://doi.org/10.1109/ICC45855.2022.9839018

2022-01-01

Abstract:To have a good understanding of attackers' behaviour and seek effective defensive measures, an optimal strategy of false data injection (FDI) and denial-of-service (DoS) attacks is proposed to intrude sensors and transmission channels of cyber-physical systems (CPSs) from the perspective of an attacker. Specifically, all sensors of CPSs make measurements of the state and send them to a fusion center for state estimation. Intruders attempt to modify the measurements and block innovations' transmission by respectively launching FDI and DoS attacks to maliciously degrade the system estimation performance. A cost function is introduced to quantify the estimation performance. In order to maximize the cost function, it is important for the attacker to decide which sensors and transmission channels to intrude due to energy constraint. A convex optimization problem is formed, by solving which the optimal attack strategy is obtained. Simulations demonstrate the optimality of our proposed attack strategy.

Yuhan Suo,Senchun Chai,Runqi Chai,Zhong-Hua Pang,Yuanqing Xia,Guo-Ping Liu

DOI: https://doi.org/10.1109/TIFS.2023.3340098

2023-12-18

Abstract:In large-scale networks, communication links between nodes are easily injected with false data by adversaries. This paper proposes a novel security defense strategy from the perspective of attack detection scheduling to ensure the security of the network. Based on the proposed strategy, each sensor can directly exclude suspicious sensors from its neighboring set. First, the problem of selecting suspicious sensors is formulated as a combinatorial optimization problem, which is non-deterministic polynomial-time hard (NP-hard). To solve this problem, the original function is transformed into a submodular function. Then, we propose an attack detection scheduling algorithm based on the sequential submodular optimization theory, which incorporates \emph{expert problem} to better utilize historical information to guide the sensor selection task at the current moment. For different attack strategies, theoretical results show that the average optimization rate of the proposed algorithm has a lower bound, and the error expectation is bounded. In addition, under two kinds of insecurity conditions, the proposed algorithm can guarantee the security of the entire network from the perspective of the augmented estimation error. Finally, the effectiveness of the developed method is verified by the numerical simulation and practical experiment.

Systems and Control

Yawen Tan,Pindi Weng,Bo Chen,Li Yu

DOI: https://doi.org/10.1007/s11432-021-3428-y

2023-01-01

Science China Information Sciences

Abstract:Cyber-physical systems(CPSs)that integrate computation,network,and physical objects play essential roles in the era of Industry 4.0[1,2].However,the introduction of networks makes it face the threat of cyber-attacks[3].Among various types of cyber-attacks,a false data injection(FDI)attack degrades the estimation performance for CPSs by injecting wrong signals and is one of the most dangerous attacks[4,5].Therefore,the joint estimation of FDI attacks and system states is of great significance to the security of CPSs.