Han Qin,Jiaming Weng,Dong Liu,Donglian Qi,Yufei Wang

DOI: https://doi.org/10.17775/cseejpes.2020.04550

IF: 6.014

2024-01-01

CSEE Journal of Power and Energy Systems

Abstract:With the help of advanced information technology, real-time monitoring and control levels of cyber-physical distribution systems (CPDS) have been significantly improved. However due to the deep integration of cyber and physical systems, attackers could still threaten the stable operation of CPDS by launching cyber-attacks, such as denial-of-service (DoS) attacks. Thus, it is necessary to study the CPDS risk assessment and defense resource allocation methods under DoS attacks. This paper analyzes the impact of DoS attacks on the physical system based on the CPDS fault self-healing control. Then, considering attacker and defender strategies and attack damage, a CPDS risk assessment framework is established. Furthermore, risk assessment and defense resource allocation methods, based on the Stackelberg dynamic game model, are proposed under conditions in which the cyber and physical systems are launched simultaneously. Finally, a simulation based on an actual CPDS is performed, and the calculation results verify the effectiveness of the algorithm.

Ziming Zhao,Zhuotao Liu,Huan Chen,Fan Zhang,Zhuoxue Song,Zhaoxuan Li

DOI: https://doi.org/10.1109/tdsc.2023.3349180

2024-01-01

Abstract:Defending against Distributed Denial of Service (DDoS) attacks is a fundamental problem in the Internet. Over the past few decades, the research and industry communities have proposed a variety of solutions, from adding incremental capabilities to the existing Internet routing stack, to clean-slate future Internet architectures, and to widely deployed commercial DDoS prevention services. Yet a recent interview with over 100 security practitioners in multiple sectors reveals that existing solutions are still insufficient against , due to either unenforceable protocol deployment or non-comprehensive traffic filters. This seemingly endless arms race with attackers probably means that we need a fundamental paradigm shift. In this paper, we propose a new DDoS prevention paradigm named preference-driven and in-network enforced traffic shaping , aiming to explore the novel DDoS prevention norms that focus on delivering victim-preferred traffic rather than consistently chasing after the DDoS attacks. Towards this end, we propose DFNet, a novel DDoS prevention system that provides reliable delivery of victim-preferred traffic without full knowledge of DDoS attacks. At a very high level, the core innovative design of DFNet embraces the advances in Machine Learning (ML) and new network dataplane primitives, by encoding the victim's traffic preference (in the form of complex ML models) into dataplane packet scheduling algorithms such that the victim-preferred traffic is forwarded with priority at line-speed, regardless of the attacker strategy. We implement a prototype of DFNet in 11,560 lines of code, and extensively evaluate it on our testbed. The results show that a single instance of DFNet can forward 99.93% of victim-desired traffic when facing previously unseen attacks, while imposing less than 0.1% forwarding overhead on a dataplane with 80 Gbps upstream links and a 40 Gbps bottleneck.

ZHANG Shao-jun,LI Jian-hua,CHEN Xiu-zhen,HU Wei

DOI: https://doi.org/10.3321/j.issn:1006-2467.2008.02.009

2008-01-01

Abstract:As one of the most notorious network attacks,distributed denial-of-service(DDoS) attack is famous for its easiness to launch and difficulty to defend.DDoS attack was regarded as a multistage game of incomplete information with observable actions and its extensive form was given out.It is pointed out that to attain the game's perfect Bayes equilibrium,the problem of computing and modifying the belief value of each player's type must be solved.As a practice of this viewpoint,a method of filtering attack stream according to its package rate and source address distribution characteristic was proposed.Finally, simulation was given out to demonstrate the effectiveness of the method.

Yong Xu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tcds.2022.3172937

IF: 4.546

2024-01-01

IEEE Transactions on Cognitive and Developmental Systems

Abstract:This paper employs a reinforcement learning (RL) technique to investigate the distributed output tracking control of heterogeneous multiagent systems (MASs) under multiple denial-of-service (DoS) attacks. Different from existing results where the dynamic of the leader is known for partial or all agents, the leader’s system matrix is completely unknown for each follower in this paper. To learn the leader system matrix, a data-based learning mechanism is first proposed using the idea of the data-driven method. Then, under the data-based learning mechanism, a resilient predictor subject to multiple DoS attacks is exploited to provide the estimation of the leader’s state for each agent, where adversaries attack different communication links independently. Moreover, a resilient dynamic output feedback controller is proposed to solve the output tracking control problem based on the output regulation theory. To consider the transient responses of agents, a RL-based dynamic output feedback controller is developed to realize the optimal output tracking control by solving discounted algebraic Riccati equations (AREs) in both offline and online ways. Theoretical analysis shows that the secure output tracking control of MASs can be achieved under the proposed data-based resilient learning control algorithm. Finally, a numerical example is provided to verify the effectiveness of theoretical analysis.

Xinyu Yang,Xiaofei He,Jie Lin,Wei Yu,Qingyu Yang

DOI: https://doi.org/10.1109/trustcom.2016.0094

2016-01-01

Abstract:The diverse cyber attacks, that make operation of the smart grid challenging, must be addressed before wide adoption of smart grids can be fully realized. Although a number of research efforts have been devoted to defending against these threats, a majority of existing schemes focus on the design of a specific defensive strategy to deal with a specific threat. In this paper we address the issue of coalitional attacks that can be launched by multiple adversaries cooperatively in the smart grid. We propose a game-theoretic based model to capture the interaction among multiple adversaries and quantify the capacity of the defender based on the extended Iterated Public Goods Game (IPGG) model. In the formalized game model, each participant can either cooperate by participating in the coalitional attack, or defect by standing aside in each round of the attack. We consider the generic defensive strategy that has a probability to detect the coalitional attack. When the coalitional attack is detected, all the participating adversaries are penalized. The expected payoff of each participant is derived through the zero-determinant strategy that provides the participants competitive benefits. Via a combination of theoretical analysis and experiments, our results show that our formalized game model can enable the defender to greatly reduce the maximum value of the expected average payoff to the adversaries via provisioning sufficient defensive resources, which is reflected by setting a proper penalty factor against the adversaries.

Yunlong Tang,Jing Sun,Huan Wang,Junyi Deng,Liang Tong,Wenhong Xu

DOI: https://doi.org/10.1016/j.cose.2024.103871

IF: 5.105

2024-04-01

Computers & Security

Abstract:Faced with the challenges of security strategy design brought about by the complexity of attack behavior and the dynamism of network structure, dynamic hierarchical intelligent defense methods have shown their effectiveness. However, in complex network environments, their application requires a higher level of coordination mechanisms. Therefore, this paper proposes a hierarchical multi-agent reinforcement learning network attack and defense game and cooperative defense decision-making method, which autonomously and efficiently completes the formulation of defense strategies and defense behavior responses. Firstly, we construct a Stackelberg hypergame model of cyberspace conflicts, and under the condition of information loss, characterize the multi-layer dynamic defense coordination response mechanism. Secondly, By utilizing a hierarchical multi-agent reinforcement learning method as the driving force for game evolution, we sequentially solve the Nash equilibrium of the game, and form a dynamic autonomous defense strategy. Finally, we construct a hierarchical multi-agent reinforcement learning framework, which decouples the defense decision problem, reduces the dimension of the defense action space and the exploration difficulty of the strategy space, and learns coordinated defense strategies more efficiently. We used the CybORG (Cyber Operations Research Gym) environment for simulation. We compared and analyzed the autonomously generated cyber defense strategies with other related works, verifying the superior coordination performance of our method in defense strategy generation and control.

computer science, information systems

Hao Zhang,Jie Yao,Zhuping Wang,Sheng Gao,Huaicheng Yan

DOI: https://doi.org/10.1109/jsyst.2024.3381304

IF: 4.802

2024-01-01

IEEE Systems Journal

Abstract:This article studies the optimal distributed denial-of-service attack strategy for cyber–physical systems with multiple attackers and multiple defenders. An advanced attack strategy is proposed to cause the great damage to system in a multiattacker–defender form. First, a novel model of signal-to-interference-to-noise ratio for the multiattacker and multidefender is built. Taking the energy constraints into consideration, the objective of defenders is to minimize the system performance, while the attackers tend to deteriorate it by emitting interference energy. Thus, the optimal channel selection and optimal energy allocation strategies are proposed to answer which channel both of them should choose and how much power both of them should allocate to each channel in a finite time horizon. Second, a two-player zero-sum matrix game is formulated to solve the optimal problem by linear programming and obtain the Nash equilibrium. When the channel parameters are time-varying, a dynamic optimal channel selection problem is considered and a multistage game algorithm is proposed to find the Nash equilibrium. In addition, the designed optimal strategies of both players are demonstrated and analyzed. Finally, a numerical simulation is provided to illustrate the effectiveness of the proposed approach.

Amrita Dahiya,Brij B. Gupta

DOI: https://doi.org/10.1016/j.future.2020.11.027

IF: 7.307

2021-04-01

Future Generation Computer Systems

Abstract:DDoS attack is one of the most powerful cyber-weapons as it does not wait for a specific server configuration or particular network state to attack or to disrupt any operation of the target machine. Further, it does not require any huge investment and can cause enormous reputational and financial loss to the organization. Additionally, the uneven distribution of resources and incentives on Internet has paved an easy path for attackers to take the repercussions of DDoS attack to a challenging level. Malicious users cannot be assumed to obey network protocols or algorithms. In fact, they tried to take advantage of their knowledge about network to disrupt other users and to gain a maximum share of resources. Therefore, in this paper, we propose a Bayesian game theory-based solution to empower service provider to maximize the social welfare by employing incentives and pricing rules on the users of a network. The service provider and legitimate users are assumed to observe the network for a long time and gain probabilistic knowledge about another user being malicious or not. This probabilistic knowledge is utilized by the service provider and legitimate users to amend their actions to counteract malicious users present in the network. Considering these assumptions and facts, we propose Bayesian pricing and auction mechanism to achieve Bayesian Nash Equilibrium points in different scenarios where probabilistic information proves beneficial for legitimate users and service provider. Further, we propose a reputation assessment and updating mechanism where payment and participation parameters are considered to quantify user's reliability. Extensive experimentation has been carried out using MatLab. We consider the rate of social welfare degradation and variation in user's utility as parameters to validate the proposed model.

Yuanjie Li,Hewu Li,Zhizheng Lv,Xingkun Yao,Qianru Li,Jianping Wu

DOI: https://doi.org/10.1145/3460120.3484737

2021-01-01

Abstract:We devise a simple, provably effective, and readily usable deterrence against intelligent, unknown DDoS threats: Demotivate adversaries to launch attacks via multi-hop traffic divergence. This new strategy is motivated by the fact that existing defenses almost always lag behind numerous emerging DDoS threats and evolving intelligent attack strategies. The root cause is if adversaries are smart and adaptive, no single-hop defenses (including optimal ones) can perfectly differentiate unknown DDoS and legitimate traffic. Instead, we formulate intelligent DDoS as a game between attackers and defenders, and prove how multi-hop traffic divergence helps bypass this dilemma by reversing the asymmetry between attackers and defenders. This insight results in EID, an Economical Intelligent DDoS Demotivation protocol. EID combines local weak (yet divergent) filters to provably null attack gains without knowing exploited vulnerabilities or attack strategies. It incentivizes multi-hop defenders to cooperate with boosted local service availability. EID is resilient to traffic dynamics and manipulations. It is readily deployable with random-drop filters in real networks today. Our experiments over a 49.8 TB dataset from a department at the Tsinghua campus network validate EID's viability against rational and irrational DDoS with negligible costs.

Boren He,Futai Zou,Yue Wu

DOI: https://doi.org/10.1109/ssic.2018.8556830

2018-01-01

Abstract:Distributed Denial of Service (DDoS) attack is one of the most severe threat in current internet. Software Defined Network (SDN) is novel network structure based on the idea of separation of control plane and data plane. SDN allows us to program and monitor networks, and decide how to forward a packet, so it provides a new solution to defend DDoS attack. This paper proposes a multi-SDN Based cooperation scheme to defend DDoS attack. We adopt machine learning to detect DDoS attack, and design a protocol to enable communication among controllers. This protocol can achieve two goals, one is to build and maintain an independent network among controllers of different SDN, and the other is to enable attack information exchange among controllers, so they can find attacker and mitigate DDoS attack. The experimental results show that the proposed protocol can achieve high detection accuracy, find attackers accurately and mitigate DDoS attack traffic effectively with a relatively low cost and latency.

Lei Hou,Haixin Duan,Jianping Wu

DOI: https://doi.org/10.1109/CIT.2010.184

2010-01-01

Abstract:In Peer-to-Peer (P2P) networks a malicious peer can control the direction of the traffic after it controls lots of bots. This paper focus on defending Distributed Denial of Service (DDoS) attack in P2P networks by selecting the most active peer with its credit values which is recorded in a period of Credit Construction time. The Credit values can be updated in the lest period. We propose Scheduler to compute local credit values and maintain the global trust relationships. In order to assess the effectiveness of the above techniques, we extend Sybil attack and DDoS attack in simulator tool named p2psim-0.3 and implement distinguishing master and updating credit algorithms. Although we adopt tapestry protocol and Euclidean topology to implement the algorithms, the same methodology can be applied to other DHT (Distributed Hash Table)_based lookup protocols in P2P networks and topologies as well.

Hongcheng Huang,Peixin Ye,Min Hu,Jun Wu

DOI: https://doi.org/10.1016/j.dcan.2022.04.008

IF: 6.348

2022-04-01

Digital Communications and Networks

Abstract:Nowadays, a large number of intelligent devices involved in the Industrial Internet of Things (IIoT) environment are posing unprecedented cybersecurity challenges. Due to the limited budget for security protection, the IIoT devices are vulnerable and easily compromised to launch Distributed Denial-of-Service (DDoS) attacks, resulting in disastrous results. Unfortunately, considering the particularity of the IIoT environment, most of the defense solutions in traditional networks cannot be directly applied to IIoT with acceptable security performance. Therefore, in this work, we propose a multi-point collaborative defense mechanism against DDoS attacks for IIoT. Specifically, for the single point DDoS defense, we design an edge-centric mechanism termed EdgeDefense for the detection, identification, classification, and mitigation of DDoS attacks and the generation of defense information. For the practical multi-point scenario, we propose a collaborative defense model against DDoS attacks to securely share the defense information across the network through the blockchain. Besides, a fast defense information sharing mechanism is designed to reduce the delay of defense information sharing and provide a responsive cybersecurity guarantee. The simulation results indicate that the identification and classification performance of the two machine learning models designed for EdgeDefense are better than those of the state-of-the-art baseline models, and therefore EdgeDefense can defend against DDoS attacks effectively. The results also verify that the proposed fast sharing mechanism can reduce the propagation delay of the defense information blocks effectively, thereby improving the responsiveness of the multi-point collaborative DDoS defense.

telecommunications

Jieren Cheng,Xinzhi Yao,Hui Li,Hao Lu,Naixue Xiong,Ping Luo,Le Liu,Hao Guo,Wen Feng

DOI: https://doi.org/10.32604/csse.2022.025668

IF: 4.397

2022-01-01

Computer Systems Science and Engineering

Abstract:Distributed Denial of Service (DDoS) attacks is always one of the major problems for service providers. Using blockchain to detect DDoS attacks is one of the current popular methods. However, the problems of high time overhead and cost exist in the most of the blockchain methods for detecting DDoS attacks. This paper proposes a blockchain-based collaborative detection method for DDoS attacks. First, the trained DDoS attack detection model is encrypted by the Intel Software Guard Extensions (SGX), which provides high security for uploading the DDoS attack detection model to the blockchain. Secondly, the service provider uploads the encrypted model to Inter Planetary File System (IPFS) and then a corresponding Content-ID (CID) is generated by IPFS which greatly saves the cost of uploading encrypted models to the blockchain. In addition, due to the small amount of model data, the time cost of uploading the DDoS attack detection model is greatly reduced. Finally, through the blockchain and smart contracts, the CID is distributed to other service providers, who can use the CID to download the corresponding DDoS attack detection model from IPFS. Blockchain provides a decentralized, trusted and tamper-proof environment for service providers. Besides, smart contracts and IPFS greatly improve the distribution efficiency of the model, while the distribution of CID greatly improves the efficiency of the transmission on the blockchain. In this way, the purpose of collaborative detection can be achieved, and the time cost of transmission on blockchain and IPFS can be considerably saved. We designed a blockchain-based DDoS attack collaborative detection framework to improve the data transmission efficiency on the blockchain, and use IPFS to greatly reduce the cost of the distribution model. In the experiment, compared with most blockchain-based method for DDoS attack detection, the proposed model using blockchain distribution shows the advantages of low cost and latency. The remote authentication mechanism of Intel SGX provides high security and integrity, and ensures the availability of distributed models.

computer science, theory & methods, hardware & architecture

Xu Chen,Liang Xiao,Wei Feng,Ning Ge,Xianbin Wang

DOI: https://doi.org/10.1109/jiot.2021.3138094

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:The proliferation of Distributed Denial of Service (DDoS) attacks in Internet of Things (IoT) not only threatens the security of digital devices and infrastructure but also severely degrades IoT system performance due to the overly consumed network resources. With the knowledge of identity information of devices and signaling data, Internet service providers (ISPs) can detect and block DDoS traffic by monitoring the upstream IoT packets, and thereby, improve network efficiency. However, inspecting all data packets online for DDoS detection will significantly increase both the network delay and the computational overhead. Therefore, the packet sampling strategy is crucial for the defenders to detect DDoS attacks. To this end, this article formulates a Stackelberg game model to analyze the collaborative IoT packet sampling against DDoS attacks. Through the equilibrium analysis of the DDoS game, we derive the lower bound of packet sampling rate (PSR) that can effectively deter potential attackers. Unlike traditional offline detection, our proposed packet sampling strategy can support both the online detection and proactive prevention of DDoS traffic. As a use case, a multipoint DDoS defense framework is developed to address the IP spoofing in 5G networks based on the proposed packet sampling strategy, which deters DDoS attacks and reduces the packet sampling cost, and thereby, maximizes the IoT utility, compared with existing methods. In typical reflection attacks (in which no more than five packets of response are triggered by a request packet), our proposed scheme not only reduces more than 70% of the sampling rate but also demonstrates superior robustness against boundary condition variation.

Jing Jiang,Xiao Liu

DOI: https://doi.org/10.1109/IEEM.2018.8607827

2018-01-01

Abstract:Critical infrastructures are significant for national security, economic development and social stability. With the development of economic globalization and information technology, the increasing network complexity and dynamic information have brought challenges to generate data-driven defense strategies for an infrastructure network against multiple interdictions. In order to optimize the defense strategy dynamically, we develop a data-driven finite Bayesian Stackelberg game model among a defender and multiple interdictors. In this model, the defender, with incomplete information on the interdictors' risk attitude and objective weight, initiates to improve the network performance in the most cost-effective way; whereas the interdictor, with incomplete information on the valuation of components and effectiveness ratio, follows to destroy the network structure in the most cost-effective way. Over the dynamic interactions among the defender and multiple interdictors, the interdictor's knowledge of the effectiveness ratio is updated by Bayesian updating rule. In order to solve the proposed model, smallest-depth binary-partition based hierarchical algorithm is developed to obtain the strong Stackelberg equilibrium. Finally, the practical applicability is demonstrated by a case study of Zhi Jiang network.

Wei Guo,Jin Xu,Yukui Pei,Liuguo Yin,Chunxiao Jiang,Ning Ge

DOI: https://doi.org/10.1109/jiot.2022.3176121

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:Satellite Internet (SI) dramatically expanded the ground-based Internet, and it is also the future direction of 6G. However, due to limited computing power and bandwidth resources, Distributed Denial-of-Service (DDoS) attacks can cause more severe damage to SI, and even paralysis of the entire network. Current DDoS defense mechanisms are built on abundant computing power and bandwidth resources, making applying in the SI scenario challenging. Aiming at protecting SI from DDoS attacks, a blockchain-based distributed collaborative entrance defense (DCED) framework is proposed, in which network traffic characteristics can be recorded and aggregated at the entrances of SI. The proposed framework consists of a distributed detection digesting procedure, a digest virtual aggregation procedure, and an entrance control strategy. The former procedure detects and extracts multidimensional characteristics of DDoS attacks and pushes them onto the blockchain. The latter procedure collects block data and aggregates attack features using the MapReduce algorithm and then compares them with baseline and gives an alert. The strategy completes the filtering and interception of traffic. Experiments use the IXIA platform to generate malicious traffic, and results show that the framework can accurately identify attack traffic within 1500 ms, reaching an area of 0.99 under the receiver operating characteristic curve. The proposed framework is more effective than other similar DDoS methods, protecting the precious SI bandwidth resources.

Zhaobin Li,Bin Yang,Xinyu Zhang,Chao Guo

DOI: https://doi.org/10.1155/2022/1886516

IF: 1.968

2022-01-07

Security and Communication Networks

Abstract:The centralized management of Software-Defined Network (SDN) brings convenience to Space-Air-Ground Integrated Networks (SAGIN), which also makes it vulnerable to Distributed Denial of Service (DDoS). At present, the popular detection methods are based on machine learning, but most of them are fixed detection strategies with high overhead and real-time control, so the efficiency is not high. This paper designs different defense methods for different DDoS attacks and constructs a multitype DDoS defense model based on a dynamic Bayesian game in the Software-Defined Space-Air-Ground Integrated Networks (SD-SAGIN). The proposed game model’s Nash equilibrium is solved based on the different costs and payoffs of each method. We simulated the attack and defense of DDoS in Ryu controller and Mininet. The results show that, under our model, the attacker and defender’s strategies are in a dynamic balance, and the controller can effectively reduce the defense cost while ensuring detection accuracy. Compared with the existing traditional Support Vector Machine (SVM) defense method, the performance of the proposed method is better, and it provides one of the references for DDoS defense in SD-SAGIN.

computer science, information systems,telecommunications

Jie Ma,Wei Su,Yikun Li,Yihua Peng

DOI: https://doi.org/10.1016/j.future.2023.12.033

IF: 7.307

2024-01-05

Future Generation Computer Systems

Abstract:The availability of SD-IoT is now under complex and serious cyber threats, especially distributed denial-of-service attacks. However, traditional defense schemes suffer from coarse-grained centralized sampling approaches, low accuracy of detection models, and inefficient mitigation methods. In this paper, a novel DDoS defense scheme is proposed, which consists of a high-accuracy detection mechanism based on a Graph Convolutional Neural Network learning model and a mitigation mechanism based on fast traffic migration. In the detection stage, a fine-grained INT sampling approach is utilized to obtain multidimensional network topology and status information. The Graph Convolutional Neural Network learning model detects switches containing DDoS attack traffic with high accuracy because the detection model not only extracts and utilizes multiple temporal and spatial features of the collected information, but also has a better learning and representation capability. In the mitigation stage, the enhanced whitelist with dynamic threshold-based values is automatically adapted to the real-time state of the network environment for enhanced mitigation flexibility. The fast programmable segment rerouting strategy can block attack traffic in time and ensure the continuity of network services. The results of several comparison experiments show that the proposed scheme can detect DDoS attacks more accurately and mitigate them more effectively than traditional schemes.

computer science, theory & methods

Zhihong Tian,Mingzeng Hu,Bin Li,Bo Liu,Hongli Zhang

2006-01-01

Abstract:Distributed denial of service DDoS is a major threat to the availability of Internet services. As one of the most difficult problems in network security, it has received considerable attention from the mass media and the research community. In this paper, we design an effective and practical countermeasure which allows a general-purpose TCP-based public server to sustain high availability even during severe DDoS attacks. A novel microeconomic framework based on Generalized Vickrey auction GVA is proposed. By adopting this mechanism, not only the availability of services is improved, but also the total utility of legitimate clients can be maximized. Initial simulations have shown that this mechanism is highly effective in preferentially dropping attacker traffic over legitimate client traffic, and the protected server can remain operational under various system loads and severely attacked conditions. The results indicate that it is a promising approach to countering DDoS attacks.

Ke Wang,Wanchun Liu,Teng Joon Lim

2024-11-16

Abstract:In this paper, we consider a wireless resource allocation problem in a cyber-physical system (CPS) where the control channel, carrying resource allocation commands, is subjected to denial-of-service (DoS) attacks. We propose a novel concept of collaborative distributed and centralized (CDC) resource allocation to effectively mitigate the impact of these attacks. To optimize the CDC resource allocation policy, we develop a new CDC-deep reinforcement learning (DRL) algorithm, whereas existing DRL frameworks only formulate either centralized or distributed decision-making problems. Simulation results demonstrate that the CDC-DRL algorithm significantly outperforms state-of-the-art DRL benchmarks, showcasing its ability to address resource allocation problems in large-scale CPSs under control channel attacks.

Information Theory,Machine Learning,Signal Processing,Systems and Control