Cyber-physical systems (CPS) have been increasingly attacked by hackers. Recent studies have shown that CPS are especially vulnerable to insider attacks, in which case the attacker has full knowledge of the systems configuration. To better prevent such types of attacks, we need to understand how insider attacks are generated. Typically, there are three critical aspects for a successful insider attack: (i) Maximize damage, (ii) Avoid detection and (iii) Minimize the attack cost. In this paper we propose a Stealthy Attack GEneration (SAGE) framework by formulizing a novel optimization problem considering these three objectives and the physical constraints of the CPS. By adding small worst-case perturbations to the system, the SAGE attack can generate significant damage, while remaining undetected by the systems monitoring algorithms. The proposed methodology is evaluated on several anomaly detection algorithms. The results show that SAGE attacks can cause severe damage while staying undetected and keeping the cost of an attack low. Our method can be accessed in the supplementary material of this paper to aid researcher and practitioners in the design and development of resilient CPS and detection algorithms.
翻译:最近的研究表明,CPS特别容易受到内部攻击,在这种情况下,攻击者完全了解系统配置。为了更好地防止这类攻击,我们需要了解内部攻击是如何产生的。一般而言,内部攻击成功有三个关键方面:(一) 尽可能扩大破坏,(二) 避免探测,(三) 尽量减少攻击费用。在本文中,我们提议了一个隐形攻击放大(SAGE)框架,考虑到这三个目标和CPS的有形限制,形成一个新的优化问题。通过在系统中增加小小小的最坏情况干扰,SAGE攻击可以造成重大破坏,同时不受系统监测算法的干扰。拟议的方法根据一些异常探测算法进行评估。结果显示SAG攻击在不被发现和降低攻击费用的同时,可造成严重损害。我们的方法可以在本文的补充材料中提供给具有复原力的CPS设计和开发以及探测算法方面的辅助研究人员和从业人员。