Abstract
This chapter considers the problem of securely operating a cyber-physical system under different types of attacks, including actuator and sensor attacks. The proposed defense approach consists of a proactive and a reactive mechanism. The proactive part leverages the principles of moving target defense, and introduces a stochastic switching structure that dynamically and continuously alters the behavior of the system, aiming to neutralize the attacker’s reconnaissance efforts. An unpredictability metric is proposed that utilizes the entropy induced by a switching supervisor, in order to maximize efficiency. The reactive part isolates the potentially compromised system components. A novel integral Bellman-based intrusion detection system is used to detect the attacks and take appropriate measures by collecting data online and without knowledge of the physical interpretation of the system. Simulation results are presented to showcase the efficacy of the proposed approach.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
R.R. Rajkumar, I. Lee, L. Sha, J. Stankovic, Cyber-physical systems: the next computing revolution, in Proceedings of the 47th Design Automation Conference (ACM, New York, 2010), pp. 731–736
J. Kim, H. Kim, K. Lakshmanan, R.R. Rajkumar, Parallel scheduling for cyber-physical systems: analysis and case study on a self-driving car, in Proceedings of the ACM/IEEE 4th International Conference on Cyber-Physical Systems (ACM, New York, 2013), pp. 31–40
I. Lee, O. Sokolsky, Medical cyber physical systems, in Design Automation Conference (DAC), 2010 47th ACM/IEEE (IEEE, Piscataway, 2010), pp. 743–748
Y. Mo, T.H.-J. Kim, K. Brancik, D. Dickinson, H. Lee, A. Perrig, B. Sinopoli, Cyber-physical security of a smart grid infrastructure. Proc. IEEE 100(1), 195–209 (2012)
Y. Liu, P. Ning, M.K. Reiter, False data injection attacks against state estimation in electric power grids. ACM Trans. Inf. Syst. Secur. 14(1), 13 (2011)
J. Slay, M. Miller, Lessons learned from the Maroochy water breach, in International Conference on Critical Infrastructure Protection (Springer, Berlin, 2007), pp. 73–82
J.P. Farwell, R. Rohozinski, Stuxnet and the future of cyber war. Survival 53(1), 23–40 (2011)
S. Jajodia, A.K. Ghosh, V. Swarup, C. Wang, X.S. Wang, Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, vol. 54 (Springer, New York, 2011)
B. van Lier, Can cyber-physical systems reliably collaborate within a blockchain? Metaphilosophy 48(5), 698–711 (2017)
A.A. Cardenas, S. Amin, S. Sastry, Secure control: towards survivable cyber-physical systems, in 28th International Conference on Distributed Computing Systems Workshops, 2008. ICDCS’08 (IEEE, Piscataway, 2008), pp. 495–500
T. Alpcan, T. BaÅŸar, Network Security: A Decision and Game-Theoretic Approach (Cambridge University Press, Cambridge, 2010)
M. Pajic, J. Weimer, N. Bezzo, O. Sokolsky, G.J. Pappas, I. Lee, Design and implementation of attack-resilient cyberphysical systems: with a focus on attack-resilient state estimators. IEEE Control. Syst. 37(2), 66–81 (2017)
F. Pasqualetti, F. Dorfler, F. Bullo, Control-theoretic methods for cyberphysical security: geometric principles for optimal cross-layer resilient control systems. IEEE Control. Syst. 35(1), 110–127 (2015)
B. Satchidanandan, P.R. Kumar, Dynamic watermarking: active defense of networked cyber-physical systems. Proc. IEEE 105(2), 219–240 (2017)
K.G. Vamvoudakis, H. Modares, B. Kiumarsi, F.L. Lewis, Game theory-based control system algorithms with real-time reinforcement learning: how to solve multiplayer games online. IEEE Control. Syst. 37(1), 33–52 (2017)
K.G. Vamvoudakis, J.P. Hespanha, Cooperative Q-learning for rejection of persistent adversarial inputs in networked linear quadratic systems. IEEE Trans. Autom. Control 63, 1018–1031 (2017)
G. Theodorakopoulos, J.S. Baras, On trust models and trust evaluation metrics for ad hoc networks. IEEE J. Sel. Areas Commun. 24(2), 318–328 (2006)
S. Jajodia, A.K. Ghosh, V. Subrahmanian, V. Swarup, C. Wang, X.S. Wang, Moving Target Defense II: Application of Game Theory and Adversarial Modeling, vol. 100 (Springer, New York, 2012)
V. Casola, A. De Benedictis, M. Albanese, A multi-layer moving target defense approach for protecting resource-constrained distributed devices, in Integration of Reusable Systems (Springer, Cham, 2014), pp. 299–324
J.H. Jafarian, E. Al-Shaer, Q. Duan, Openflow random host mutation: transparent moving target defense using software defined networking, in Proceedings of the First Workshop on Hot Topics in Software Defined Networks (ACM, New York, 2012), pp. 127–132
M. Dunlop, S. Groat, W. Urbanski, R. Marchany, J. Tront, Mt6d: a moving target ipv6 defense, in Military Communications Conference, 2011-Milcom 2011 (IEEE, Piscataway, 2011), pp. 1321–1326
R. Zhuang, S.A. DeLoach, X. Ou, Towards a theory of moving target defense, in Proceedings of the First ACM Workshop on Moving Target Defense (ACM, New York, 2014), pp. 31–40
Q. Zhu, T. Başar, Game-theoretic approach to feedback-driven multi-stage moving target defense, in International Conference on Decision and Game Theory for Security (Springer, Berlin, 2013), pp. 246–263
S. Weerakkody, B. Sinopoli, Detecting integrity attacks on control systems using a moving target approach, in IEEE 54th Annual Conference on Decision and Control (CDC), 2015 (IEEE, Piscataway, 2015), pp. 5820–5826
H. Fawzi, P. Tabuada, S. Diggavi, Secure estimation and control for cyber-physical systems under adversarial attacks. IEEE Trans. Autom. Control 59(6), 1454–1467 (2014)
Y. Yan, P. Antsaklis, V. Gupta, A resilient design for cyber physical systems under attack, in American Control Conference (ACC), 2017 (IEEE, Piscataway, 2017), pp. 4418–4423
L. An, G.-H. Yang, Secure state estimation against sparse sensor attacks with adaptive switching mechanism. IEEE Trans. Autom. Control 63, 2596–2603 (2017)
H. Okhravi, T. Hobson, D. Bigelow, W. Streilein, Finding focus in the blur of moving-target techniques. IEEE Secur. Priv. 12(2), 16–26 (2014)
T.M. Cover, J.A. Thomas, Elements of Information Theory (Wiley, Hoboken, 2012)
J.P. Hespanha, A.S. Morse, Stability of switched systems with average dwell-time, in Proceedings of the 38th IEEE Conference on Decision and Control, 1999, vol. 3 (IEEE, Piscataway, 1999), pp. 2655–2660
A. Kanellopoulos, K.G. Vamvoudakis, Switching for unpredictability: a proactive defense control approach, to appear in, American Control Conference, Philadelphia, PA (2019)
D. Vrabie, K.G. Vamvoudakis, F.L. Lewis, Optimal Adaptive Control and Differential Games by Reinforcement Learning Principles, vol. 2. IET (2013)
R.J. Martin, L. Valavani, M. Athans, Multivariable control of a submersible using the lqg/ltr design methodology, in American Control Conference, 1986 (IEEE, Piscataway, 1986), pp. 1313–1324
X. Yu, J. Jiang, Hybrid fault-tolerant flight control system design against partial actuator failures. IEEE Trans. Control Syst. Technol. 20(4), 871–886 (2012)
Acknowledgements
This work was supported in part by NATO under grant No. SPS G5176, by ONR Minerva under grant No. N00014-18-1-2160, and by an NSF CAREER under grant CPS-1851588.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 This is a U.S. government work and not under copyright protection in the U.S.; foreign copyright protection may apply
About this chapter
Cite this chapter
Kanellopoulos, A., Vamvoudakis, K.G. (2019). Entropy-Based Proactive and Reactive Cyber-Physical Security. In: Wang, C., Lu, Z. (eds) Proactive and Dynamic Network Defense. Advances in Information Security, vol 74. Springer, Cham. https://doi.org/10.1007/978-3-030-10597-6_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-10597-6_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-10596-9
Online ISBN: 978-3-030-10597-6
eBook Packages: Computer ScienceComputer Science (R0)