Skip to main content

Research Repository

Advanced Search

Detection of false command and response injection attacks for cyber physical systems security and resilience.

Eke, Hope; Petrovski, Andrei; Ahriz, Hatem

Authors

Andrei Petrovski

Hatem Ahriz



Abstract

The operational cyber-physical system (CPS) state, safety and resource availability is impacted by the safety and security measures in place. This paper focused on i) command injection (CI) attack that alters the system behaviour through injection of false control and configuration commands into a control system and ii) response injection (RI) attacks that modifies the response from server to client, thereby providing false information about system state. In this project, we implemented deep learning (DL) multi-layered security model approach for securing industrial control system (ICS) against malicious CI and RI attacks. We validated this approach with two case studies: i) network transactions between a Remote Terminal Unit (RTU) and a Master Control Unit (MTU) in-house SCADA gas pipeline control system and ii) a case study of command and response injection attacks. Based on this project result, we show that the proposed approach achieved a significant attacks detection capability of 96.50%. Also, demonstrated that performance of attack detection techniques applied can be influences by the nature of network transactions with respect to the domain of application. Hence, robustness and resilience of operational CPS state and performance are influenced by the safety and security measures in place which is specific to the CPS device in question.

Citation

HOPE, E., PETROVSKI, A. and AHRIZ, H. 2020. Detection of false command and response injection attacks for cyber physical systems security and resilience. In Proceedings of the 13th International conference on security of information and networks (SIN 2020), 4-7 November 2020, Merkez, Turkey. New York: ACM [online], (accepted). To be made available from: https://doi.org/10.1145/3433174.3433615

Conference Name 13th International conference on security of information and networks (SIN 2020)
Start Date Nov 4, 2020
End Date Nov 7, 2020
Acceptance Date Nov 1, 2020
Deposit Date Nov 12, 2020
Publicly Available Date Nov 12, 2020
Publisher Association for Computing Machinery
DOI https://doi.org/10.1145/3433174.3433615
Keywords Advanced persistent threats (APTs); Command and response injection; Cyber-physical systems (CPSs); Industrial control systems (ICS); Distributed control systems (DCS); Supervisory control and data acquisition (SCADA)
Public URL https://rgu-repository.worktribe.com/output/996522

Files

EKE 2020 Detection of false command (AAM) (1.2 Mb)
PDF

Publisher Licence URL
https://creativecommons.org/licenses/by-nc/4.0/





You might also like



Downloadable Citations