Skip to main content

Research Repository

Advanced Search

Detection of false command and response injection attacks for cyber physical systems security and resilience.

Eke, Hope; Petrovski, Andrei; Ahriz, Hatem

Authors



Abstract

The operational cyber-physical system (CPS) state, safety and resource availability is impacted by the safety and security measures in place. This paper focused on i) command injection (CI) attack that alters the system behaviour through injection of false control and configuration commands into a control system and ii) response injection (RI) attacks that modifies the response from server to client, thereby providing false information about system state. In this project, we implemented deep learning (DL) multi-layered security model approach for securing industrial control system (ICS) against malicious CI and RI attacks. We validated this approach with two case studies: i) network transactions between a Remote Terminal Unit (RTU) and a Master Control Unit (MTU) in-house SCADA gas pipeline control system and ii) a case study of command and response injection attacks. Based on this project result, we show that the proposed approach achieved a significant attacks detection capability of 96.50%. Also, demonstrated that performance of attack detection techniques applied can be influences by the nature of network transactions with respect to the domain of application. Hence, robustness and resilience of operational CPS state and performance are influenced by the safety and security measures in place which is specific to the CPS device in question.

Citation

EKE, H., PETROVSKI, A. and AHRIZ, H. 2020. Detection of false command and response injection attacks for cyber physical systems security and resilience. In Proceedings of the 13th Security of information and networks international conference 2020 (SIN 2020), 4-7 November 2020, Merkez, Turkey. New York: ACM [online], article number 10, pages 1-8. Available from: https://doi.org/10.1145/3433174.3433615

Conference Name 13th Security of information and networks international conference 2020 (SIN 2020)
Conference Location Merkez, Turkey
Start Date Nov 4, 2020
End Date Nov 7, 2020
Acceptance Date Oct 27, 2020
Online Publication Date Nov 4, 2020
Publication Date Nov 30, 2020
Deposit Date Nov 12, 2020
Publicly Available Date Mar 29, 2024
Publisher Association for Computing Machinery (ACM)
Pages 1-8
DOI https://doi.org/10.1145/3433174.3433615
Keywords Advanced persistent threats (APTs); Command and response injection; Cyber-physical systems (CPSs); Industrial control systems (ICS); Distributed control systems (DCS); Supervisory control and data acquisition (SCADA)
Public URL https://rgu-repository.worktribe.com/output/996522

Files





You might also like



Downloadable Citations