HOPE EKE h.eke@rgu.ac.uk
Completed Research Student
Detection of false command and response injection attacks for cyber physical systems security and resilience.
Eke, Hope; Petrovski, Andrei; Ahriz, Hatem
Authors
Andrei Petrovski
Dr Hatem Ahriz h.ahriz@rgu.ac.uk
Principal Lecturer
Abstract
The operational cyber-physical system (CPS) state, safety and resource availability is impacted by the safety and security measures in place. This paper focused on i) command injection (CI) attack that alters the system behaviour through injection of false control and configuration commands into a control system and ii) response injection (RI) attacks that modifies the response from server to client, thereby providing false information about system state. In this project, we implemented deep learning (DL) multi-layered security model approach for securing industrial control system (ICS) against malicious CI and RI attacks. We validated this approach with two case studies: i) network transactions between a Remote Terminal Unit (RTU) and a Master Control Unit (MTU) in-house SCADA gas pipeline control system and ii) a case study of command and response injection attacks. Based on this project result, we show that the proposed approach achieved a significant attacks detection capability of 96.50%. Also, demonstrated that performance of attack detection techniques applied can be influences by the nature of network transactions with respect to the domain of application. Hence, robustness and resilience of operational CPS state and performance are influenced by the safety and security measures in place which is specific to the CPS device in question.
Citation
EKE, H., PETROVSKI, A. and AHRIZ, H. 2020. Detection of false command and response injection attacks for cyber physical systems security and resilience. In Proceedings of the 13th Security of information and networks international conference 2020 (SIN 2020), 4-7 November 2020, Merkez, Turkey. New York: ACM [online], article number 10, pages 1-8. Available from: https://doi.org/10.1145/3433174.3433615
| Presentation Conference Type | Conference Paper (published) |
|---|---|
| Conference Name | 13th Security of information and networks international conference 2020 (SIN 2020) |
| Start Date | Nov 4, 2020 |
| End Date | Nov 7, 2020 |
| Acceptance Date | Oct 27, 2020 |
| Online Publication Date | Nov 4, 2020 |
| Publication Date | Nov 30, 2020 |
| Deposit Date | Nov 12, 2020 |
| Publicly Available Date | Nov 12, 2020 |
| Publisher | Association for Computing Machinery (ACM) |
| Peer Reviewed | Peer Reviewed |
| Pages | 1-8 |
| DOI | https://doi.org/10.1145/3433174.3433615 |
| Keywords | Advanced persistent threats (APTs); Command and response injection; Cyber-physical systems (CPSs); Industrial control systems (ICS); Distributed control systems (DCS); Supervisory control and data acquisition (SCADA) |
| Public URL | https://rgu-repository.worktribe.com/output/996522 |
Files
EKE 2020 Detection of false command (AAM)
(1.3 Mb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by-nc/4.0/
You might also like
Framework for detecting APTs based on steps analysis and correlation.
(2022)
Book Chapter
The use of machine learning algorithms for detecting advanced persistent threats.
(2019)
Presentation / Conference Contribution
Advanced persistent threats detection based on deep learning approach.
(2023)
Presentation / Conference Contribution
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search