Identifying Near-Optimal Single-Shot Attacks on ICSs with Limited Process Knowledge

04/19/2022
by   Herson Esquivel-Vargas, et al.
0

Industrial Control Systems (ICSs) rely on insecure protocols and devices to monitor and operate critical infrastructure. Prior work has demonstrated that powerful attackers with detailed system knowledge can manipulate exchanged sensor data to deteriorate performance of the process, even leading to full shutdowns of plants. Identifying those attacks requires iterating over all possible sensor values, and running detailed system simulation or analysis to identify optimal attacks. That setup allows adversaries to identify attacks that are most impactful when applied on the system for the first time, before the system operators become aware of the manipulations. In this work, we investigate if constrained attackers without detailed system knowledge and simulators can identify comparable attacks. In particular, the attacker only requires abstract knowledge on general information flow in the plant, instead of precise algorithms, operating parameters, process models, or simulators. We propose an approach that allows single-shot attacks, i.e., near-optimal attacks that are reliably shutting down a system on the first try. The approach is applied and validated on two use cases, and demonstrated to achieve comparable results to prior work, which relied on detailed system information and simulations.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
08/27/2021

Identifying Non-Control Security-Critical Data in Program Binaries with a Deep Neural Model

As control-flow protection methods get widely deployed it is difficult f...
research
07/17/2019

Real-time Evasion Attacks with Physical Constraints on Deep Learning-based Anomaly Detectors in Industrial Control Systems

Recently, a number of deep learning-based anomaly detection algorithms w...
research
10/11/2022

Detecting Hidden Attackers in Photovoltaic Systems Using Machine Learning

In modern smart grids, the proliferation of communication-enabled distri...
research
11/26/2022

SCAPHY: Detecting Modern ICS Attacks by Correlating Behaviors in SCADA and PHYsical

Modern Industrial Control Systems (ICS) attacks evade existing tools by ...
research
03/23/2022

Distort to Detect, not Affect: Detecting Stealthy Sensor Attacks with Micro-distortion

In this paper, we propose an effective and easily deployable approach to...
research
10/23/2020

Reducing Bias in Modeling Real-world Password Strength via Deep Learning and Dynamic Dictionaries

Password security hinges on an accurate understanding of the techniques ...
research
03/20/2021

Observation-Assisted Heuristic Synthesis of Covert Attackers Against Unknown Supervisors

In this work, we address the problem of synthesis of covert attackers in...

Please sign up or login with your details

Forgot password? Click here to reset