Let's Talk Through Physics! Covert Cyber-Physical Data Exfiltration on Air-Gapped Edge Devices

10/14/2022
by   Matthew Chan, et al.
0

Although organizations are continuously making concerted efforts to harden their systems against network attacks by air-gapping critical systems, attackers continuously adapt and uncover covert channels to exfiltrate data from air-gapped systems. For instance, attackers have demonstrated the feasibility of exfiltrating data from a computer sitting in a Faraday cage by exfiltrating data using magnetic fields. Although a large body of work has recently emerged highlighting various physical covert channels, these attacks have mostly targeted open-loop cyber-physical systems where the covert channels exist on physical channels that are not being monitored by the victim. Network architectures such as fog computing push sensitive data to cyber-physical edge devices–whose physical side channels are typically monitored via state estimation. In this paper, we formalize covert data exfiltration that uses existing cyber-physical models and infrastructure of individual devices to exfiltrate data in a stealthy manner, i.e., we propose a method to circumvent cyber-physical state estimation intrusion detection techniques while exfiltrating sensitive data from the network. We propose a generalized model for encoding and decoding sensitive data within cyber-physical control loops. We evaluate our approach on a distributed IoT network that includes computation nodes residing on physical drones as well as on an industrial control system for the control of a robotic arm. Unlike prior works, we formalize the constraints of covert cyber-physical channel exfiltration in the presence of a defender performing state estimation.

READ FULL TEXT

page 1

page 4

page 7

page 9

research
02/18/2022

Assessment of Cyber-Physical Intrusion Detection and Classification for Industrial Control Systems

The increasing interaction of industrial control systems (ICSs) with pub...
research
02/01/2018

Taking Control: Design and Implementation of Botnets for Cyber-Physical Attacks with CPSBot

Recently, botnets such as Mirai and Persirai targeted IoT devices on a l...
research
01/24/2018

Reasoning about effects: from lists to cyber-physical agents

Theories for reasoning about programs with effects initially focused on ...
research
06/16/2021

A Revised Taxonomy of Steganography Embedding Patterns

Steganography embraces several hiding techniques which spawn across mult...
research
09/07/2020

Unsupervised Learning Based Robust Multivariate Intrusion Detection System for Cyber-Physical Systems using Low Rank Matrix

Regular and uninterrupted operation of critical infrastructures such as ...
research
06/29/2019

Incidents Are Meant for Learning, Not Repeating: Sharing Knowledge About Security Incidents in Cyber-Physical Systems

Cyber-physical systems (CPSs) are part of most critical infrastructures ...
research
02/02/2018

Advanced Symbolic Time Series Analysis in Cyber Physical Systems

This paper presents advanced symbolic time series analysis (ASTSA) for l...

Please sign up or login with your details

Forgot password? Click here to reset