Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Limiting The Impact of Stealthy Attacks on Industrial Control Systems

Published

Author(s)

David Urbina, Alvaro Cardenas, Niles O. Tippenhauer, Junia Valente, Mustafa Faisal, Justin Ruths, Rick Candell, Heinrik Sandberg

Abstract

While attacks on information systems have for most practical purposes binary outcomes information was manipulated/eavesdropped, or not), attacks manipulating the sensor or control signals of Industrial Control Systems (ICS) can be tuned by the attacker to cause a continuous spectrum in damages. Attackers that want to remain undetected can attempt to hide their manipulation of the system by following closely the expected behavior of the system, while injecting just enough false information at each time step to achieve their goals. In this work, we show and compare attack-detection schemes that can limit the impact of such stealthy attacks. We start with a comprehensive review of related work on attack detection schemes in the security and control systems community. We then show that many of those works use detection schemes that are not limiting the impact of stealthy attacks. We propose a new metric to measure the impact of stealthy attacks and how they relate to our selection on an upper bound on false alarms. We finally show that the impact of such attacks can be mitigated in several cases by the proper combination and configuration of detection schemes. We demonstrate the effectiveness of our algorithms through simulations and experiments using real ICS testbeds and real ICS systems.
Proceedings Title
Proceeedings of the 23rd ACM Conference on Computer and Communications Security
Conference Dates
October 24-28, 2016
Conference Location
Vienna, AT
Conference Title
23rd ACM Conference on Computer and Communications Security

Keywords

cybersecurity, ICS, industrial control systems

Citation

Urbina, D. , Cardenas, A. , Tippenhauer, N. , Valente, J. , Faisal, M. , Ruths, J. , Candell, R. and Sandberg, H. (2016), Limiting The Impact of Stealthy Attacks on Industrial Control Systems, Proceeedings of the 23rd ACM Conference on Computer and Communications Security, Vienna, AT, [online], https://doi.org/10.1145/2976749.2978388, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=921616 (Accessed March 1, 2024)
Created October 27, 2016, Updated October 12, 2021