具有多传感器的CPS系统的攻击检测
CSTR:
作者:
作者单位:

作者简介:

杨康(1992-),女,山东菏泽人,硕士,主要研究领域为CPS的安全性,形式化验证;李晓娟(1968-),女,博士,教授,CCF专业会员,主要研究领域为系统形式建模与验证,机器人系统软件安全,计算机网络协议分析;王瑞(1981-),女,博士,副教授,CCF专业会员,主要研究领域为形式化方法;施智平(1974-),男,博士,教授,CCF高级会员,主要研究领域为形式化,人工智能;关永(1966-),男,博士,教授,博士生导师,CCF专业会员,主要研究领域为形式化验证,系统可靠性,嵌入式系统;Xiaoyu Song(1963-),男,博士,教授,博士生导师,主要研究领域为形式化方法.

通讯作者:

王瑞,E-mail:rwang04@cnu.edu.cn

中图分类号:

TP309

基金项目:

国家自然科学基金(61877040,61702348,61602325);国家重点研发计划(2017YFB1301100)


Attack Detection of CPS System with Multi-sensors
Author:
Affiliation:

Fund Project:

National Natural Science Foundation of China (61877040, 61702348, 61602325); National Key R&D Plan (2017YFB1301100)

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    信息物理系统(cyber-physical systems,简称CPS)是基于环境感知实现计算、通信与物理元素紧密结合的下一代智能系统,广泛应用于安全攸关的系统和工业控制等领域.信息技术与物理世界的相互作用使得CPS容易受到各种恶意攻击,从而破坏其安全性.主要研究存在瞬态故障的CPS中传感器的攻击检测问题.考虑具有多个传感器测量相同物理变量的系统,其中一些传感器可能受到恶意攻击并提供错误的测量.此外,使用抽象传感器模型,每个传感器为控制器提供一个真实值的可能间隔.已有的用于检测传感器被恶意攻击的方法是保守的.当专业攻击者在一段时间内轻微地或不频繁地操纵传感器的输出时,现有方法很难捕获到攻击,如隐身攻击.为了解决这个问题,设计了一种基于融合间隔和历史测量的传感器攻击检测方法.该方法首先为不同的传感器构建不同的故障模型,使用系统动力学方程把历史测量融入到攻击检测方法中,从不同的方面分析传感器的测量.另外,利用历史测量和融合间隔解决了两个传感器的测量相交时是否存在故障的问题.该方法的核心思想是利用传感器之间的成对不一致关系检测和识别攻击.从EV3地面车辆上获得真实的测量数据来验证算法的性能.实验结果表明,所提出的方法优于现有方法,对各种攻击类型都有较好的检测和识别性能,特别是对于隐身攻击,检测率和识别率大约提高了90%以上.

    Abstract:

    Cyber-physical systems (CPS) are next-generation intelligent systems based on environment-aware computing, communication, and physical elements. They are widely used in security-critical systems and industrial control. The interaction of information technology and the physical world makes CPS vulnerable to various malicious attacks, thereby undermining its security. This work mainly studies the attack detection problem of sensors in CPS systems with transient faults. This study considers a system with multiple sensors measuring the same physical variables, and some sensors may be malicious attacked and provide erroneous measurements. In addition, this study uses an abstract sensor model where each sensor provides the controller with an interval of possible values for the true value. Existing methods for detecting sensor malicious attacks are conservative. When a professional attacker manipulates the sensor's output slightly or infrequently over a period of time, existing methods are difficult to capture attacks, such as stealth attacks. In order to solve this problem, this study designs a sensor attack detection algorithm based on fusion intervals and historical measurements. First, the algorithm constructs different fault models for different sensors, integrates historical measurements into the attack detection method using system dynamics equations, and analyzes sensor measurements from different aspects. In addition, combined with historical measurement and fusion interval, the problem of whether there are faults when the two sensors intersect is solved. The core idea of this method is to detect and identify attack by using pairwise inconsistency between sensors. This study obtains real measurement data from EV3 ground vehicles to verify the performance of the algorithm. The experimental results show that the proposed method is superior to the state-of-the-art algorithm, and has better detection and recognition performance for various attack types. Especially for stealth attacks, the detection rate and recognition rate are increased by more than 90%.

    参考文献
    相似文献
    引证文献
引用本文

杨康,王瑞,关永,李晓娟,施智平,Xiaoyu SONG.具有多传感器的CPS系统的攻击检测.软件学报,2019,30(7):2018-2032

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2018-07-13
  • 最后修改日期:2018-09-28
  • 录用日期:
  • 在线发布日期: 2019-04-03
  • 出版日期:
文章二维码
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号