A Framework for Determining Robust Context-Aware Attack-Detection Thresholds for Cyber-Physical Systems
Paper in proceeding, 2021

Process-aware attack detection plays a key role in securing cyber-physical systems. A process-aware detection system (PADS) identifies a baseline behaviour of the physical process in cyber-physical systems and continuously attempts to detect deviations from the baseline attributed to malicious modifications in the process operation. Typically, a PADS triggers an alarm whenever the detection score crosses a fixed and predetermined threshold. In this paper, we argue that in the context of securing cyber-physical systems, relying on a single fixed threshold can undermine the effectiveness of the PADS, and propose a context-aware framework for determining two-dimensional thresholds that enhance the sensibility and reliability of such detection systems by rendering them more robust to false detection. In addition, we propose an algorithm, out of many possible, within this framework as a practical example.

attack detection

cyber-physical systems

process-aware defense

threshold

Author

Wissam Aoudi

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Magnus Almgren

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

ACM International Conference Proceeding Series


9781450389563 (ISBN)

Australasian Information Security Conference
Dunedin, New Zealand,

RIOT: Resilient Internet of Things

Swedish Civil Contingencies Agency (MSB2018-12526), 2019-01-01 -- 2023-12-31.

Resilient Information and Control Systems (RICS)

Swedish Civil Contingencies Agency (2015-828), 2015-09-01 -- 2020-08-31.

Integrated cyber-physical solutions for intelligent distribution grid with high penetration of renewables (UNITED-GRID)

European Commission (EC) (EC/H2020/773717), 2017-11-01 -- 2020-04-30.

KIDSAM: Knowledge and information-sharing in digital collaborative projects

VINNOVA (2018-03966), 2018-11-01 -- 2021-11-30.

Subject Categories

Other Computer and Information Science

Computer Science

Computer Systems

DOI

10.1145/3437378.3437393

More information

Latest update

3/21/2023