Abstract
Recently, the security of Industrial Control Systems (ICSs) is widely concerned all over the world. In this paper, the security issues in remote state estimation process of ICSs will be considered. The communication channel between sensor nodes and the remote state estimator may be maliciously interfaced and manipulated by the internal or external attacker. With resources constraints for both the sensor and the attacker side, the interactive decision making process of whether to send or receive data packets or not for estimation process and whether to launch an attack on some data packets or not for an attacker are studied in this paper. A game theory based framework is formulated in the paper and it has been proved that a Nash equilibrium of the final pay-off arbitration game is existed. For the practical computation convenience, an on-line updating algorithm is proposed. What’s more, the simulation of the game-based framework described in this paper is demonstrated to verify the validity and efficiency of this framework. The experimental results have shown that the game-based framework could improve performance of the decision making and estimation process and mitigate the impact of the attack. It may provide a novel and feasible approach to protect the state estimation process and improve the intrusion tolerance in ICSs.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Clark, A., Zhu, C., Poovendran, R., Başar, T.: An impact-aware defense against stuxnet. In: 2013 American Control Conference, pp. 4140–4147. IEEE (2013)
Cheminod, M., Durante, L., Valenzano, A.: Review of security issues in industrial networks. IEEE Trans. Ind. Inf. 9(1), 277–293 (2013)
Stouffer, K., Falco, J., Scarfone, K.: Guide to industrial control systems (ics) security. NIST Spec. Publ. 800(82), 16 (2011)
Sahli, N., Benmohamed, M., Bourennane, E.-B.: Security for industrial automation and control systems. In: Conception et Production Intégrées/Integrated Desing and Production (CPI 2013), pp. 40–46 (2013)
Byres, E., Ginter, A., Langill, J.: How stuxnet spreads-a study of infection paths in best practice systems. Tofino Security, white paper (2011)
Falliere, N., Murchu, L.O., Chien, E.: W32. stuxnet dossier. White Paper Symantec Corp. Secur. Response 5, 6 (2011)
Albright, D., Brannan, P., Walrond, C.: Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Institute for Science and International Security (2010)
Slay, J., Miller, M.: Lessons learned from the maroochy water breach. In: Goetz, E., Shenoi, S. (eds.) ICCIP 2007. IFIP, vol. 253, pp. 73–82. Springer, Boston (2008). doi:10.1007/978-0-387-75462-8_6
Amin, S., Cárdenas, A.A., Shankar Sastry, S.: Safe and secure networked control systems under denial-of-service attacks. In: Majumdar, R., Tabuada, P. (eds.) HSCC 2009. LNCS, vol. 5469, pp. 31–45. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00602-9_3
Liu, Y., Ning, P., Reiter, M.K.: False data injection attacks against state estimation in electric power grids. ACM Trans. Inf. Syst. Secur. (TISSEC) 14(1), 13 (2011)
Teixeira, A., Amin, S., Sandberg, H., Johansson, K.H., Shankar Sastry, S.: Cyber security analysis of state estimators in electric power systems. In: 49th IEEE Conference on Decision and Control (CDC), pp. 5991–5998. IEEE (2010)
Mo, Y., Sinopoli, B.: Secure control against replay attacks. In: 47th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2009, pp. 911–918. IEEE (2009)
Smith, R.S.: A decoupled feedback structure for covertly appropriating networked control systems. IFAC Proc. 44(1), 90–95 (2011)
Krotofil, M., Cárdenas, A.A.: Is this a good time?: deciding when to launch attacks on process control systems. In: Proceedings of the 3rd International Conference on High Confidence Networked Systems, pp. 65–66. ACM (2014)
Krotofil, M., Cardenas, A., Larsen, J., Gollmann, D.: Vulnerabilities of cyber-physical systems to stale data-determining the optimal time to launch attacks. Int. J. Crit. Infrastruct. Prot. 7(4), 213–232 (2014)
Zhang, H., Cheng, P., Shi, L., Chen, J.: Optimal dos attack scheduling in wireless networked control system. IEEE Trans. Control Syst. Technol. 24(3), 843–852 (2016)
Pasqualetti, F., Dörfler, F., Bullo, F.: Attack detection and identification in cyber-physical systems. IEEE Trans. Autom. Control 58(11), 2715–2729 (2013)
Krotofil, M., Larsen, J., Gollmann, D.: The process matters: ensuring data veracity in cyber-physical systems. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, pp. 133–144. ACM (2015)
Bhattacharya, S., Başar, T.: Game-theoretic analysis of an aerial jamming attack on a uav communication network. In: Proceedings of the 2010 American Control Conference, pp. 818–823. IEEE (2010)
Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., Wu, Q.: A survey of game theory as applied to network security. In: 43rd Hawaii International Conference on System Sciences (HICSS), pp. 1–10. IEEE (2010)
Kashyap, A., Basar, T., Srikant, R.: Correlated jamming on mimo gaussian fading channels. IEEE Trans. Inf. Theor. 50(9), 2119–2123 (2004)
Gupta, A., Langbort, C., Başar, T.: Optimal control in the presence of an intelligent jammer with limited actions. In: 49th IEEE Conference on Decision and Control (CDC), pp. 1096–1101. IEEE (2010)
Agah, A., Das, S.K., Basu, K.: A game theory based approach for security in wireless sensor networks. In: IEEE International Conference on Performance, Computing, and Communications, pp. 259–263. IEEE (2004)
Li, Y., Shi, L., Cheng, P., Chen, J., Quevedo, D.E.: Jamming attacks on remote state estimation in cyber-physical systems: a game-theoretic approach. IEEE Trans. Autom. Control 60(10), 2831–2836 (2015)
Li, Y., Quevedo, D.E., Dey, S., Shi, L.: Sinr-based dos attack on remote state estimation: a game-theoretic approach. IEEE Trans. Control Netw. Syst. (2016). doi:10.1109/TCNS.2016.2549640
Hovareshti, P., Gupta, V., Baras, J.S.: Sensor scheduling using smart sensors. In: 46th IEEE Conference on Decision and Control, pp. 494–499. IEEE (2007)
Li, Y., Shi, L., Cheng, P., Chen, J., Quevedo, D.E.: Jamming attack on cyber-physical systems: a game-theoretic approach. In: IEEE 3rd Annual International Conference on Cyber Technology in Automation, Control and Intelligent Systems (CYBER), pp. 252–257. IEEE (2013)
Shi, L., Epstein, M., Murray, R.M.: Kalman filtering over a packet-dropping network: a probabilistic perspective. IEEE Trans. Autom. Control 55(3), 594–604 (2010)
Anderson, B.D.O., Moore, J.B.: Optimal filtering. Courier Corporation (2012)
Gibbons, R.: A primer in game theory. Harvester Wheatsheaf (1992)
Nash, J.: Non-cooperative games. Ann. Math. 54, 286–295 (1951)
Acknowledgement
The authors would like to thank anonymous reviewers for considerate and helpful comments. The work described in this paper is supported by National Natural Science Foundation of China (61379139) and the “Strategic Priority Research Program” of the Chinese Academy of Sciences, Grant No. XDA06010701.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Chen, C., Lin, D. (2017). Cyber-Attacks on Remote State Estimation in Industrial Control System: A Game-Based Framework. In: Chen, K., Lin, D., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2016. Lecture Notes in Computer Science(), vol 10143. Springer, Cham. https://doi.org/10.1007/978-3-319-54705-3_27
Download citation
DOI: https://doi.org/10.1007/978-3-319-54705-3_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-54704-6
Online ISBN: 978-3-319-54705-3
eBook Packages: Computer ScienceComputer Science (R0)