CISPA
Browse

Blind Concealment from Reconstruction-based Attack Detectors for Industrial Control Systems via Backdoor Attacks

Download (829.92 kB)
conference contribution
posted on 2023-11-29, 18:24 authored by Tim Walita, Alessandro Erba, John H. Castellanos, Nils Ole TippenhauerNils Ole Tippenhauer
Industrial Control Systems (ICS) are responsible for the safety and operations of critical infrastructure such as power grids. Attacks on such systems threaten the well-being of societies, and the lives of human operators, and pose huge financial risks. Due to their reliance on insecure legacy protocols and hosts, the systems cannot be protected easily. Fortunately, detailed process data is available and can be leveraged by process-aware attack detectors that verify inherent physical correlations. In commercial products, such detectors will be trained by the vendors on process data from the target system, which might allow malicious manipulations of the training process to later evade detection at runtime. Previously proposed attacks in this direction rely on detailed process knowledge to predict the exact attack features to be concealed. In this work, we show that even without any process knowledge, it is possible to launch training time attacks against such attack detectors. Our backdoor attacks achieve this by identifying `alien' actuator state combinations that never occur in the training samples and injecting them with legitimate sensor data into the training set. At runtime, the attacker spoofs one of those alien actuator state combinations, which triggers (regardless of current process sensor values) the classification as `normal'. To demonstrate this, we design and implement five backdoor attacks against autoencoder-based anomaly detectors for 14 attacks from the BATADAL dataset collection. Out of these five variations, four implementations have been found to be effective. Our evaluation also shows that our best backdoor attack implementation can achieve perfect attack concealment and accomplish an average accuracy of 0.19. Compared to the performance of the detector for anomalies that are not concealed by inserted triggers, our attacks decrease the detector's accuracy by 0.39.

History

Preferred Citation

Tim Walita, Alessandro Erba, John Castellanos and Nils Tippenhauer. Blind Concealment from Reconstruction-based Attack Detectors for Industrial Control Systems via Backdoor Attacks. In: Workshop on Computational Linguistics for Political Text Analysis. 2023.

Primary Research Area

  • Secure Connected and Mobile Systems

Name of Conference

ACM Cyber-Physical System Security Workshop (CPSS)

Legacy Posted Date

2023-05-03

Open Access Type

  • Green

BibTeX

@inproceedings{cispa_all_3936, title = "Blind Concealment from Reconstruction-based Attack Detectors for Industrial Control Systems via Backdoor Attacks", author = "Walita, Tim and Erba, Alessandro and Castellanos, John H. and Tippenhauer, Nils Ole", booktitle="{Workshop on Computational Linguistics for Political Text Analysis}", year="2023", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC