CISPA
Browse

File(s) not publicly available

White-box Concealment Attacks Against Anomaly Detectors for Cyber-Physical Systems

conference contribution
posted on 2023-11-29, 18:24 authored by Alessandro ErbaAlessandro Erba, Nils Ole TippenhauerNils Ole Tippenhauer
Anomaly detection for cyber-physical systems is an effective method to detect ongoing process anomalies caused by an attacker. Recently, a number of anomaly detection techniques were proposed (e.g., ML based, invariant rule based, control theoretical). Little is known about the resilience of those anomaly detectors against attackers that conceal their attacks to evade detection. In particular, their resilience against white-box concealment attacks has so far only been investigated for the subset of neural network-based detectors. In this work, we demonstrate for the first time that white-box concealment attacks can also be applied to detectors that are not based on neural network solutions. In order to achieve this, we propose a generic white-box attack that evades anomaly detectors and can be adapted even if the target detection technique does not optimize a loss function. We design and implement a framework to perform our attacks, and test it on several detectors from related work. Our results show that it is possible to completely evade a wide range of detectors (based on diverse detection techniques) while reducing the number of samples that need to be manipulated (compared to prior black-box concealment attacks).

History

Preferred Citation

Alessandro Erba and Nils Tippenhauer. White-box Concealment Attacks Against Anomaly Detectors for Cyber-Physical Systems. In: GI International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA). 2023.

Primary Research Area

  • Secure Connected and Mobile Systems

Name of Conference

GI International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)

Legacy Posted Date

2023-07-17

Open Access Type

  • Unknown

BibTeX

@inproceedings{cispa_all_3985, title = "White-box Concealment Attacks Against Anomaly Detectors for Cyber-Physical Systems", author = "Erba, Alessandro and Tippenhauer, Nils Ole", booktitle="{GI International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)}", year="2023", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC