CISPA
Browse
cispa_all_3040.pdf (989.7 kB)

Zero Residual Attacks on Industrial Control Systems and Stateful Countermeasures

Download (989.7 kB)
conference contribution
posted on 2023-11-29, 18:11 authored by Hamid Reza Ghaeini, Nils Ole TippenhauerNils Ole Tippenhauer, Jianying Zhou
In this paper, we discuss the practical implementation of stealthy attacks on industrial control systems. We start by reviewing the attacks proposed in prior works. Then, we offer Zero-Residual Attacks (ZeRA), which allow the attacker to launch stealthy attacks leveraging estimation of the stateful anomaly detector and matching of residuals as a fraction of actual estimation residual. To perform the zero residual attack, the attacker will require the use of two state estimators each for the physical system state and the detector system state, adding complexity that was so far not discussed. We implement ZeRA and demonstrate its efficacy. Then, we propose to use a Stateful Detector (SD) to precisely detect such stealthy attacks. We design and implement the SD detector. The obtained results from the performance evaluation demonstrate that we can detect stealthy attacks such as the ZeRA, with precision above 99%, sensitivity above 99%, and Matthews correlation coefficient above 0.98.

History

Preferred Citation

Hamid Ghaeini, Nils Tippenhauer and Jianying Zhou. Zero Residual Attacks on Industrial Control Systems and Stateful Countermeasures. In: International Conference on Availability, Reliability and Security (ARES). 2019.

Primary Research Area

  • Threat Detection and Defenses

Name of Conference

International Conference on Availability Reliability and Security (ARES)

Legacy Posted Date

2020-03-10

Open Access Type

  • Green

BibTeX

@inproceedings{cispa_all_3040, title = "Zero Residual Attacks on Industrial Control Systems and Stateful Countermeasures", author = "Ghaeini, Hamid Reza and Tippenhauer, Nils Ole and Zhou, Jianying", booktitle="{International Conference on Availability, Reliability and Security (ARES)}", year="2019", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC