Abstract
Cyber-Physical Systems (CPSes) have been investigated as a key area of research since they are the core of Internet of Things. CPSs integrate computing and communication with control and monitoring of entities in the physical world. Due to the tight coupling of cyber and physical domains, and to the possible catastrophic consequences of the malicious attacks on critical infrastructures, security is one of the key concerns. However, the exponential growth of IoT has led to deployment of CPSes without support for enforcing important security properties. Specification-based Intrusion Detection Systems (IDS) have been shown to be effective for securing these systems. Mining the specifications of CPSes by experts is a cumbersome and error-prone task. Therefore, it is essential to dynamically monitor the CPS to learn its common behaviors and formulate specifications for detecting malicious bugs and security attacks. Existing solutions for specification mining only combine data and events, but not time. However, time is a semantic property in CPS systems, and hence incorporating time in addition to data and events, is essential for obtaining high accuracy.This paper proposes ARTINALI++, which dynamically mines specifications in CPS systems with arbitrary size and complexity. ARTINALI++ captures the security properties by incorporating time as a substantial property of the system, and generate a multi-dimensional model for the general CPS systems. Moreover, it enhances the model through discovering invariants that represent the physical motions and distinct operational modes in complex CPS systems. We build Intrusion Detection Systems based on ARTINALI++ for three CPSes with various levels of complexity including smart meter, smart artificial pancreas and unmanned aerial vehicle, and measure their detection accuracy. We find that the ARTINALI++ significantly reduces the ratio of false positives and false negatives by 23.45% and 73.6% on average, respectively, over other dynamic specification mining tools on the three CPS platforms.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.