Covert Attacks Research Articles

Identifying alternately poisoning attacks in federated learning online using trajectory anomaly detection method

Implicit poisoning in federated learning is a significant threat, with malicious nodes subtly altering gradient parameters each round, making detection difficult. This study investigates this problem, revealing that temporal analysis alone struggles to identify such covert attacks, which can bypass online methods like cosine similarity and clustering. Common detection methods rely on offline analysis, resulting in delayed responses. However, recalculating gradient updates reveals distinct characteristics of malicious clients. Based on this finding, we designed a privacy-preserving detection algorithm using trajectory anomaly detection. Singular values of matrices are used as features, and an improved Isolation Forest algorithm processes these to detect malicious behavior. Experiments on MNIST, FashionMNIST, and CIFAR-10 datasets show our method achieves 94.3% detection accuracy and a false positive rate below 1.2%, indicating its high accuracy and effectiveness in detecting implicit model poisoning attacks.

Stealthiness Analysis of the Identified Model-Based Covert Attacks With Unknown Model

Stealthiness Analysis of the Identified Model-Based Covert Attacks With Unknown Model

Securing AI Models Against Backdoor Attacks: A Novel Approach Using Image Steganography

<p>Artificial Intelligence (AI) has become ubiquitous, transforming numerous domains including traffic sign recognition, defect detection, and healthcare. However, this widespread adoption has brought about significant cybersecurity challenges, particularly in the form of backdoor attacks, which manipulate training datasets to compromise model integrity. While the integration of AI has proven beneficial, there is a lack of comprehensive strategies to protect AI models from these covert attacks, necessitating innovative approaches for securing AI systems. In this study, we demonstrate a novel methodology that integrates image steganography with deep learning techniques, aiming to obscure backdoor triggers and enhance the resilience of AI models against these attacks. We employ a diverse set of AI models and conduct extensive evaluations in a traffic sign recognition scenario, specifically targeting the STOP sign. The results reveal that shallow models are challenged in learning trigger information and are sensitive to trigger settings, while deeper models achieve an impressive 98.03% attack success rate. The image steganography technique used requires minimal data adjustments, making the triggers more challenging to detect than with traditional methods. Our findings underscore the stealth and severity of backdoor attacks, emphasizing the need for advanced security measures in AI and contributing to the broader understanding and development of robust protections against such attacks.</p> <p> </p>

Watermarking-Based Defense Mechanism in LFC of Electricity Grids Compromised by Covert Attacks

Watermarking-Based Defense Mechanism in LFC of Electricity Grids Compromised by Covert Attacks

Defending UAV Networks Against Covert Attacks Using Auxiliary Signal Injections

Defending UAV Networks Against Covert Attacks Using Auxiliary Signal Injections

Enhanced Security of Industrial Fault Diagnosis Systems With Synergy of Covert Attacks and Low-Overhead Defenses

Enhanced Security of Industrial Fault Diagnosis Systems With Synergy of Covert Attacks and Low-Overhead Defenses

An Active Detection Strategy Based on Dimensionality Reduction for False Data Injection Attacks in Cyber-Physical Systems

In recent years, different intelligent and undetectable cyber-attacks against networked control systems (e.g., replay and covert attacks) have been investigated. In this paper, we design a novel control architecture that prevents their existence. In particular, first, we propose to encode the sensor outputs into a randomly changing lower-dimensional space obtained by means of principal component analysis. Such a transformation ensures optimal information reconstruction on the controller's side, and it prevents the attacker from accessing the original sensor measurements, nullifying the possibility of perfect stealthy attacks. Then, on the controller's side, we design a passive Gaussian anomaly detector that leverages the output of an unknown input observer ad-hoc designed to estimate the system's states and unknown inputs simultaneously. It is formally shown that the proposed detection strategy is able to discover the presence of replay and covert attacks. Simulation results obtained considering a quadruple water tank system confirm the capability of the developed architecture.

Finite-time covert attacks on reference tracking systems with unknown-but-bounded noises

This paper investigates the finite-time stealthy covert attack (FTSCA) on the reference tracking systems (RTSs) with unknown-but-bounded (UBB) noises. It is assumed that the waypoints generated by the reference planner are transmitted to the plant via a wireless communication network which is vulnerable to cyber attacks. Under the proposed assumptions, a novel finite-time covert attack (FTCA) is designed such that the states can be steered into a desired target set during a finite-time interval while being undetectable. Note that UBB noises and all sets are characterized by zonotopes. Moreover, the design of FTSCA is transformed into solving the corresponding optimization problems. Finally, a quadrotor unmanned aerial tracking system is employed to illustrate the feasibility of the proposed main results.

The sensor‐actuators stealthy cyber‐attacks framework on networked control systems: A data‐driven approach

AbstractIn this study, we address two fundamental questions that are crucial for designing stealthy cyber‐attacks similar to false data injection. The first question involves obtaining an accurate dynamic model of the target to ensure stealthy performance under a detector. The second question pertains to understanding the opponent's ongoing detection tactics, such as dynamic watermarking, and developing a counter‐strategy. To answer the first question, we propose a data‐driven framework that calculates the accurate dynamic model used in stealthy false data injection cyber‐attacks, including zero dynamics attacks, covert attacks, and replay attacks. To address the second question, we present a scheme against the dynamic watermarking defense strategy, which typically detects replay attacks. We validate the methods introduced in this study through an experimental setup of a cyber‐physical system, which includes an omnidirectional mobile robot, a wireless network router, and a remote control center.

Proactive attack detection scheme based on watermarking and moving target defense

In this paper, the attack detection problem is investigated for cyber–physical systems (CPSs) with unknown-but-bounded (UBB) noises. A new hybrid proactive detection scheme is proposed to detect stealthy attacks by combining watermarking and moving target (MT). The designed abnormal detector is based on the residual of the zonotopic observer which can be utilized to estimate states of the system with UBB noises. We prove that the approach proposed in this work does not introduce any performance loss in the absence of attacks. The proposed active detection framework can be employed to detect various types of attacks, such as denial-of-service (DoS), replay and covert attacks. Finally, numerical examples are provided to demonstrate the effectiveness of the proposed methods.

False data injection attack detection for nuclear reactor based on chaotic time/frequency-hopping spread spectrum

False data injection (FDI) attacks represent a serious threat to securing nuclear reactor operation. Efficient FDI attack detection is essential to prevent related unforeseen nuclear accidents. However, owing to their design principles, the existing detection methods are limited in their ability to detect multiple types of FDI attacks. To address this issue, we propose a detection scheme for FDI attacks on a nuclear reactor based on the chaotic time/frequency-hopping (TH/FH) spread spectrum. The proposed scheme uses frequency hopping modulation, demodulation, and filtering of the signal based on hyper-chaotic sequences to limit the attacker's access to the system's real data and eliminate the adverse effects of attacks on the system. Furthermore, theoretical analysis derives the stability constraint of the frequency hopping frequency and demonstrates the detectability and defendability of the proposed scheme. Experimental simulations demonstrated that our proposed scheme can detect two typical FDI attacks, replay attacks and covert attacks, without compromising system operation, and defend against and reproduce covert attack signals.

ENIGMA: An explainable digital twin security solution for cyber–physical systems

Digital Twins (DTs), being the virtual replicas of their physical counterparts, share valuable knowledge of the underlying physical processes and act as data acquisition and dissemination sources to Cyber–Physical System (CPS). Moreover, without obstructing the ongoing operations, DTs also provide an assessment platform for evaluating the operational behavior and security of the CPS. Therefore, they become a potential source of data breaches and a broad attack surface for attackers to launch covert attacks. To detect and mitigate security loopholes in DTs, one of the potential solutions is to leverage a gamification approach that can assess the security level of DTs while providing security analysts with a controlled and supportive virtual training environment. Artificial Intelligence/Machine Learning (AI/ML)-based approaches can complement the idea of security orchestration and automation in the gamification approach. However, AI/ML-based DTs security solutions are generally constrained by the lack of transparency of AI operations, which results in less confidence in the decisions made by the AI models. To address the explainable security challenges of DTs, this article proposes a gamification approach called sEcuriNg dIgital twins through GaMification Approach (ENIGMA). While leveraging DTs as an offensive security platform, ENIGMA provides gaming scenarios to assess DTs’ security and train security analysts. The game players within ENIGMA are humans (the attacker team) and AI agents (the defender team). Furthermore, ENIGMA is supported by an eXplainable AI (XAI)-based DT security assessment model that explains the decisions made based on the SHAP values by the AI model on attack vectors for the defender team, i.e., the AI agent. The SHAP values illustrate the contribution of different features towards predicting the outcome of attack vectors. This explanation can help security analysts to take security measures based on reasoned and trustworthy decisions. Finally, experimental validation has been carried out to demonstrate the viability of ENIGMA.

Covert Attack Detection for LFC Systems of Electric Vehicles: A Dual Time-Varying Coding Method

In recent years, electric vehicles (EVs) have been widely used due to their remarkable decrease in carbon emissions and gasoline consumption. When the EVs are incorporated into the load frequency control (LFC) system, which can be seen as both the power supply and load of the power systems. However, the LFC system with EVs is vulnerable to the covert attacks and consequently the reliable operation performance and security of the power system will be affected. To solve this security issue, the real-time monitoring and detection problems are investigated in this article. First, a networked LFC system with EVs is well established, which takes load disturbances, measurement noises, and covert attacks into account so as to truly reflect the operation process of the power system. Then, an <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">${\mathcal {H}}_{\infty }$</tex-math></inline-formula> sliding mode observer (SMO) is proposed to accurately estimate the internally physical state of the LFC system with EVs. In order to detect and disclose the covert attacker, a dual time-varying coding detection scheme is proposed, wherein both the control and measurement signals are encrypted before transmitting to the communication network. Subsequently, a dual time-varying coding-based detection algorithm is established, which ensures that the covert attacks can be detected without significant delay. Finally, one simulation is presented to provide tangible evidence of the effectiveness of the proposed real-time monitoring and detection methodology.

Cyber–physical systems subject to false data injections: A model predictive control framework for resilience operations

In this paper, the resilient control problem for constrained cyber–physical systems subject to false data injections is addressed. The core of the proposed approach consists in defining an ad-hoc versatile framework whose main feature consists in the ability of being geared to different classes of attacks. This is formally achieved by resorting to the receding horizon philosophy that is fully exploited for detection, countermeasures and control purposes. In particular, set-theoretic model predictive arguments are combined with the perturbation analysis and sequential quadratic programming to reduce as much as possible the occurrence of refresh procedures on the communication network when resilient command actions are no longer available. Further, one of its main merits consists in the dismissal of constructive assumptions existing in recent competitors. In this respect, the framework is customized for covert attacks by specifying actuation/detection phases and proving feasibility and closed-loop stability properties.

Resilient Path Planning of UAV Formation Flight Against Covert Attacks on Ultra-Wideband Sensors

Resilient Path Planning of UAV Formation Flight Against Covert Attacks on Ultra-Wideband Sensors

Covert Attack Detection and Secure Control for Cyber Physical Systems

This paper addresses the problem of monitoring and secure control for cyber physical systems subject to cyber covert attacks. In this scenario, the attacker can manipulate sensor measurements and control actions while bypassing the classical monitoring schemes. Attack detection is investigated by inserting judicious external signals into the transmission network. An output feedback secure controller based on adaptive observer is then designed to ensure an output tracking performance level. The adaptive observer is used to suppress (not estimate) the attack signals, hence the control effect does not depend on the estimation precision. Moreover, there is no assumption on the boundedness of the attack signals. Finally, numerical simulations are provided to show the effectiveness of the proposed scheme.

An Online Approach to Covert Attack Detection and Identification in Power Systems

The development of information technology and digital control systems has posed an inevitable trend of interconnectivity and wirelessness of data communications in power systems. As a result, the cybersecurity of power systems has been raising concerns over the past decades. Yet the complexity of power systems and their conventional designs with local and wide area network communications has posed increasing vulnerability to cyberattacks. Among the types of cyberattacks, data integrity attacks can be more harmful to power systems, especially power transmission systems, through malicious manipulation of measurement and control data to cause damage to the physical system. As the sophistication of cyberattacks increases, certain cyberattacks can successfully bypass traditional intrusion detection systems, which calls for better design of detection schemes. On the other hand, in a large-scale network, attack identification for a power system is as important as attack detection. In this paper, we develop an online approach based on the Sparse Group Lasso to detect and identify the location of a typical type of data integrity attack named <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">covert attacks</i> on power transmission systems. We provide the theoretical foundation of the proposed method with a simplified linear system model and extend the method to nonlinear systems. We validate the performance of our method on both linear and nonlinear system settings with a comprehensive numerical study.

Mitigating Timing-Based NoC Side-Channel Attacks With LLC Remapping

Recent CPU microarchitectural attacks utilize contention over the NoC to mount covert and side-channel attacks on multicore CPUs and leak information from victim applications. We propose NoIR, a dynamic LLC slice selection mechanism using slice remapping to obfuscate interconnect contention patterns. NoIR reduces contention variance by 92.18% and mean IPC degradation due to cache invalidation is limited to 7.38% for SPEC CPU 2017 benchmarks for a 1000-access threshold. While previous defenses focused on redesigning the NoC and routing algorithms, we show that a top-down system-level approach can significantly raise the bar for a NoC security vulnerability with minimal modifications to the NoC hardware.

Output based resilient model predictive control of Cyber–Physical Systems under cover attacks

In this article, a state estimate based robust model predictive control strategy is developed for networked cyberphysical systems under false data injections. The core of the proposed approach consists in elaborating an observed based general framework whose main feature relies on its adaptability to different classes of attacks. The main feature of the proposed scheme relies on the capability to mitigate undesired system behaviors due to external malicious actions. This is achieved by showing that an augmented state-estimate/estimation error set-membership conditions allow us to quickly detect data integrity anomalies and, as a consequence, to implement adequate counter-measures. In particular, set-theoretic model predictive arguments are combined with the perturbation analysis and sequential quadratic programming in order to reduce as much as possible the occurrence of refresh procedures on the communication network when resilient command actions are no longer available. As one of its main merits, these arguments allow to remove the constructive assumptions present in very recent competitors. In this respect, the framework is customized for covert attacks by specifying actuation and detection phases and proving feasibility and closed-loop stability properties. The core of the resulting solution exploits output feedback receding horizon and set-theoretic control ideas so that the resilient nature of the virtual control moves is formally put in light.

Recursive Watermarking-Based Transient Covert Attack Detection for the Industrial CPS

The subject of attack detection for industrial cyber-physical systems (IPCSs) is covered in this paper, facing threats from transient covert attacks (TCAs), also referred to as a special version of replay attacks with a specific frequency and short duration. With the active instant and period of the attacks, as well as the dynamics of a virtual system to replicate IPCSs’ function and produce attack signals, a comprehensive model of the TCAs is built. Though watermarking-based detection algorithms have been shown effective in detecting TCAs, the induced system performance loss is too significant, as such our primary goal is to minimize system performance degradation while maintaining the detection rate. Because the active periods of TCAs are substantially shorter than their sleep ones or even they are practically always silent, it makes sense that reducing superfluous watermarking will facilitate system performance. So, using an “event-triggered” strategy, a unique recursive watermarking-based detection algorithm is proposed. Here, the trigger modes of watermarking are divided into three types, namely forced, high probability, and low probability. The design principles are proved via algorithms and criteria, and theoretical analysis of the detection rate and the system performance loss are also supplied. The advantages of the suggested algorithms are finally demonstrated by numerical simulations of a quadruple-water-tank system and experiments with a permanent magnet synchronous motor on the dSpace platform.