artinali dynamic invariant detec4on for cyber physical
play

ARTINALI: Dynamic Invariant Detec4on for Cyber-Physical System - PowerPoint PPT Presentation

Nov 27, 2023 •285 likes •482 views

ARTINALI: Dynamic Invariant Detec4on for Cyber-Physical System Security Maryam Raiyat Aliabadi, Amita Kamath, Julien Gascon-Samson, Karthik Pa8abiraman Cyber-Physical Systems Distributed Controllers C2 C3 C1 Network a1 s2 s1 a2 Physical

  1. ARTINALI: Dynamic Invariant Detec4on for Cyber-Physical System Security Maryam Raiyat Aliabadi, Amita Kamath, Julien Gascon-Samson, Karthik Pa8abiraman

  2. Cyber-Physical Systems Distributed Controllers C2 C3 C1 Network a1 s2 s1 a2 Physical Process a3 s3 Actuators Sensors 2

  3. Mo4va4on 3

  4. CPS Security Requirements Real->me constraints Resource constraints Goal : Design an Automated, Real-4me and AHack-neutral security solu>on for CPSes 1.5 sec 1.5 sec 1.5 sec with respect to their resource constraints Zero-day aEacks No human-in-the-loop 4

  5. Threat Model D CVE-2016-1516 [2016] A Measurements Cyber Process D A C (Control Algorithm) Stuxnet[2010] Communica>on network DENIE DE IED D Physical Process Commands C [HealthCom2013] B [USENIX’2015] 5

  6. Previous work • Intrusion Detec>on System (IDS) – Signature-based IDSs [CSUR2014] – Anomaly-based IDSs [Computers&Security2009] – Specifica>on-based IDSs [SmarGridCom2010] • Sta>c analysis • Dynamic analysis 6

  7. Dynamic Analysis-based Techniques (Invariant-based) • Invariant – Energy usage >=0 Data Daikon [ICSE’01] Gk-tail [ICSE’08] Time Texada [ASE’15] Perfume property miner [ASE’14] Event 7

  8. Main Idea: Break down the search space T1 T2 T3 D: Data E:Event D, E, T T:Time E1 E2 E3 E4 E|T D|E Ej T1 Tk D2 D1 D3 D4 D5 D1 Di E1 Ej D2 10

  9. Methodology • ARTINALI : A R eal T ime-specific I nvariant i N ference AL gor I thm – 3 dimensions and 6 classes of invariants Data Data per event P(D|E) Data per 4me Event P(D|T) Time per event P(E|T) Time 9

  10. CPS plaYorms • Advanced metering infrastructure (AMI) – SEGMeter • hEp://smartenergygroups.com • Smart Ar>ficial Pancreas (SAP) – OpenAPS • hEps://openaps.org/ 10

  11. Intrusion Detec4on System AHack To test Tracing Intrusion detected! CPS module Detector IDS prototype Invariant converter Interface CPS model (invariant set) Data Texad Daikon Perfume ARTINALI Daikon a Time Texada Perfume Event 11

  12. Targeted aHacks CPS PlaYorm Targeted aHack AHack entry point AMI Meter spoofing [ACSAC2010] Decep>on on A (SEGMeter) Sync. Tampering [ACSAC2010] Decep>on on D Message dropping [CCNC2011] DoS on A SAP CGM spoofing [Healthcom2011] Decep>on on A Take away : (OpenAPS) Stop basal injec>on [BHC2011] Decep>on and DoS on C ARTINALI detected all targeted aEacks Resume basal injec>on [BHC2011] Decep>on and DoS on C successfully 12

  13. Arbitrary AHacks Data muta4ons Ar4ficial delay inser4on Branch flipping Smart facial recogniEon system (CVE-2016-1516) SynchronizaEon tampering in smart meter, [ACSAC2010] CGM spoofing in SAP, [BHC2011] 13

  14. Accuracy Metrics • False Nega>ve Rate (FNR) β>1 • False Posi>ve Rate (FPR) β=1 • F-Score(β) β<1 14

  15. F-Score(β)- Tuning/Training SEGMeter ARTINALI-based IDS for OpenAPS Maximum Maximum % % 120 F-Score(2) F-Score(2) FP (%) FN(%) 100 F-score(1) 80 F-score(2) OpenAPS F-score(0.5) 60 40 20 0 5 10 15 20 25 30 35 40 Number of training traces Number of training traces (a) Daikon (b) Texada (c) Perfume (d) ARTINALI 15

  16. False Nega4ves’ Rate • ARTINALI-based IDS reduces the ra>o of FN by 89 to 95% compared with the other tools across both plalorms. - SEGMeter FNR (%)- 95% confidence interval 100 Data muta>on 90 Branch flipping 80 Ar>ficial delays 70 60 Aggregated FN 50 40 30 20 10 0 Daikon Texada Perfume ARTINALI 16

  17. False Posi4ves’ Rate • ARTINALI-based IDS reduces the ra>o of FP by 20 to 48% compared with the other tools across both plalorms. - SEGMeter FPR (%)- 95% confidence interval 30 25 (15-12)/15=20% improvement 20 15 10 5 0 Daikon Texada Perfume ARTINALI 17

  18. Overheads SEGMeter Performance Detec4on Memory Overhead (%) 4me (sec) usage Daikon 27.3 16.63 1.24 MB Texada 23.7 14.45 3.21 MB Pefume 32.08 19.57 3.94 MB ARTINALI 31.6 19.25 2.96 MB T0 T0+60 T0+120 Time CPS 1 st execu4on CPS 2 nd execu4on CPS 3 rd execu4on IDS 1 st IDS 2 nd execu4on execu4on 18

  19. Summary and Future Work • ARTINALI: A Mul>-Dimensional model for CPS – Captures data-event-Eme interplay – Introduces Real-Eme data invariants – Increases the coverage of IDS – Decreases the rate of false posiEves – Imposes comparable overheads • Examine generalizability of ARTINALI – Unmanned Aerial Vehicle (UAV) • hEps://github.com/karthikp-ubc/Ar>nali 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

(Belief) Dynamic Doxastic Differential Dynamic Logic (d4L) for Belief-Aware Cyber Physical

(Belief) Dynamic Doxastic Differential Dynamic Logic (d4L) for Belief-Aware Cyber Physical

(Belief) Dynamic Doxastic Differential Dynamic Logic (d4L) for Belief-Aware Cyber Physical Systems Joo G. Martins 1,2 , Andr Platzer 2 , Joo Leite 1 1 2 1 Cyber-Physical Systems (CPS) Continuous movement Discrete control 2

971 views • 47 slides
Generating Model Transformations for Mending Dynamic Constraint Violations in Cyber Physical

Generating Model Transformations for Mending Dynamic Constraint Violations in Cyber Physical

Arizona s First University. Generating Model Transformations for Mending Dynamic Constraint Violations in Cyber Physical Systems Sean Whitsitt and Jonathan Sprinkle Introduction: Cyber Physical Systems Electrical and Computer Engineering

599 views • 23 slides
Cyber-Physical Systems 07/24/2019 Heechul Yun University of Kansas 1 Modern Cyber-Physical

Cyber-Physical Systems 07/24/2019 Heechul Yun University of Kansas 1 Modern Cyber-Physical

Micro-Architectural Attacks on Cyber-Physical Systems 07/24/2019 Heechul Yun University of Kansas 1 Modern Cyber-Physical Systems Cyber Physical Systems (CPS) Cyber (Computer) + Physical (Plant) Real-time Control physical

310 views • 29 slides
Verified Cyber-Physical Systems [FM11] 2 Verified Cyber-Physical Systems x l x j

Verified Cyber-Physical Systems [FM11] 2 Verified Cyber-Physical Systems x l x j

Differential Refinement Logic Sarah M. Loos and Andr Platzer Computer Science Department Carnegie Mellon University 1 Verified Cyber-Physical Systems [FM11] 2 Verified Cyber-Physical Systems x l x j p x k x i

1.97k views • 179 slides
Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models,

Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models,

Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models, Fundamental Limitations, and Monitor Design Fabio Pasqualetti Florian D orfler Francesco Bullo Center for Control, Dynamical systems and Computation

994 views • 11 slides
System Aware Cyber Security Application of Dynamic System Models and State Estimation Technology

System Aware Cyber Security Application of Dynamic System Models and State Estimation Technology

System Aware Cyber Security Application of Dynamic System Models and State Estimation Technology to the Cyber Security of Physical Systems Barry M. Horowitz, Kate Pierce University of Virginia April, 2012 This material is based upon work

518 views • 41 slides
Formal Verification of Cyber-Physical Systems Matthew Chan , Daniel Ricketts, Sorin Lerner,

Formal Verification of Cyber-Physical Systems Matthew Chan , Daniel Ricketts, Sorin Lerner,

Formal Verification of Cyber-Physical Systems Matthew Chan , Daniel Ricketts, Sorin Lerner, Gregory Malecha University of California, San Diego veridrone.ucsd.edu Cyber-Physical Systems Cyber-Physical Systems Cyber-Physical Systems

1.04k views • 90 slides
DySy: Dynamic Symbolic Execution for Invariant Inference C. Csallner N. Tillmann Y.

DySy: Dynamic Symbolic Execution for Invariant Inference C. Csallner N. Tillmann Y.

DySy: Dynamic Symbolic Execution for Invariant Inference C. Csallner N. Tillmann Y. Smaragdakis Marc Egg Invariant Inference Object top() { if(Empty) return null; return theArray[topOfStack]; } Invariant Inference Tool

465 views • 20 slides
An End-to-End Infrastructure for Cyber-Physical Intrusion Detection REINHARD GENTZ, MAHDI JAMEI,

An End-to-End Infrastructure for Cyber-Physical Intrusion Detection REINHARD GENTZ, MAHDI JAMEI,

An End-to-End Infrastructure for Cyber-Physical Intrusion Detection REINHARD GENTZ, MAHDI JAMEI, ANNA SCAGLIONE ARIZONA STATE UNIVERSITY, USA CREDC Workshop 2017 1 What is Cyber Physical Intrusion Detection CPS Cyber Physical System

123 views • 11 slides
Actions on Embedded Systems GIACOMO VALENTE Introduction A typical Cyber-Physical System (CPS):

Actions on Embedded Systems GIACOMO VALENTE Introduction A typical Cyber-Physical System (CPS):

A A Framework to support Monitoring Actions on Embedded Systems GIACOMO VALENTE Introduction A typical Cyber-Physical System (CPS): Hybrid Heterogeneous Distributed Large-scale Dynamic Adaptive Human-in-the-loop An

167 views • 5 slides
Practical approaches to managing and securing cyber-physical systems Sanjiv Doshi, Principal

Practical approaches to managing and securing cyber-physical systems Sanjiv Doshi, Principal

Practical approaches to managing and securing cyber-physical systems Sanjiv Doshi, Principal Engineer - Cisco Nov 2018 Ciscos take on Cyber-Physical Systems Cyber-Physical Systems are fundamentally integration of three components

321 views • 13 slides
S V V .lu software verification &amp; validation Testing of Cyber-Physical Systems:

S V V .lu software verification &amp; validation Testing of Cyber-Physical Systems:

S V V .lu software verification &amp; validation Testing of Cyber-Physical Systems: Diversity-driven Strategies Lionel Briand COW 57, London, UK Cyber-Physical Systems A system of collaborating computational elements controlling

808 views • 41 slides
Focusing for d L 15-824 Logical Foundations of Cyber-Physical Systems Fall 2018 Klaas Pruiksma

Focusing for d L 15-824 Logical Foundations of Cyber-Physical Systems Fall 2018 Klaas Pruiksma

Focusing for d L 15-824 Logical Foundations of Cyber-Physical Systems Fall 2018 Klaas Pruiksma December 10, 2018 1 / 10 Goal Develop a focused version of Differential Dynamic Logic(d L ) [3], with the intent that it serve as a basis for

260 views • 10 slides
Security of Cyber-Physical Systems From Theory to Testbeds &amp; Validation Joaquin Garcia-Alfaro

Security of Cyber-Physical Systems From Theory to Testbeds &amp; Validation Joaquin Garcia-Alfaro

Security of Cyber-Physical Systems From Theory to Testbeds &amp; Validation Joaquin Garcia-Alfaro CNRS SAMOVAR Lab &amp; Tlcom SudParis Universit Paris-Saclay CyberICPS, ESORICS 2016, September 27, 2016 Context Dynamic Risk Approaches

890 views • 59 slides
Co-simulation Design towards Cyber-Physical Robotic Applications Leveraging on FMI Standard and

Co-simulation Design towards Cyber-Physical Robotic Applications Leveraging on FMI Standard and

Co-simulation Design towards Cyber-Physical Robotic Applications Leveraging on FMI Standard and CSP Semantics Zhou Lu and Jan Broenink Robotics and Mechatronics, University of Twente 22 Aug, 2017 Introduction - Context Cyber-Physical

784 views • 31 slides
What about Virtualization? Basic Goals Basic goals: Stephen Hand et al (Xen,

What about Virtualization? Basic Goals Basic goals: Stephen Hand et al (Xen,

Cyber-Physical Systems (CPS) OS / Middleware for Cyber-Physical New innovations needed for software infrastructures Systems Communication, computation &amp; physical system aspects to be considered Example applications: Richard West

274 views • 3 slides
Dynamic Invariant Detection for Relational Databases Jake Cobb 1 , Gregory M. Kapfhammer 2 , James

Dynamic Invariant Detection for Relational Databases Jake Cobb 1 , Gregory M. Kapfhammer 2 , James

Dynamic Invariant Detection for Relational Databases Jake Cobb 1 , Gregory M. Kapfhammer 2 , James A. Jones 3 , Mary Jean Harrold 4 1 Georgia Institute of Technology 2 Allegheny College 3 University of California, Irvine WODA 2011 July 18,

538 views • 39 slides
Conference Program Poster Presentation Schedule 10 floor - TQB E. Library Session 1:

Conference Program Poster Presentation Schedule 10 floor - TQB E. Library Session 1:

Conference Program Poster Presentation Schedule 10 floor - TQB E. Library Session 1: Chemical Process and Engineering (CPE) Order Code ID Title Author Organization Effect of Impurities in Crude Glycerol on University of Malaya, 1

206 views • 9 slides
Bar Gossip Aleksander Jurkowski University of Warsaw aj262944@students.mimuw.edu.pl October 18,

Bar Gossip Aleksander Jurkowski University of Warsaw aj262944@students.mimuw.edu.pl October 18,

Bar Gossip Aleksander Jurkowski University of Warsaw aj262944@students.mimuw.edu.pl October 18, 2010 Aleksander Jurkowski (MIM UW) Bar Gossip October 18, 2010 1 / 25 Introduction Goal Provide p2p data streaming system usable for live

648 views • 62 slides
M T V C Matthew Sackman

M T V C Matthew Sackman

M T V C Matthew Sackman matthew@goshawkdb.io https://goshawkdb.io/ 1. Have you played with a NoSQL or NewSQL store? 1. Have you played with a NoSQL or NewSQL store? 2. Have

1.66k views • 155 slides
IPA: Error Propagation Analysis of Multithreaded Programs Using Likely Invariants Abraham Chan*,

IPA: Error Propagation Analysis of Multithreaded Programs Using Likely Invariants Abraham Chan*,

IPA: Error Propagation Analysis of Multithreaded Programs Using Likely Invariants Abraham Chan*, Stefan Winter , Habib Saissi , Karthik Pattabiraman*, Neeraj Suri * The University of British Columbia Technische Universitt

944 views • 22 slides
Verification of Industry Code : Challenges R Venkatesh r.venky@tcs.com 1 Overview Focus of

Verification of Industry Code : Challenges R Venkatesh r.venky@tcs.com 1 Overview Focus of

Verification of Industry Code : Challenges R Venkatesh r.venky@tcs.com 1 Overview Focus of talk Scalability problems in industry code Ideas we are exploring Formal verification @ TRDDC Apply academic ideas to address

174 views • 13 slides
Scaling Regression Testing to Large Software Systems Alessandro Orso Co-authors: Nanjuan Shi,

Scaling Regression Testing to Large Software Systems Alessandro Orso Co-authors: Nanjuan Shi,

Scaling Regression Testing to Large Software Systems Alessandro Orso Co-authors: Nanjuan Shi, Mary Jean Harrold College of Computing Georgia Institute of Technology Supported in part by National Science Foundation (awards CCR-0306372,

721 views • 32 slides
Neutral Networks of Real-World Programs and their Application to Automated Software Evolution

Neutral Networks of Real-World Programs and their Application to Automated Software Evolution

Neutral Networks of Real-World Programs and their Application to Automated Software Evolution Eric Schulte Department of Computer Science University of New Mexico Albuquerque, NM July 2014 Neutral Networks and Automated Software Evolution

1.51k views • 147 slides

More recommend