Moving Target Defense Approach to Detecting Stuxnet-Like Attacks

Recent cybersecurity incidents such as Stuxnet and Irongate alert us to the threats faced by critical cyber-physical systems. These attacks compromise the control signals to push the system to unsafe regions and meanwhile, inject fake sensor measurements to cover the ongoing attack. Detecting these...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on smart grid 2020-01, Vol.11 (1), p.291-300
Main Authors: Tian, Jue, Tan, Rui, Guan, Xiaohong, Xu, Zhanbo, Liu, Ting
Format: Article
Language:English
Subjects:
Analytical models
Communication networks
Computer worms
Configurations
Cyber-physical system security
Cyber-physical systems
Cybersecurity
Detectors
moving target defense
Power grids
stealthy attack
Stuxnet
System dynamics
Target detection
Taxonomy
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Recent cybersecurity incidents such as Stuxnet and Irongate alert us to the threats faced by critical cyber-physical systems. These attacks compromise the control signals to push the system to unsafe regions and meanwhile, inject fake sensor measurements to cover the ongoing attack. Detecting these Stuxnet-like (SL) attacks still remains an open research issue. This paper analyzes the taxonomy, construction, and implication of SL attacks in CPS control loops. We propose to apply the moving target defense (MTD) approach that actively changes the system configuration to detect SL attacks, since these attacks are generally constructed based on the knowledge about the system's configuration. We analyze the basic conditions for MTD to be successful. Finally, as a case study, we apply MTD for the secondary voltage control of power grids and present simulation results based on the IEEE 39-bus test system under realistic settings.
ISSN:1949-3053
1949-3061
DOI:10.1109/TSG.2019.2921245