假数据注入攻击下信息物理融合系统的稳定性研究

彭大天; 董建敏; 蔡忠闽; 张长青; 彭勤科

doi:10.16383/j.aas.2018.c180331

假数据注入攻击下信息物理融合系统的稳定性研究

doi: 10.16383/j.aas.2018.c180331

彭大天^1,2,,
董建敏^1,2,,
蔡忠闽^1,2,,
张长青^3,,
彭勤科^1,2, ,

1.
西安交通大学智能网络与网络安全教育部重点实验室西安 710049
2.
西安交通大学电子与信息工程学院系统工程研究所西安 710049
3.
西安交通大学电子与信息工程学院计算机科学与技术系西安 710049

基金项目:

国家自然科学基金 61772415

国家自然科学基金 60774086

国家留学基金 201706280220

国家留学基金 20170628 0191

详细信息

作者简介:
彭大天   西安交通大学系统工程研究所博士研究生.主要研究方向为机器学习和信息物理融合系统安全.E-mail:pengdatian@stu.xjtu.edu.cn

董建敏  西安交通大学智能网络与网络安全教育部重点实验室博士研究生.主要研究方向为人机交互, 机器学习和网络安全.E-mail:jianmind23@stu.xjtu.edu.cn

蔡忠闽   西安交通大学智能网络与网络安全教育部重点实验室教授.1998年和2004年获得西安交通大学自动控制专业学士学位和系统工程专业博士学位.主要研究方向为网络安全, 人机交互行为分析和机器学习.E-mail:zmcai@sei.xjtu.edu.cn

张长青   西安交通大学博士, 高级工程师.主要研究方向为复杂工业过程的先进智能及模型控制技术.E-mail:zhchqhing@sina.com

通讯作者:
彭勤科西安交通大学系统工程研究所教授.1983年, 1986年和1990年获得西安交通大学理学学士、系统工程专业硕士和博士学位.主要研究方向为大数据挖掘和信息物理融合系统安全与优化.本文通信作者.E-mail:qkpeng@xjtu.edu.cn

计量
- 文章访问数: 2407
- HTML全文浏览量: 495
- PDF下载量: 966
- 被引次数: 0
出版历程
- 收稿日期: 2018-05-25
- 录用日期: 2018-08-14
- 刊出日期: 2019-01-20

On the Stability of Cyber-physical Systems Under False Data Injection Attacks

PENG Da-Tian^{1,2
,},
DONG Jian-Min^{1,2
,},
CAI Zhong-Min^{1,2
,},
ZHANG Chang-Qing^3
,,
PENG Qin-Ke^{1,2
, ,}

1.
Ministry of Education Key Laboratory for Intelligent Networks and Network Security, Xi'an Jiaotong University, Xi'an 710049
2.
System Engineering Institute, School of Electronic and Information Engineering, Xi'an Jiaotong University, Xi'an 710049
3.
Department of Computer Science and Technology, School of Electronic and Information Engineering, Xi'an Jiaotong University, Xi'an 710049

Funds:

National Natural Science Foundation of China 61772415

National Natural Science Foundation of China 60774086

China Scholarship Council 201706280220

China Scholarship Council 20170628 0191

More Information

Author Bio:
Ph. D. candidate at the System Engineering Institute, Xi'an Jiaotong University. His research interest covers machine learning and cyber-physical systems security

Ph. D. candidate at the Ministry of Education Key Laboratory for Intelligent Networks and Network Security, Xi'an Jiaotong University. Her research interest covers human-machine interaction, machine learning, and network security

Professor at the Ministry of Education Key Laboratory for Intelligent Networks and Network Security, Xi'an Jiaotong University. He received his bachelor degree in automatic control and Ph. D. degree in systems engineering from Xi'an Jiaotong University in 1998 and 2004, respectively. His research interest covers cyber security, human-machine interface behavior analysis, and machine learning

Ph. D., senior engineer at Xi'an Jiaotong University. His research interest covers advanced intelligent algorithm and model-based control technology in the complex industrial process

Corresponding author: PENG Qin-Ke Professor at the System Engineering Institute, Xi'an Jiaotong University. He received his bachelor degree in applied mathematics, master and Ph. D. degrees in system engineering from Xi'an Jiaotong University in 1983, 1986 and 1990, respectively. His research interest covers big data mining and security and optimization of cyber-physical systems. Corresponding author of this paper

摘要

摘要: 假数据注入（False data injection，FDI）攻击由于其隐蔽性特点，严重威胁着信息物理融合系统（Cyber-physical systems，CPS）的安全.从攻击者角度，本文主要研究了FDI攻击对CPS稳定性的影响.首先，给出了FDI攻击模型，从前向通道和反馈通道分别注入控制假数据和测量假数据.接着，提出了FDI攻击效力模型来量化FDI攻击对CPS状态估计值和测量残差的影响.在此基础上，设计了一个攻击向量协同策略，并从理论上分析出操纵CPS稳定性的攻击条件：攻击矩阵H和系统矩阵A的稳定性及时间参数k_a的选取时机.数值仿真结果表明FDI攻击协同策略能够有效操纵两类（含有稳定和不稳定受控对象）系统的稳定性.该研究进一步揭示了FDI攻击的协同性，对保护CPS安全和防御网络攻击提供了重要参考.
- 信息物理融合系统 /
- 网络空间安全 /
- 假数据注入攻击 /
- 卡尔曼滤波
Abstract: Due to the stealthiness behavior, false data injection (FDI) attacks severely threaten the security of cyber-physical systems (CPS). From the attackers' perspective, this paper mainly studies how FDI attacks impact the stability of CPS. First, we give the FDI attack model where the false control and measurement data are injected into the forward and feedback channels, respectively. Then, we propose an FDI effectiveness model to quantify the attack impact on the state estimation and measurement residue of CPS. On this basis, we design a coordination strategy associated with attack vector and further derive the theoretical attack conditions to manipulate the stability of CPS, which are related to the stability of attack matrix H and system matrix A and the selected moment of time parameter k_a. Finally, numerical simulations indicate that FDI attacks can effectively manipulate the stability of CPS including two classes of controlled plants:stable and unstable. This study further reveals the coordination behavior of FDI attacks, which provides important reference for securing the CPS and defending cyber attacks.
- Cyber-physical systems (CPS) /
- cyberspace security /
- false data injection (FDI) attacks /
- Kalman filter
注释:

1) 本文责任编委陈积明

HTML全文

图 1 FDI攻击协同策略架构

Fig. 1 Framework of coordination strategy under FDI attacks

下载: 全尺寸图片幻灯片

图 2 FDI攻击对稳定LTI系统的协同策略

Fig. 2 Coordination strategy under FDI attacks against stable LTI system

下载: 全尺寸图片幻灯片

图 3 FDI攻击对稳定LTI系统的攻击效力

Fig. 3 FDI attack effectiveness on stable LTI system

下载: 全尺寸图片幻灯片

图 4 FDI攻击下稳定LTI系统输出

Fig. 4 Outputs of stable LTI system under FDI attacks

下载: 全尺寸图片幻灯片

图 5 FDI攻击对不稳定LTI系统的协同策略

Fig. 5 Coordination strategy under FDI attacks against unstable LTI system

下载: 全尺寸图片幻灯片

图 6 FDI攻击对不稳定LTI系统的攻击效力

Fig. 6 FDI attack effectiveness on unstable LTI system

下载: 全尺寸图片幻灯片

图 7 FDI攻击下不稳定LTI系统输出

Fig. 7 Outputs of unstable LTI system under FDI attacks

下载: 全尺寸图片幻灯片

参考文献(29)

[1]	Lee J, Bagheri B, Kao H A. A cyber-physical systems architecture for industry 4.0-based manufacturing systems. Manufacturing Letters, 2015, 3:18-23 doi: 10.1016/j.mfglet.2014.12.001
[2]	Mosterman P J, Zander J. Industry 4.0 as a cyber-physical system study. Software and Systems Modeling, 2016, 15(1):17-29 doi: 10.1007/s10270-015-0493-x
[3]	邓建玲, 王飞跃, 陈耀斌, 赵向阳.从工业4.0到能源5.0:智能能源系统的概念、内涵及体系框架.自动化学报, 2015, 41(12):2003-2016 http://www.aas.net.cn/CN/abstract/abstract18774.shtml Deng Jian-Ling, Wang Fei-Yue, Chen Yao-Bin, Zhao Xiang-Yang. From Industries 4.0 to Energy 5.0:concept and framework of intelligent energy systems. Acta Automatica Sinica, 2015, 41(12):2003-2016 http://www.aas.net.cn/CN/abstract/abstract18774.shtml
[4]	王飞跃, 张俊.智联网:概念、问题和平台.自动化学报, 2017, 43(12):2061-2070 http://www.aas.net.cn/CN/abstract/abstract19181.shtml Wang Fei-Yue, Zhang Jun. Internet of minds:the concept, issues and platforms. Acta Automatica Sinica, 2017, 43(12):2061-2070 http://www.aas.net.cn/CN/abstract/abstract19181.shtml
[5]	白天翔, 王帅, 沈震, 曹东璞, 郑南宁, 王飞跃.平行机器人与平行无人系统:框架、结构、过程、平台及其应用.自动化学报, 2017, 43(2):161-175 http://d.old.wanfangdata.com.cn/Periodical/zdhxb201702001 Bai Tian-Xiang, Wang Shuai, Shen Zhen, Cao Dong-Pu, Zheng Nan-Ning, Wang Fei-Yue. Parallel robotics and parallel unmanned systems:framework, structure, process, platform and applications. Acta Automatica Sinica, 2017, 43(2):161-175 http://d.old.wanfangdata.com.cn/Periodical/zdhxb201702001
[6]	王飞跃, 孙奇, 江国进, 谭珂, 张俊, 侯家琛, 等.核能5.0:智能时代的核电工业新形态与体系架构.自动化学报, 2018, 44(5):922934 http://www.aas.net.cn/CN/abstract/abstract19283.shtml Wang Fei-Yue, Sun Qi, Jiang Guo-Jin, Tan Ke, Zhang Jun, Hou Jia-Chen, et al. Nuclear energy 5.0:new formation and system architecture of nuclear power industry in the new IT era. Acta Automatica Sinica, 2018, 44(5):922-934 http://www.aas.net.cn/CN/abstract/abstract19283.shtml
[7]	Alguliyev R, Imamverdiyev Y, Sukhostat L. Cyber-physical systems and their security issues. Computers in Industry, 2018, 100:212-223 doi: 10.1016/j.compind.2018.04.017
[8]	Sandberg H, Amin S, Johansson K H. Cyberphysical security in networked control systems:an introduction to the issue. IEEE Control Systems, 2015, 35(1):20-23 http://openurl.ebscohost.com/linksvc/linking.aspx?stitle=IEEE%20Control%20Systems&volume=35&issue=1&spage=20
[9]	Zargar S T, Joshi J, Tipper D. A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Communications Surveys and Tutorials, 2013, 15(4):2046-2069 doi: 10.1109/SURV.2013.031413.00127
[10]	Mölsä J. Mitigating denial of service attacks:a tutorial. Journal of Computer Security, 2005, 13(6):807-837 doi: 10.3233/JCS-2005-13601
[11]	Weerakkody S, Mo Y L, Sinopoli B. Detecting integrity attacks on control systems using robust physical watermarking. In: Proceedings of the 53rd IEEE Annual Conference on Decision and Control. Los Angeles, USA: IEEE, 2014. 3757-3764
[12]	Miao F, Pajic M, Pappas G J. Stochastic game approach for replay attack detection. In: Proceedings of the 52nd IEEE Annual Conference on Decision and Control. Florence, Italy: IEEE, 2013. 1854-1859
[13]	Ehrenfeld J M. WannaCry, cybersecurity and health information technology:a time to act. Journal of Medical Systems, 2017, 41(7):104 doi: 10.1007/s10916-017-0752-1
[14]	Mohurle S, Patil M. A brief study of wannaCry threat:ransomware attack 2017. International Journal of Advanced Research in Computer Science, 2017, 8(5):1938-1940
[15]	Langner R. Stuxnet:dissecting a cyberwarfare weapon. IEEE Security and Privacy, 2011, 9(3):49-51 http://d.old.wanfangdata.com.cn/Periodical/sysyjyts201408030
[16]	McLaughlin S, Konstantinou C, Wang X Y, Davi L, Sadeghi A R, Maniatakos M, et al. The cybersecurity landscape in industrial control systems. Proceedings of the IEEE, 2016, 104(5):1039-1057 doi: 10.1109/JPROC.2015.2512235
[17]	Khorrami F, Krishnamurthy P, Karri R. Cybersecurity for control systems:a process-aware perspective. IEEE Design and Test, 2016, 33(5):75-83 doi: 10.1109/MDAT.2016.2594178
[18]	Liu Y, Ning P, Reiter M K. False data injection attacks against state estimation in electric power grids. ACM Transactions on Information and System Security, 2011, 14(1): Article No. 13
[19]	Kwon C, Liu W Y, Hwang I. Security analysis for cyber-physical systems against stealthy deception attacks. In: Proceedings of the 2013 American Control Conference. Washington DC, USA: IEEE, 2013, 3344-3349
[20]	Smith R S. Covert misappropriation of networked control systems:presenting a feedback structure. IEEE Control Systems, 2015, 35(1):82-92
[21]	Mo Y L, Sinopoli B. On the performance degradation of cyber-physical systems under stealthy integrity attacks. IEEE Transactions on Automatic Control, 2016, 61(9):2618-2624 doi: 10.1109/TAC.2015.2498708
[22]	Pang Z H, Liu G P, Zhou D H, Hou F Y, Sun D H. Two-channel false data injection attacks against output tracking control of networked systems. IEEE Transactions on Industrial Electronics, 2016, 63(5):3242-3251 doi: 10.1109/TIE.2016.2535119
[23]	Miao F, Zhu Q Y, Pajic M, Pappas G J. Coding schemes for securing cyber-physical systems against stealthy data injection attacks. IEEE Transactions on Control of Network Systems, 2017, 4(1):106-117 doi: 10.1109/TCNS.2016.2573039
[24]	Zhang R, Venkitasubramaniam P. Stealthy control signal attacks in linear quadratic gaussian control systems:detectability reward tradeoff. IEEE Transactions on Information Forensics and Security, 2017, 12(7):1555-1570 doi: 10.1109/TIFS.2017.2668220
[25]	Liu X, Li Z Y, Shuai Z K, Wen Y F. Cyber attacks against the economic operation of power systems:a fast solution. IEEE Transactions on Smart Grid, 2017, 8(2):1023-1025 http://ieeexplore.ieee.org/document/7731227/
[26]	Liu C S, Zhou M, Wu J, Long C N, Kundur D. Financially motivated FDI on SCED in real-time electricity markets: attacks and mitigation. IEEE Transactions on Smart Grid, DOI: 10.1109/TSG.2017.2784366,2017.
[27]	Peng D T, Dong J M, Jian J N, Peng Q K, Zeng B, Mao Z H. Economic-Driven FDI Attack in Electricity Market. In: International Conference on Science of Cyber Security. Beijing, China: Springer, 2018. 216-224
[28]	Liang G Q, Zhao J H, Luo F J, Weller S R, Dong Z Y. A review of false data injection attacks against modern power systems. IEEE Transactions on Smart Grid, 2017, 8(4):1630-1638 doi: 10.1109/TSG.2015.2495133
[29]	Liang G Q, Weller S R, Zhao J H, Luo F J, Dong Z Y. The 2015 Ukraine blackout:implications for false data injection attacks. IEEE Transactions on Power Systems, 2017, 32(4):3317-3318 doi: 10.1109/TPWRS.2016.2631891