动态水印攻击检测方法的鲁棒性研究

杜大军; 张竞帆; 张长达; 费敏锐; YANG Tai-Cheng

doi:10.16383/j.aas.c200614

动态水印攻击检测方法的鲁棒性研究

doi: 10.16383/j.aas.c200614 cstr: 32138.14.j.aas.c200614

杜大军^{1, 2,},
张竞帆^{1, 2,},
张长达^{1, 2,},
费敏锐^{1, 2,},
YANG Tai-Cheng^3,

1.
上海大学机电工程与自动化学院上海 200072 中国
2.
上海市电站自动化技术重点实验室上海 200072 中国
3.
萨赛克斯大学工程系布莱顿 BN1 9QT 英国

基金项目: 国家自然科学基金(61773253, 61803252, 61633016, 61833011), 111引智基地项目(D18003), 上海市科委项目(20JC1414000, 19500712300, 19510750300)资助

详细信息

作者简介:
杜大军：上海大学机电工程与自动化学院教授. 主要研究方向为机器视觉和网络化系统安全控制. 本文通信作者. E-mail: ddj@shu.edu.cn

张竞帆：上海大学机电工程与自动化学院硕士研究生. 主要研究方向为网络化系统安全控制.E-mail: shuzoooe@shu.edu.cn

张长达：上海大学机电工程与自动化学院博士研究生. 主要研究方向为网络化系统安全控制. E-mail: zhangweiran@shu.edu.cn

费敏锐：上海大学机电工程与自动化学院教授. 主要研究方向为网络化控制系统及实现. E-mail: mrfei@staff.shu.edu.cn

YANG Tai-Cheng：英国萨赛克斯大学工程系Reader. 主要研究方向为物联网和网络化控制系统恶意攻击的检测及防范. E-mail: t.c.yang@sussex.ac.uk

计量
- 文章访问数: 1433
- HTML全文浏览量: 398
- PDF下载量: 232
- 被引次数: 0
出版历程
- 收稿日期: 2020-08-03
- 录用日期: 2020-10-01
- 网络出版日期: 2020-12-10
- 刊出日期: 2023-12-27

Robustness of Dynamic-Watermarking Attack-detection Method

DU Da-Jun^{1, 2
,},
ZHANG Jing-Fan^{1, 2
,},
ZHANG Chang-Da^{1, 2
,},
FEI Min-Rui^{1, 2
,},
YANG Tai-Cheng^3
,

1.
School of Mechatronics Engineering and Automation, Shanghai University, Shanghai 200072, China
2.
Shanghai Key Laboratory of Power Station Automation Technology, Shanghai 200072, China
3.
Department of Engineering, University of Sussex, Brighton BN1 9QT, UK

Funds: Supported by National Natural Science Foundation of China (61773253, 61803252, 61633016, 61833011), 111 Project (D18003), and Project of Science and Technology Commission of Shanghai Municipality (20JC1414000, 19500712300, 19510750300)

More Information

Author Bio:
DU Da-Jun　Professor at the School of Mechatronics Engineering and Automation, Shanghai University. His research interest covers machine vision and security control for networked systems. Corresponding author of this paper

ZHANG Jing-Fan　Master student at the School of Mechatronics Engineering and Automation, Shanghai University. His main research interest is security control for networked systems

ZHANG Chang-Da　Ph.D. candidate at the School of Mechatronics Engineering and Automation, Shanghai University. His main research interest is security control for networked systems

FEI Min-Rui　Professor at the School of Mechatronics Engineering and Automation, Shanghai University. His research interest covers networked control system and its implementation

YANG Tai-Cheng　Reader in the Department of Engineering, University of Sussex, UK. His research interest covers detection and prevention of malicious cyber-attacks for networked control systems and internet of things

摘要

摘要: 针对传统动态水印(Dynamic-watermarking, DWM)检测方法无法适用模型不确定系统的攻击检测问题, 首先分析模型不确定项导致的传统动态水印检测失效原因, 然后考虑模型不确定项和过程噪声的统计规律, 将其影响转化为对方差变化特性进行分析, 提出两个具有鲁棒性的攻击检测式以及检测式中关键时变方差阈值的确定方法; 其次采用系统失真信号功率定量刻画攻击信号造成系统性能损失程度, 理论证明了系统失真信号功率上界; 在此基础上考虑最坏情况下攻击能够躲过检测, 基于水印信号与其他混合信号相互独立性新增第三检测式, 同时理论证明了系统失真信号功率上界进一步受限范围, 进而提升不确定系统的安全性; 最后仿真算例验证了所提方法的有效性和可行性.
- 动态水印 /
- 模型不确定 /
- 失真信号功率 /
- 攻击检测
Abstract: The traditional dynamic-watermarking (DWM) cyber-attack detection cannot directly apply to uncertain systems. In this paper, we first analyze this failure due to model uncertainty. Secondly, based on the statistics of model uncertainty and process noise, we derive two robust attack-detection formulas, and the method of determining the critical time-varying-variance threshold in the formulas. Then, the system performance loss caused by the attack signal, and the upper limit of the distortion signal power are quantified. Furthermore, in the worst case, to avoid that an attack can pass-through the above two-formula detection, the third detection formula is derived. In addition, the upper limit of the distorted signal power of the system is also derived. This is based on the mutual independence of the watermark signal and other mixed signals. Thus, the three-formula detection strengthens the security of the system with model uncertainty. Finally, we use a simulation example to demonstrate our theoretical results.
- Dynamic-watermarking (DWM) /
- model uncertainty /
- distorted signal power /
- attack detection

HTML全文

图 1 基于DWM的主动检测框架

Fig. 1 Active detection framework based on DWM

下载: 全尺寸图片幻灯片

图 2 基于式(6)的传统水印检测结果

Fig. 2 Traditional watermark detection results based on (6)

下载: 全尺寸图片幻灯片

图 3 基于式(7)的传统水印检测结果

Fig. 3 Traditional watermark detection results based on (7)

下载: 全尺寸图片幻灯片

图 4 基于Test 1的检测结果

Fig. 4 Detection results based on Test 1

下载: 全尺寸图片幻灯片

图 5 基于Test 2的检测结果

Fig. 5 Detection results based on Test 2

下载: 全尺寸图片幻灯片

图 6 基于Test 1的虚假数据注入攻击检测结果 (数值仿真)

Fig. 6 Detection results based on Test 1 under false data injection attack (numerical simulation)

下载: 全尺寸图片幻灯片

图 7 基于Test 2的虚假数据注入攻击检测结果 (数值仿真)

Fig. 7 Detection results based on Test 2 under false data injection attack (numerical simulation)

下载: 全尺寸图片幻灯片

图 8 基于Test 3的虚假数据注入攻击检测结果(数值仿真)

Fig. 8 Detection results based on Test 3 under false data injection attack (numerical simulation)

下载: 全尺寸图片幻灯片

图 9 系统失真信号功率变化

Fig. 9 Variation of system distortion signal power

下载: 全尺寸图片幻灯片

图 10 基于阈值检测的虚假数据注入攻击检测结果(实例仿真)

Fig. 10 Detection results based on threshold detection under false data injection attack (real example simulation)

下载: 全尺寸图片幻灯片

图 12 基于Test 2的虚假数据注入攻击检测结果(实例仿真)

Fig. 12 Detection results based on Test 2 under false data injection attack (real example simulation)

下载: 全尺寸图片幻灯片

图 11 基于Test 1的虚假数据注入攻击检测结果(实例仿真)

Fig. 11 Detection results based on Test 1 under false data injection attack (real example simulation)

下载: 全尺寸图片幻灯片

参考文献(34)

[1]	Zhang X M, Han Q L, Ge X H, Ding D R, Ding L, Yue D, Peng C. Networked control systems: a survey of trends and techniques. IEEE/CAA Journal of Automatica Sinica. 2020, 7(1): 1-17 doi: 10.1109/JAS.2019.1911861
[2]	Sun Q, Lim C C, Shi P, Liu F. Design and stability of moving horizon estimator for Markov jump linear systems. IEEE Transactions on Automatic Control. 2019, 64(3): 1109-1124 doi: 10.1109/TAC.2018.2816102
[3]	Mousavinejad E, Yang F, Han Q L, Vlacic L. A novel cyber attack detection method in networked control systems. IEEE Transactions on Cybernetics. 2018, 48(11): 3254-3264 doi: 10.1109/TCYB.2018.2843358
[4]	Dolk V S, Tesi P, De Persis C, Heemels W P M H. Event-triggered control systems under denial-of-service attacks. IEEE Transactions on Control of Network Systems. 2017, 4(1): 93-105 doi: 10.1109/TCNS.2016.2613445
[5]	Langner R. Stuxnet: Dissecting a cyberwarfare weapon. IEEE Security & Privacy. 2011, 9(3): 49-51
[6]	Cherdantseva Y, Burnap P, Blyth A, Eden P, Jones K, Soulsby H, Stoddart K. A review of cyber security risk assessment methods for SCADA systems. Computers & Security. 2016, 56: 1-27
[7]	王琦, 邰伟, 汤奕, 倪明. 面向电力信息物理系统的虚假数据注入攻击研究综述. 自动化学报. 2019, 45(1): 72-83 Wang Qi, Tai Wei, Tang Yi, Ni Ming. A review on false data injection attack toward cyber-physical power system. ACTA AUTOMATICA SINICA. 2019, 45(1): 72-83
[8]	Kurmanaev A, Herrera I. No end in sight to Venezuelas Blackout, experts warn [Online], available: https://www.nytimes.com/2019/03/11/world/americas/venzuela-blackout-maduro.html, July 15, 2019
[9]	刘烃, 田决, 王稼舟, 吴宏宇, 孙利民, 周亚东, 沈超, 管晓宏. 信息物理融合系统综合安全威胁与防御研究. 自动化学报. 2019, 45(1): 5-24 Liu Ting, Tian Jue, Wang Jia-Zhou, Wu Hong-Yu, Sun Li-Min, Zhou Ya-Dong, Shen Chao, Guan Xiao-Hong. Integrated security threats and defense of cyber-physical systems. ACTA AUTOMATICA SINICA. 2019, 45(1): 5-24
[10]	Dibaji S M, Pirani M, Flamholz D, Annaswamy A M, Johansson K H, Chakrabortty A. A systems and control perspective of CPS security. Annual Reviews in Control. 2019, 47: 394-411 doi: 10.1016/j.arcontrol.2019.04.011
[11]	Murguia C, Van De Wouw N, Ruths J. Reachable sets of hidden CPS sensor attacks: Analysis and synthesis tools. IFAC-PapersOnLine. 2017, 50(1): 2088-2094 doi: 10.1016/j.ifacol.2017.08.528
[12]	Macwan R, Drew C, Panumpabi P, Valdes A, Vaidya N, Sauer P, et al. Collaborative defense against data injection attack in IEC61850 based smart substations. In: Proceedings of the IEEE Power and Energy Society General Meeting. Boston, MA, USA: IEEE, 2016. 1−5
[13]	An L W, Yang G H. Secure state estimation against sparse sensor attacks with adaptive switching mechanism. IEEE Transactions on Automatic Control. 2018, 63(8): 2596-2603 doi: 10.1109/TAC.2017.2766759
[14]	Zhou Y, Vamvoudakis K G, Haddad W M, Jiang Z P. A secure control learning framework for cyber-physical systems under sensor and actuator attacks. IEEE Transactions on Cybernetics, 2021, 51(9): 4648-4660
[15]	李雪, 李雯婷, 杜大军, 孙庆, 费敏锐. 拒绝服务攻击下基于UKF的智能电网动态状态估计研究. 自动化学报. 2019, 45(1): 120-131 Li Xue, Li Wen-Ting, Du Da-Jun, Sun Qing, Fei Min-Rui. Dynamic state estimation of smart grid based on UKF under denial of service attacks. ACTA AUTOMATICA SINICA. 2019, 45(1): 120-131
[16]	Ma L F, Wang Z D, Han Q L, Lam H K. Variance-constrained distributed filtering for time-varying systems with multiplicative noises and deception attacks over sensor networks. IEEE Sensors journal. 2017, 17(7): 2279-2288 doi: 10.1109/JSEN.2017.2654325
[17]	Su L, Ye D. A cooperative detection and compensation mechanism against Denial-of-Service attack for cyber-physical systems. Information Sciences. 2018, 444: 122-134 doi: 10.1016/j.ins.2018.02.066
[18]	Zhao C H, Mallada E, Dirfler F. Distributed frequency control for stability and economic dispatch in power networks. In: Proceedings of the American Control Conference. Chicago, IL, USA: IEEE, 2015. 2359−2364
[19]	Shitharth S, Prince W D. An enhanced optimization based algorithm for intrusion detection in SCADA network. Computers & Security. 2017, 70: 16-26
[20]	Guo Z Y, Shi D W, Johansson K H, Shi L. Optimal linear cyberattack on remote state estimation. IEEE Transactions on Control of Network Systems. 2017, 4(1): 4-13 doi: 10.1109/TCNS.2016.2570003
[21]	Mo Y L, Sinopoli B. On the performance degradation of cyber-physical systems under stealthy integrity attacks. IEEE Transactions on Automatic Control. 2016, 61(9): 2618-2624 doi: 10.1109/TAC.2015.2498708
[22]	Chen Y, Kar, S, Moura J M F. Cyber-Physical attacks with control objectives. IEEE Transactions on Automatic Control. 2018, 63(5): 1418-1425 doi: 10.1109/TAC.2017.2741778
[23]	Mo Y L, Sinopoli B. Secure control against replay attacks. In: Proceedings of the 47th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2009. Monticello, USA: IEEE, 2009. 911−918
[24]	Rubio Hernan J, De Cicco L, Garcia Alfaro J. On the use of watermark-based schemes to detect cyber-physical attacks. Eurasip Journal on Information Security, 2017: Article No. 8
[25]	Fang C G, Qi Y F, Cheng P, Zheng W X. Optimal periodic watermarking schedule for replay attack detection in cyber-physical systems. Automatica. 2020, 112: 108698 doi: 10.1016/j.automatica.2019.108698
[26]	Teixeira A M, Ferrari R M. Detection of sensor data injection attacks with multiplicative watermarking. In: Proceedings of 2018 European Control Conference. Limassol, Cyprus: IEEE, 2018. 338−343
[27]	Song Z, Skuric A, Ji K. A recursive watermark method for hard real-time industrial control system cyber-resilience Enhancement. IEEE Transactions on Automation Science and Engineering. 2020, 17(2): 1030-1043 doi: 10.1109/TASE.2019.2963257
[28]	Satchidanandan B, Kumar P R. Dynamic watermarking: Active defense of networked cyber-physical systems. Proceedings of the IEEE. 2017, 105(2): 219-240 doi: 10.1109/JPROC.2016.2575064
[29]	Satchidanandan B, Kumar P R. On the design of securityguaranteeing dynamic watermarks. IEEE Control Systems Letters. 2020, 4(2): 307-312 doi: 10.1109/LCSYS.2019.2925278
[30]	Huang T, Satchidanandan B, Kumar P R, Xie L. An online detection framework for cyber-attacks on automatic generation control. IEEE Transactions on Power Systems. 2018, 33(6): 6816–6827 doi: 10.1109/TPWRS.2018.2829743
[31]	Zhao D, Ding S X, Karimi H R, Li Y Y. Robust H_∞ filtering for two-dimensional uncertain linear discrete time-varying systems: A Krein space-based method. IEEE Transactions on Automatic Control. 2019, 64(12): 5124-5131 doi: 10.1109/TAC.2019.2908699
[32]	Lai T L, Wei C Z. Least squares estimates in stochastic regression models with applications to identification and control of dynamic systems. Annals of Statistics. 1982, 10(1): 154-166 doi: 10.1214/aos/1176345697
[33]	Hu X M, Zou Q, Zou H B. Design and application of fractional order predictive functional control for industrial heating furnace. IEEE Access. 2018, 6: 66565-66575 doi: 10.1109/ACCESS.2018.2878554
[34]	Naghnaeian M, Hirzallah N H, Voulgaris P G. Security via multirate control in cyber-physical systems. Systems & Control Letters. 2019, 124: 12-18