New approach to detect and recover from sophisticated cyberattacks in real time
In 2015, hackers infiltrated the corporate network of Ukraine’s power grid and injected malicious software, which caused a massive power outage. Such cyberattacks, along with the dangers to society that they represent, could become more common as the number of cyber-physical systems (CPS) increases.
A CPS is any system controlled by a network involving physical elements that tangibly interact with the material world. CPSs are incredibly common in industries, especially those integrating robotics or similar automated machinery to the production line. However, as CPSs make their way into societal infrastructures such as public transport and energy management, it becomes even more important to be able to efficiently fend off various types of cyberattacks.
In a recent study published in IEEE Transactions on Industrial Informatics, researchers from Daegu Gyeongbuk Institute of Science and Technology (DGIST), Korea, have developed a framework for CPSs that is resilient against a sophisticated kind of cyberattack: the pole-dynamics attack (PDA). In a PDA, the hacker connects to a node in the network of the CPS and injects false sensor data. Without proper readings from the sensors of the physical elements of the system, the control signals sent by the control algorithm to the physical actuators are incorrect, causing them to malfunction and behave in unexpected, potentially dangerous ways.
To address PDAs, the researchers adopted a technique known as software-defined networking (SDN), whereby the network of the CPS is made more dynamic by distributing the relaying of signals through controllable SDN switches. In addition, the proposed approach relies on a novel attack-detection algorithm embedded in the SDN switches, which can raise an alarm to the centralized network manager if false sensor data are being injected.
Once the network manager is notified, it not only cuts the cyberattacker off by pruning the compromised nodes but also establishes a new safe path for the sensor data. “Existing studies have only focused on attack detection, but they fail to consider the implications of detection and recovery in real time,” explains Professor Kyung-Joon Park, who led the study, “In our study, we simultaneously considered these factors to understand their effects on real-time performance and guarantee stable CPS operation.”
The new framework was validated experimentally in a dedicated testbed, showing promising results. Excited about the outcomes of the study, Park remarks, “Considering CPSs are a key technology of smart cities and unmanned transport systems, we expect our research will be crucial to provide reliability and resiliency to CPSs in various application domains.” Having a system that is robust against cyberattacks means that economic losses and personal injuries can be minimized. Therefore, this study paves the way to a more secure future for both CPSs and ourselves.
Authors: Sangjun Kim, Yongsoon Eun, and Kyung-Joon Park*
Title of original paper: Stealthy Sensor Attack Detection and Real-Time Performance Recovery for Resilient CPS
Journal: IEEE Transactions on Industrial Informatics
Affiliation: Department of Information and Communication Engineering, DGIST
*Corresponding author’s email: [email protected]
About Daegu Gyeongbuk Institute of Science and Technology (DGIST)
Daegu Gyeongbuk Institute of Science and Technology (DGIST) is a well-known and respected research institute located in Daegu, Republic of Korea. Established in 2004 by the Korean Government, the main aim of DGIST is to promote national science and technology, as well as to boost the local economy.
With a vision of “Changing the world through convergence”, DGIST has undertaken a wide range of research in various fields of science and technology. DGIST has embraced a multidisciplinary approach to research and undertaken intensive studies in some of today’s most vital fields. DGIST also has state-of-the-art-infrastructure to enable cutting-edge research in materials science, robotics, cognitive sciences, and communication engineering.
About the authors
Sangjun Kim, lead author of this study, is an integrated MS-PhD course student at the Department of Information and Communication Engineering, DGIST. Prof. Yongsoon Eun, co-author, and Prof. Kyung-Joon Park, corresponding author, are also part of the Department of Information and Communication Engineering.
Related Journal Article