Active Fuzzing for Testing and Securing Cyber-Physical Systems
- URL: http://arxiv.org/abs/2005.14124v2
- Date: Thu, 16 Jul 2020 08:15:48 GMT
- Title: Active Fuzzing for Testing and Securing Cyber-Physical Systems
- Authors: Yuqi Chen, Bohan Xuan, Christopher M. Poskitt, Jun Sun, Fan Zhang
- Abstract summary: We propose active fuzzing, an automatic approach for finding test suites of packet-level CPS network attacks.
Key to our solution is the use of online active learning, which iteratively updates the models by sampling payloads.
We evaluate the efficacy of active fuzzing by implementing it for a water purification plant testbed, finding it can automatically discover a test suite of flow, pressure, and over/underflow attacks.
- Score: 8.228859318969082
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Cyber-physical systems (CPSs) in critical infrastructure face a pervasive
threat from attackers, motivating research into a variety of countermeasures
for securing them. Assessing the effectiveness of these countermeasures is
challenging, however, as realistic benchmarks of attacks are difficult to
manually construct, blindly testing is ineffective due to the enormous search
spaces and resource requirements, and intelligent fuzzing approaches require
impractical amounts of data and network access. In this work, we propose active
fuzzing, an automatic approach for finding test suites of packet-level CPS
network attacks, targeting scenarios in which attackers can observe sensors and
manipulate packets, but have no existing knowledge about the payload encodings.
Our approach learns regression models for predicting sensor values that will
result from sampled network packets, and uses these predictions to guide a
search for payload manipulations (i.e. bit flips) most likely to drive the CPS
into an unsafe state. Key to our solution is the use of online active learning,
which iteratively updates the models by sampling payloads that are estimated to
maximally improve them. We evaluate the efficacy of active fuzzing by
implementing it for a water purification plant testbed, finding it can
automatically discover a test suite of flow, pressure, and over/underflow
attacks, all with substantially less time, data, and network access than the
most comparable approach. Finally, we demonstrate that our prediction models
can also be utilised as countermeasures themselves, implementing them as
anomaly detectors and early warning systems.
Related papers
- Revolutionizing Payload Inspection: A Self-Supervised Journey to Precision with Few Shots [0.0]
Traditional security measures are inadequate against the sophistication of modern cyber attacks.
Deep Packet Inspection (DPI) has been pivotal in enhancing network security.
integration of advanced deep learning techniques with DPI has introduced modern methodologies into malware detection.
arXiv Detail & Related papers (2024-09-26T18:55:52Z) - FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids [53.2306792009435]
FaultGuard is the first framework for fault type and zone classification resilient to adversarial attacks.
We propose a low-complexity fault prediction model and an online adversarial training technique to enhance robustness.
Our model outclasses the state-of-the-art for resilient fault prediction benchmarking, with an accuracy of up to 0.958.
arXiv Detail & Related papers (2024-03-26T08:51:23Z) - Performance evaluation of Machine learning algorithms for Intrusion Detection System [0.40964539027092917]
This paper focuses on intrusion detection systems (IDSs) analysis using Machine Learning (ML) techniques.
We analyze the KDD CUP-'99' intrusion detection dataset used for training and validating ML models.
arXiv Detail & Related papers (2023-10-01T06:35:37Z) - Intrusion Detection in Internet of Things using Convolutional Neural
Networks [4.718295605140562]
We propose a novel solution to the intrusion attacks against IoT devices using CNNs.
The data is encoded as the convolutional operations to capture the patterns from the sensors data along time.
The experimental results show significant improvement in both true positive rate and false positive rate compared to the baseline using LSTM.
arXiv Detail & Related papers (2022-11-18T07:27:07Z) - Illusory Attacks: Information-Theoretic Detectability Matters in Adversarial Attacks [76.35478518372692]
We introduce epsilon-illusory, a novel form of adversarial attack on sequential decision-makers.
Compared to existing attacks, we empirically find epsilon-illusory to be significantly harder to detect with automated methods.
Our findings suggest the need for better anomaly detectors, as well as effective hardware- and system-level defenses.
arXiv Detail & Related papers (2022-07-20T19:49:09Z) - Improving robustness of jet tagging algorithms with adversarial training [56.79800815519762]
We investigate the vulnerability of flavor tagging algorithms via application of adversarial attacks.
We present an adversarial training strategy that mitigates the impact of such simulated attacks.
arXiv Detail & Related papers (2022-03-25T19:57:19Z) - Early Detection of Network Attacks Using Deep Learning [0.0]
A network intrusion detection system (IDS) is a tool used for identifying unauthorized and malicious behavior by observing the network traffic.
We propose an end-to-end early intrusion detection system to prevent network attacks before they could cause any more damage to the system under attack.
arXiv Detail & Related papers (2022-01-27T16:35:37Z) - Certifiers Make Neural Networks Vulnerable to Availability Attacks [70.69104148250614]
We show for the first time that fallback strategies can be deliberately triggered by an adversary.
In addition to naturally occurring abstains for some inputs and perturbations, the adversary can use training-time attacks to deliberately trigger the fallback.
We design two novel availability attacks, which show the practical relevance of these threats.
arXiv Detail & Related papers (2021-08-25T15:49:10Z) - DAAIN: Detection of Anomalous and Adversarial Input using Normalizing
Flows [52.31831255787147]
We introduce a novel technique, DAAIN, to detect out-of-distribution (OOD) inputs and adversarial attacks (AA)
Our approach monitors the inner workings of a neural network and learns a density estimator of the activation distribution.
Our model can be trained on a single GPU making it compute efficient and deployable without requiring specialized accelerators.
arXiv Detail & Related papers (2021-05-30T22:07:13Z) - Deep Learning based Covert Attack Identification for Industrial Control
Systems [5.299113288020827]
We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on smart grids.
The framework has a hybrid design that combines an autoencoder, a recurrent neural network (RNN) with a Long-Short-Term-Memory layer, and a Deep Neural Network (DNN)
arXiv Detail & Related papers (2020-09-25T17:48:43Z) - Bayesian Optimization with Machine Learning Algorithms Towards Anomaly
Detection [66.05992706105224]
In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique.
The performance of the considered algorithms is evaluated using the ISCX 2012 dataset.
Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
arXiv Detail & Related papers (2020-08-05T19:29:35Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.