Adversarial Regression for Detecting Attacks in Cyber-Physical Systems

TL;DR

This paper explores the use of supervised regression for detecting sensor attacks in cyber-physical systems, modeling the defender-attacker interaction as a Stackelberg game, and proposes a heuristic to improve system resilience.

Contribution

It introduces a game-theoretic framework for sensor attack detection and develops a heuristic algorithm for optimal detection threshold setting.

Findings

The proposed heuristic increases system resilience to stealthy attacks.

Common regression methods remain vulnerable to carefully crafted sensor manipulations.

The Stackelberg game model effectively captures defender-attacker dynamics in CPS security.

Abstract

Attacks in cyber-physical systems (CPS) which manipulate sensor readings can cause enormous physical damage if undetected. Detection of attacks on sensors is crucial to mitigate this issue. We study supervised regression as a means to detect anomalous sensor readings, where each sensor's measurement is predicted as a function of other sensors. We show that several common learning approaches in this context are still vulnerable to \emph{stealthy attacks}, which carefully modify readings of compromised sensors to cause desired damage while remaining undetected. Next, we model the interaction between the CPS defender and attacker as a Stackelberg game in which the defender chooses detection thresholds, while the attacker deploys a stealthy attack in response. We present a heuristic algorithm for finding an approximately optimal threshold for the defender in this game, and show that it increases system resilience to attacks without significantly increasing the false alarm rate.