Learning-based attacks in cyber-physical systems

TL;DR

This paper investigates learning-based attacks on cyber-physical systems, analyzing how attackers learn system dynamics to deceive controllers, and proposes methods to enhance system security against such sophisticated threats.

Contribution

It provides bounds on attack success probabilities, explores defenses using privacy signals, and extends analysis to nonlinear dynamics with Gaussian-process learning.

Findings

Derived upper bounds on deception probability for scalar plants.

Established lower bounds using empirical variance-based authentication.

Showed effectiveness of privacy-enhancing signals and analyzed nonlinear Gaussian-process attacks.

Abstract

We introduce the problem of learning-based attacks in a simple abstraction of cyber-physical systems---the case of a discrete-time, linear, time-invariant plant that may be subject to an attack that overrides the sensor readings and the controller actions. The attacker attempts to learn the dynamics of the plant and subsequently override the controller's actuation signal, to destroy the plant without being detected. The attacker can feed fictitious sensor readings to the controller using its estimate of the plant dynamics and mimic the legitimate plant operation. The controller, on the other hand, is constantly on the lookout for an attack; once the controller detects an attack, it immediately shuts the plant off. In the case of scalar plants, we derive an upper bound on the attacker's deception probability for any measurable control policy when the attacker uses an arbitrary learning algorithm to estimate the system dynamics. We then derive lower bounds for the attacker's deception probability for both scalar and vector plants by assuming a specific authentication test that inspects the empirical variance of the system disturbance. We also show how the controller can improve the security of the system by superimposing a carefully crafted privacy-enhancing signal on top of the "nominal control policy." Finally, for nonlinear scalar dynamics that belong to the Reproducing Kernel Hilbert Space (RKHS), we investigate the performance of attacks based on nonlinear Gaussian-processes (GP) learning algorithms.