Poisoning Attacks on Cyber Attack Detectors for Industrial Control Systems

TL;DR

This paper demonstrates how poisoning attacks can compromise neural network-based cyber attack detectors in industrial control systems, highlighting vulnerabilities and proposing attack algorithms tested on real and synthetic data.

Contribution

First to show poisoning attacks on ICS neural network detectors, introducing two attack algorithms and analyzing potential mitigation strategies.

Findings

Poisoning attacks can successfully evade ICS cyber attack detectors.

Interpolation- and back-gradient based poisoning are effective on real-world data.

Potential mitigation strategies can reduce attack success.

Abstract

Recently, neural network (NN)-based methods, including autoencoders, have been proposed for the detection of cyber attacks targeting industrial control systems (ICSs). Such detectors are often retrained, using data collected during system operation, to cope with the natural evolution (i.e., concept drift) of the monitored signals. However, by exploiting this mechanism, an attacker can fake the signals provided by corrupted sensors at training time and poison the learning process of the detector such that cyber attacks go undetected at test time. With this research, we are the first to demonstrate such poisoning attacks on ICS cyber attack online NN detectors. We propose two distinct attack algorithms, namely, interpolation- and back-gradient based poisoning, and demonstrate their effectiveness on both synthetic and real-world ICS data. We also discuss and analyze some potential mitigation strategies.