Enhancing sensor attack detection in supervisory control systems modeled by probabilistic automata

TL;DR

This paper introduces a probabilistic framework for detecting sensor attacks in cyber-physical systems, improving detection capabilities for multiple attack strategies and providing a method to maximize detection confidence.

Contribution

It extends existing detection methods by enabling identification of multiple sensor attack strategies using probabilistic automata and develops an efficient algorithm for verification and confidence maximization.

Findings

Developed a polynomial-time algorithm for attack detectability verification.

Extended detection to multiple attack strategies using probabilistic information.

Proposed a method to maximize detection confidence level.

Abstract

Sensor attacks compromise the reliability of cyber-physical systems (CPSs) by altering sensor outputs with the objective of leading the system to unsafe system states. This paper studies a probabilistic intrusion detection framework based on $\lambda$-sensor-attack detectability ($\lambda$-sa), a formal measure that evaluates the likelihood of a system being under attack based on observed behaviors. Our framework enhances detection by extending its capabilities to identify multiple sensor attack strategies using probabilistic information, which enables the detection of sensor attacks that were undetected by current detection methodologies. We develop a polynomial-time algorithm that verifies $\lambda$-sa detectability by constructing a weighted verifier automaton and solving the shortest path problem. Additionally, we propose a method to determine the maximum detection confidence level ($\lambda$*) achievable by the system, ensuring the highest probability of identifying attack-induced behaviors.