Baiting AI: Deceptive Adversary Against AI-Protected Industrial Infrastructures

TL;DR

This paper introduces a sophisticated cyber-attack method using multi-agent Deep Reinforcement Learning to stealthily degrade industrial water treatment systems while evading existing AI security measures.

Contribution

It presents a novel DRL-based attack strategy targeting ICS, demonstrating its effectiveness and potential to manipulate industrial infrastructure security.

Findings

The attack can subtly degrade product quality.

The attack evades current AI-based detection systems.

The approach is validated in an industry-level setup.

Abstract

This paper explores a new cyber-attack vector targeting Industrial Control Systems (ICS), particularly focusing on water treatment facilities. Developing a new multi-agent Deep Reinforcement Learning (DRL) approach, adversaries craft stealthy, strategically timed, wear-out attacks designed to subtly degrade product quality and reduce the lifespan of field actuators. This sophisticated method leverages DRL methodology not only to execute precise and detrimental impacts on targeted infrastructure but also to evade detection by contemporary AI-driven defence systems. By developing and implementing tailored policies, the attackers ensure their hostile actions blend seamlessly with normal operational patterns, circumventing integrated security measures. Our research reveals the robustness of this attack strategy, shedding light on the potential for DRL models to be manipulated for adversarial purposes. Our research has been validated through testing and analysis in an industry-level setup. For reproducibility and further study, all related materials, including datasets and documentation, are publicly accessible.