Article

Investigation of Cyber Attacks on a Water Distribution System

Authors:

Venkata Reddy Palleti,

Gyanendra Mishra,

Aditya MathurAuthors Info & Claims

Applied Cryptography and Network Security Workshops: ACNS 2020 Satellite Workshops, AIBlock, AIHWS, AIoTS, Cloud S&P, SCI, SecMT, and SiMLA, Rome, Italy, October 19–22, 2020, Proceedings

Pages 274 - 291

https://doi.org/10.1007/978-3-030-61638-0_16

Published: 19 October 2020 Publication History

Abstract

A Cyber Physical System (CPS) consists of cyber components for computation and communication, and physical components such as sensors and actuators for process control. These components are networked and interact in a feedback loop. CPS are found in critical infrastructure such as water distribution, power grid, and mass transportation. Often these systems are vulnerable to attacks as the cyber components are potential targets for attackers. In this work, we report a study to investigate the impact of cyber attacks on a water distribution (WADI) system. Attacks were designed to meet attacker objectives and launched on WADI using a specially designed tool. This tool enables the launch of single and multi-point attacks where the latter are designed to specifically hide one or more attacks. The outcome of the experiments led to a better understanding of attack propagation and behavior of WADI in response to the attacks as well as to the design of an attack detection mechanism for water distribution system.

References

[1]

Abrams, M., Weiss, J.: Malicious control system cyber security attack case study-Maroochy Water Services. The MITRE Corporation, Australia (2008)

[2]

Adepu S, Kandasamy NK, Mathur A, et al. Katsikas SK et al. EPIC: an electric power testbed for research and training in cyber physical systems security Computer Security 2019 Cham Springer 37-52

[3]

Adepu, S., Mathur, A.: Distributed detection of single-stage multipoint cyber attacks in a water treatment plant. In: Proceedings of the 11th ASIACCS, pp. 449–460 (2016)

[4]

Adepu, S., Mathur, A.: Generalized attacker and attack models for cyber physical systems. In: 2016 IEEE 40th Annual COMPSAC, vol. 1, pp. 283–292 (2016)

[5]

Adepu, S., Mathur, A.: Assessing the effectiveness of attack detection at a hackfest on industrial control systems. IEEE Trans. Sustain. Comput. (2018)

[6]

Adepu, S., Mishra, G., Mathur, A.: Access control in water distribution networks: a case study. In: QRS (2017)

[7]

Ahmed, C.M., Palleti, V.R., Mathur, A.: WADI: a water distribution testbed for research in the design of secure cyber physical systems. In: 3rd CysWater (2017)

[8]

Amin, S., Litrico, X., Sastry, S., Bayen, A.: Cyber security of water SCADA systems; Part I: analysis and experimentation of stealthy deception attacks. IEEE Trans. Control Syst. Technol. (2013)

[9]

Amin, S., Litrico, X., Sastry, S., Bayen, A.: Cyber security of water SCADA systems; Part II: attack detection using enhanced hydrodynamic models. IEEE Trans. Control Syst. Technol. (2013)

[10]

Antonioli, D., Ghaeini, H.R., Adepu, S., Ochoa, M., Tippenhauer, N.O.: Gamifying ICS security training and research: design, implementation, and results of S3. In: Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, pp. 93–102. ACM (2017)

[11]

Baig, Z., Ahmad, S., Sait, S.: Detecting intrusive activity in the smart grid communications infrastructure using self-organizing maps. In: 12th IEEE TrustCom, pp. 1594–1599, July 2013

[12]

Bhave, A., Krogh, B., Garlan, D., Schmerl, B.: View consistency in architectures for cyber-physical systems. In: Proceedings of the 2nd ACM/IEEE International Conference on Cyber-Physical Systems (2011)

[13]

Chen, B., et al.: Go with the flow: toward workflow-oriented security assessment. In: Proceedings of the 2013 Workshop on New Security Paradigms Workshop. NSPW 2013, pp. 65–76 (2013)

[14]

Chen, Y., Poskitt, C.M., Sun, J.: Learning from mutants: using code mutation to learn and monitor invariants of a cyber-physical system. In: Proceedings of the IEEE Symposium on Security and Privacy (S&P 2018) (2018)

[15]

ICS-CERT Advisories. https://ics-cert.us-cert.gov/advisories

[16]

Frey, S., Rashid, A., Anthonysamy, P., Pinto-Albuquerque, M., Naqvi, S.A.: The good, the bad and the ugly: a study of security decisions in a cyber-physical systems game. IEEE Trans. Softw. Eng. (2018)

[17]

Gamage, T., McMillin, B., Roth, T.: Enforcing information flow security properties in cyber-physical systems: a generalized framework based on compensation. In: IEEE 34th Annual COMPSACW, pp. 158–163 (2010)

[18]

Goh, J., Adepu, S., Tan, M., Lee, Z.S.: Anomaly detection in cyber physical systems using recurrent neural networks. In: 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE), pp. 140–145. IEEE (2017)

[19]

Homeland Security: DHS common cybersecurity vulnerabilities in ICS. https://ics-cert.us-cert.gov/sites/default/files/recommended_practices/DHS_Common_Cybersecurity_Vulnerabilities_ICS_2010.pdf

[20]

Jajodia, S., Noel, S.: Advanced cyber attack modeling, analysis, and visualization. Technical report AFRL-RI-RS-TR-2010-078. Final Technical Report, George Mason University, March 2010

[21]

Kang, E., Adepu, S., Jackson, D., Mathur, A.P.: Model-based security analysis of a water treatment system. In: In Proceedings of 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems, May 2016

[22]

Kasper Sky: Industrial control systems vulnerabilities statistics. https://kasperskycontenthub.com/securelist/files/2016/07/KL_REPORT_ICS_Statistic_vulnerabilities.pdf

[23]

Kwon, C., Liu, W., Hwang, I.: Security analysis for cyber-physical systems against stealthy deception attacks. In: ACC, pp. 3344–3349 (2013)

[24]

Lin, Q., Adepu, S., Verwer, S., Mathur, A.: Tabor: a graphical model-based approach for anomaly detection in industrial control systems. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 525–536. ACM (2018)

[25]

Microsoft: Activex controls. https://msdn.microsoft.com/en-us/library/aa751968(v=vs.85).aspx

[26]

Mitchell R and Chen IR A survey of intrusion detection techniques for cyber-physical systems ACM Comput. Surv. (CSUR) 2014 46 4 55

[27]

Palleti VR, Narasimhan S, Rengaswamy R, Teja R, and Bhallamudi SM Sensor network design for contaminant detection and identification in water distribution networks Comput. Chem. Eng. 2016 87 246-256

[28]

Palleti VR, Tan YC, and Samavedham L A mechanistic fault detection and isolation approach using Kalman filter to improve the security of cyber physical systems J. Process Control 2018 68 160-170

[29]

Patlolla, S.S., McMillin, B., Adepu, S., Mathur, A.: An approach for formal analysis of the security of a water treatment testbed. In: 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC), pp. 115–124. IEEE (2018)

[30]

Rocchetto M and Tippenhauer NO Askoxylakis I, Ioannidis S, Katsikas S, and Meadows C On attacker models and profiles for cyber-physical systems Computer Security – ESORICS 2016 2016 Cham Springer 427-449

[31]

Rupp, M.: Honeywell XL web II controller vulnerabilities. https://ics-cert.us-cert.gov/advisories/ICSA-17-033-01

[32]

Taormina R, Galelli S, Tippenhauer NO, Salomons E, and Ostfeld A Characterizing cyber-physical attacks on water distribution systems J. Water Resour. Plann. Manag. 2017 143 5 04017009

[33]

Taormina R et al. Battle of the attack detection algorithms: disclosing cyber attacks on water distribution networks J. Water Resour. Plann. Manag. 2018 144 8 04018048

Cited By

Heinrich MGölz AArul TKatzenbeisser S(2023)Rule-based anomaly detection for railway signalling networksInternational Journal of Critical Infrastructure Protection10.1016/j.ijcip.2023.10060342:COnline publication date: 1-Sep-2023
https://dl.acm.org/doi/10.1016/j.ijcip.2023.100603
Rodríguez Martínez CQuiñones-Grueiro MVerde CLlanes-Santiago O(2021)A Novel Approach for Detection and Location of Cyber-Attacks in Water Distribution NetworksProgress in Artificial Intelligence and Pattern Recognition10.1007/978-3-030-89691-1_9(79-90)Online publication date: 5-Oct-2021
https://dl.acm.org/doi/10.1007/978-3-030-89691-1_9

Index Terms

Investigation of Cyber Attacks on a Water Distribution System
1. Security and privacy

Index terms have been assigned to the content through auto-classification.

Recommendations

Distributed Detection of Single-Stage Multipoint Cyber Attacks in a Water Treatment Plant
ASIA CCS '16: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security

A distributed detection method is proposed to detect single stage multi-point (SSMP) attacks on a Cyber Physical System (CPS). Such attacks aim at compromising two or more sensors or actuators at any one stage of a CPS and could totally compromise a ...
Can Replay Attacks Designed to Steal Water from Water Distribution Systems Remain Undetected?
Special Issue on Security and Privacy for Connected CPS

Industrial Control Systems (ICS) monitor and control physical processes. ICS are found in, among others, critical infrastructures such as water treatment plants, water distribution systems, and the electric power grid. While the existence of cyber-...
Government regulations in cyber security: Framework, standards and recommendations
Abstract
Cyber security refers to the protection of Internet-connected systems, such as hardware, software as well as data (information) from cyber attacks (adversaries). A cyber security regulation is needed in order to protect information ...
Highlights
- We list and discuss the cyber attacks, security requirements and measures. We then discuss the cyber security incident management framework and its various ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

Applied Cryptography and Network Security Workshops: ACNS 2020 Satellite Workshops, AIBlock, AIHWS, AIoTS, Cloud S&P, SCI, SecMT, and SiMLA, Rome, Italy, October 19–22, 2020, Proceedings

Oct 2020

591 pages

ISBN:978-3-030-61637-3

DOI:10.1007/978-3-030-61638-0

Editors:
Jianying Zhou
Singapore University of Technology and Design, Singapore, Singapore
,
Mauro Conti
University of Padua, Padua, Italy
,
Chuadhry Mujeeb Ahmed
Singapore University of Technology and Design, Singapore, Singapore
,
Man Ho Au
The University of Hong Kong, Hong Kong, Hong Kong
,
Lejla Batina
ICIS, Radboud University Nijmegen, Nijmegen, The Netherlands
,
Zhou Li
University of California, Irvine, CA, USA
,
Jingqiang Lin
University of Science and Technology of China, Hefei, China
,
Eleonora Losiouk
University of Padua, Padua, Italy
,
Bo Luo
University of Kansas, Lawrence, KS, USA
,
Suryadipta Majumdar
CIISE, Concordia University, Montréal, QC, Canada
,
Weizhi Meng
Technical University of Denmark, Lyngby, Denmark
,
Martín Ochoa
AppGate Inc., Bogotá, Colombia
,
Stjepan Picek
Delft University of Technology, Delft, The Netherlands
,
Georgios Portokalidis
Stevens Institute of Technology, Hoboken, NJ, USA
,
Cong Wang
City University of Hong Kong, Hong Kong, China
,
Kehuan Zhang
Chinese University of Hong Kong, Shatin, Hong Kong

© Springer Nature Switzerland AG 2020.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 19 October 2020

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Heinrich MGölz AArul TKatzenbeisser S(2023)Rule-based anomaly detection for railway signalling networksInternational Journal of Critical Infrastructure Protection10.1016/j.ijcip.2023.10060342:COnline publication date: 1-Sep-2023
https://dl.acm.org/doi/10.1016/j.ijcip.2023.100603
Rodríguez Martínez CQuiñones-Grueiro MVerde CLlanes-Santiago O(2021)A Novel Approach for Detection and Location of Cyber-Attacks in Water Distribution NetworksProgress in Artificial Intelligence and Pattern Recognition10.1007/978-3-030-89691-1_9(79-90)Online publication date: 5-Oct-2021
https://dl.acm.org/doi/10.1007/978-3-030-89691-1_9

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents