research-article

Public Access

Availability attacks on computing systems through alteration of environmental control: smart malware approach

Authors:

Zbigniew T. Kalbarczyk,

Ravishankar K. IyerAuthors Info & Claims

ICCPS '19: Proceedings of the 10th ACM/IEEE International Conference on Cyber-Physical Systems

Pages 1 - 12

https://doi.org/10.1145/3302509.3311041

Published: 16 April 2019 Publication History

Abstract

In this paper, we demonstrate the feasibility of smart malware that advances state-of-the-art attacks by (i) indirectly attacking a computing infrastructure through a cyber-physical system (CPS) that manages the environment in which the computing enterprise operates, (ii) disguising its malicious actions as accidental failures, and (iii) self-learning attack strategies from cyber-physical system measurement data. We address all aspects of the malware, including the construction of the self-learning malware and the launch of a failure injection attack. We validate the attacks in a data-driven CPS simulation environment developed as part of this study.

References

[1]

Homa Alemzadeh, Daniel Chen, Xiao Li, Thenkurussi Kesavadas, Zbigniew T. Kalbarczyk, and Ravishankar K. Iyer. 2016. Targeted Attacks on Teleoperated Surgical Robots: Dynamic Model-based Detection and Mitigation. In Proceedings of the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. 395--406.

[2]

Zahid Anwar and Asad Waqar Malik. 2014. Can a DDoS Attack Meltdown My Data Center? A Simulation Study and Defense Strategies. IEEE Communications Letters 18, 7 (July 2014), 1175--1178.

[3]

Phuong Cao, Eric Badger, Zbigniew Kalbarczyk, Ravishankar Iyer, and Adam Slagell. 2015. Preemptive Intrusion Detection: Theoretical Framework and Real-world Measurements. In Proceedings of the 2015 Symposium and Bootcamp on the Science of Security. 1--12.

Digital Library

[4]

Alvaro A Cárdenas, Saurabh Amin, and Shankar Sastry. 2008. Research Challenges for the Security of Control Systems. In 3rd USENIX Workshop on Hot Topics in Security.

Digital Library

[5]

Keywhan Chung, Valerio Formicola, Zbigniew T. Kalbarczyk, Ravishankar K. Iyer, Alexander Withers, and Adam J. Slagell. 2016. Attacking Supercomputers Through Targeted Alteration of Environmental Control: A Data Driven Case Study. In Proceedings of the IEEE Conference on Communications and Network Security. 406--410.

[6]

Catello Di Martino, Zbigniew Kalbarczyk, Ravishankar K. Iyer, Fabio Baccanico, Joseph Fullop, and William Kramer. 2014. Lessons Learned from the Analysis of System Failures at Petascale: The Case of Blue Waters. In Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. 610--621.

Digital Library

[7]

Xing Gao, Dachuan Liu, Daiping Liu, and Haining Wang. 2016. On Energy Security of Smartphones. In Proceedings of the ACM Conference on Data and Application Security and Privacy. 148--150.

Digital Library

[8]

Xing Gao, Zhang Xu, Haining Wang, Li Li, and Xiaorui Wang. 2017. Why Some Like It Hot Too: Thermal Attack on Data Centers. In Proceedings of the ACM International Conference on Measurement and Modeling of Computer Systems. 23--24.

Digital Library

[9]

Xing Gao, Zhang Xu, Haining Wang, Li Li, and Xiaorui Wang. 2018. Reduced Cooling Redundancy: A New Security Vulnerability in a Hot Data Center. In Proceedings of the Network and Distributed System Security Symposium.

[10]

Luis Garcia, Ferdinand Brasser, Mehmet Hazar Cintuglu, Ahmad-Reza Sadeghi, Osama A. Mohammed, and Saman A. Zonouz. 2017. Hey, My Malware Knows Physics! Attacking PLCs with Physical Model Aware Rootkit. In Proceedings of the Annual Network and Distributed System Security Symposium.

[11]

John A. Hartigan and Manchek A. Wong. 1979. Algorithm AS 136: A K-Means Clustering Algorithm. Journal of the Royal Statistical Society. Series C (Applied Statistics) 28, 1 (1979), 100--108.

[12]

Wade W. Huebsch, Bruce R. Munson, Theodore H. Okiishi, and Donald F. Young. 2009. Fundamentals of Fluid Mechanics. John Wiley & Sons.

[13]

Ralph Langner. 2011. Stuxnet: Dissecting a Cyberwarfare Weapon. IEEE Security & Privacy 9,3 (2011), 49--51.

Digital Library

[14]

Robert M. Lee, Michael J. Assante, and Tim Conway. 2016. Analysis of the Cyber Attack on the Ukrainian Power Grid. Technical Report. Electricity Information Sharing and Analysis Center (E-ISAC).

[15]

Chao Li, Zhenhua Wang, Xiaofeng Hou, Haopeng Chen, Xiaoyao Liang, and Minyi Guo. 2016. Power Attack Defense: Securing Battery-Backed Data Centers. In Proceedings of the ACM/IEEE 43rd Annual International Symposium on Computer Architecture. 493--505.

Digital Library

[16]

Bernard Lim, Daniel Chen, Yongkyu An, Zbigniew Kalbarczyk, and Ravishankar Iyer. 2017. Attack Induced Common-Mode Failures on PLC-Based Safety System in a Nuclear Power Plant: Practical Experience Report. In Proceedings of the IEEE Pacific Rim International Symposium on Dependable Computing. 205--210.

[17]

Hui Lin, Adam Slagell, Catello Di Martino, Zbigniew Kalbarczyk, and Ravishankar K. Iyer. 2013. Adapting Bro into SCADA: Building a Specification-based Intrusion Detection System for the DNP3 Protocol. In Proceedings of the Annual Cyber Security and Information Intelligence Research Workshop. 5:1--5:4.

Digital Library

[18]

S. McLaughlin, B. Holbert, A. Fawaz, R. Berthier, and S. Zonouz. 2013. A Multi-Sensor Energy Theft Detection Framework for Advanced Metering Infrastructures. IEEE Journal on Selected Areas in Communications 31, 7 (July 2013), 1319--1330.

[19]

The Bro Project. 2012. The Bro Network Security Monitor. (2012). http://www.bro.org/

[20]

Aashish Sharma, Zbigniew Kalbarczyk, James Barlow, and Ravishankar Iyer. 2011. Analysis of Security Data from a Large Computing Organization. In Proceedings of the 41st Annual IEEE/IFIP International Conference on Dependable Systems and Networks. 506--517.

Digital Library

[21]

Shawn Shields. 2009. Dynamic Thermal Response of the Data Center to Cooling Loss During Facility Power Failure. Ph.D. Dissertation. Georgia Institute of Technology.

[22]

Siemens. 2008. SIMATIC S7 - OPENMODBUS / TCP Communication via the Integrated PN Interface of the PLC. Siemens.

[23]

Siemens Building Technologies. 2000. APOGEE Powers Process Control Language (PPCL) User's Manual. Siemens.

[24]

André Teixeira, Daniel Pérez, Henrik Sandberg, and Karl Henrik Johansson. 2012. Attack Models and Scenarios for Networked Control Systems. In Proceedings of the 1st International Conference on High Confidence Networked Systems (HiCoNS '12). 55--64.

Digital Library

[25]

André Teixeira, Henrik Sandberg, and Karl H Johansson. 2010. Networked Control Systems under Cyber Attacks with Applications to Power Networks. In Proceedings of the American Control Conference (ACC). IEEE, 3690--3696.

[26]

U.S. Senate, Committee on Commerce, Science and Transportaion. 2014. A 'Kill Chain' Analysis of the 2013 Target Data Breach. Technical Report.

[27]

Zhenyu Wu, Mengjun Xie, and Haining Wang. 2011. Energy Attack on Server Systems. In Proceedings of the 5th USENIX Workshop on Offensive Technologies.

Digital Library

[28]

Heng Zhang, Peng Cheng, Ling Shi, and Jiming Chen. 2016. Optimal DoS attack scheduling in wireless networked control system. IEEE Transactions on Control Systems Technology 24, 3 (2016), 843--852.

[29]

Rongliang Zhou, Zhikui Wang, Cullen E. Bash, Tahir Cade, and Alan McReynolds. 2012. Failure Resistant Data Center Cooling Control through Model-based Thermal Zone Mapping. In Proceedings of the ASME Summer Heat Transfer Conference. 751--757.

Cited By

Fakhouri HAlhadidi BOmar KMakhadmeh SHamad FHalalsheh N(2024)AI-Driven Solutions for Social Engineering Attacks: Detection, Prevention, and Response2024 2nd International Conference on Cyber Resilience (ICCR)10.1109/ICCR61006.2024.10533010(1-8)Online publication date: 26-Feb-2024
https://doi.org/10.1109/ICCR61006.2024.10533010
Illiashenko OKharchenko VBabeshko IFesenko HDi Giandomenico F(2023)Security-Informed Safety Analysis of Autonomous Transport Systems Considering AI-Powered Cyberattacks and ProtectionEntropy10.3390/e2508112325:8(1123)Online publication date: 26-Jul-2023
https://doi.org/10.3390/e25081123
Betelin VGalatenko VKostiukhin K(2023)Neural Network: Predator, Victim, and Information Security ToolOptical Memory and Neural Networks10.3103/S1060992X2204002631:4(323-332)Online publication date: 10-Jan-2023
https://doi.org/10.3103/S1060992X22040026
Show More Cited By

Index Terms

Availability attacks on computing systems through alteration of environmental control: smart malware approach

Recommendations

Distributed Detection of Single-Stage Multipoint Cyber Attacks in a Water Treatment Plant
ASIA CCS '16: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security

A distributed detection method is proposed to detect single stage multi-point (SSMP) attacks on a Cyber Physical System (CPS). Such attacks aim at compromising two or more sensors or actuators at any one stage of a CPS and could totally compromise a ...
Defending Cyber-Physical Attacks on Oil Pipeline Systems: A Game-Theoretic Approach
PrAISe '16: Proceedings of the 1st International Workshop on AI for Privacy and Security

The security of critical infrastructures such as oil and gas cyber-physical systems is a significant concern in today's world where malicious activities are frequent like never before. On one side we have cyber criminals who compromise cyber ...
Prediction of drive-by download attacks on Twitter
Abstract
The popularity of Twitter for information discovery, coupled with the automatic shortening of URLs to save space, given the 140 character limit, provides cybercriminals with an opportunity to obfuscate the URL of a malicious Web page ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ICCPS '19: Proceedings of the 10th ACM/IEEE International Conference on Cyber-Physical Systems

April 2019

367 pages

ISBN:9781450362856

DOI:10.1145/3302509

General Chairs:
Xue Liu
McGill University, Canada
,
Paulo Tabuada
University of California at Los Angeles
,
Program Chairs:
Miroslav Pajic
Duke University
,
Linda Bushnell
University of Washington

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGBED: ACM Special Interest Group on Embedded Systems

In-Cooperation

IEEE-CS\TCRT: TC on Real-Time Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 April 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Science Foundation

Conference

ICCPS '19

Sponsor:

SIGBED

ICCPS '19: ACM/IEEE 10th International Conference on Cyber-Physical Systems

April 16 - 18, 2019

Quebec, Montreal, Canada

Acceptance Rates

Overall Acceptance Rate 25 of 91 submissions, 27%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

15
Total Citations
View Citations
951
Total Downloads

Downloads (Last 12 months)158
Downloads (Last 6 weeks)8

Reflects downloads up to 09 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Fakhouri HAlhadidi BOmar KMakhadmeh SHamad FHalalsheh N(2024)AI-Driven Solutions for Social Engineering Attacks: Detection, Prevention, and Response2024 2nd International Conference on Cyber Resilience (ICCR)10.1109/ICCR61006.2024.10533010(1-8)Online publication date: 26-Feb-2024
https://doi.org/10.1109/ICCR61006.2024.10533010
Illiashenko OKharchenko VBabeshko IFesenko HDi Giandomenico F(2023)Security-Informed Safety Analysis of Autonomous Transport Systems Considering AI-Powered Cyberattacks and ProtectionEntropy10.3390/e2508112325:8(1123)Online publication date: 26-Jul-2023
https://doi.org/10.3390/e25081123
Betelin VGalatenko VKostiukhin K(2023)Neural Network: Predator, Victim, and Information Security ToolOptical Memory and Neural Networks10.3103/S1060992X2204002631:4(323-332)Online publication date: 10-Jan-2023
https://doi.org/10.3103/S1060992X22040026
Sheldon JZhu WAbdullah AButler KIslam MRampazzi STarasov VZhang YAnwar AMi N(2023)Deep Note: Can Acoustic Interference Damage the Availability of Hard Disk Storage in Underwater Data Centers?Proceedings of the 15th ACM Workshop on Hot Topics in Storage and File Systems10.1145/3599691.3603403(51-57)Online publication date: 9-Jul-2023
https://dl.acm.org/doi/10.1145/3599691.3603403
von der Assen JCeldrán ALuechinger JSánchez PBovet GPérez GStiller B(2023)RansomAI: AI-Powered Ransomware for Stealthy EncryptionGLOBECOM 2023 - 2023 IEEE Global Communications Conference10.1109/GLOBECOM54140.2023.10437393(2578-2583)Online publication date: 4-Dec-2023
https://doi.org/10.1109/GLOBECOM54140.2023.10437393
Chung KCao PKalbarczyk ZIyer R(2023)stealthML: Data-driven Malware for Stealthy Data Exfiltration2023 IEEE International Conference on Cyber Security and Resilience (CSR)10.1109/CSR57506.2023.10224946(16-21)Online publication date: 31-Jul-2023
https://doi.org/10.1109/CSR57506.2023.10224946
Fritsch LJaber AYazidi A(2023)An Overview of Artificial Intelligence Used in MalwareNordic Artificial Intelligence Research and Development10.1007/978-3-031-17030-0_4(41-51)Online publication date: 2-Feb-2023
https://doi.org/10.1007/978-3-031-17030-0_4
Guembe BAzeta AMisra SOsamor VFernandez-Sanz LPospelova V(2022)The Emerging Threat of Ai-driven Cyber Attacks: A ReviewApplied Artificial Intelligence10.1080/08839514.2022.203725436:1Online publication date: 4-Mar-2022
https://doi.org/10.1080/08839514.2022.2037254
Turtiainen HCostin APolyakov AHämäläinen T(2022)Offensive Machine Learning Methods and the Cyber Kill ChainArtificial Intelligence and Cybersecurity10.1007/978-3-031-15030-2_6(125-145)Online publication date: 1-Aug-2022
https://doi.org/10.1007/978-3-031-15030-2_6
Bagchi S(2022)Security for Software on Tiny DevicesSystem Dependability and Analytics10.1007/978-3-031-02063-6_7(141-160)Online publication date: 26-Jul-2022
https://doi.org/10.1007/978-3-031-02063-6_7
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents