Assessing the Effectiveness of Attack Detection at a Hackfest on Industrial Control Systems

被引:22
作者
Adepu, Sridhar [1 ]
Mathur, Aditya [1 ]
机构
[1] Singapore Univ Technol & Design, Ctr Res Cyber Secur, iTrust, Singapore, Singapore
来源
IEEE TRANSACTIONS ON SUSTAINABLE COMPUTING | 2021年 / 6卷 / 02期
基金
新加坡国家研究基金会;
关键词
Attack detection; capture-the-flag (CTF); cyber-physical attacks; cyber-physical systems; cyber security; industrial control systems; hackfest; water defense; water treatment plant; SECURITY;
D O I
10.1109/TSUSC.2018.2878597
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
A hackfest named SWaT Security Showdown (S-3) has been organized consecutively for two years. S-3 has enabled researchers and practitioners to assess the effectiveness of methods and products aimed at detecting cyber attacks launched in real-time on an operational water treatment plant, namely, Secure Water Treatment (SWaT). In S-3, independent attack teams design and launch attacks on SWaT while defence teams protect the plant passively and raise alarms upon attack detection. Attack teams are scored according to how successful they are in performing attacks based on specific intents while the defense teams are scored based on the effectiveness of their methods to detect the attacks. This paper focuses on the first two instances of S-3 and summarizes the benefits of hackfest and the performance of an attack detection mechanism, named Water Defense, that was exposed to attackers during S-3.
引用
收藏
页码:231 / 244
页数:14
相关论文
共 38 条
[1]  
Adepu S., 2016, WATER DEFENSE A METH, P6
[2]   Distributed Attack Detection in a Water Treatment Plant: Method and Case Study [J].
Adepu, Sridhar ;
Mathur, Aditya .
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2021, 18 (01) :86-99
[3]   Distributed Detection of Single-Stage Multipoint Cyber Attacks in a Water Treatment Plant [J].
Adepu, Sridhar ;
Mathur, Aditya .
ASIA CCS'16: PROCEEDINGS OF THE 11TH ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2016, :449-460
[4]   Argus: An Orthogonal Defense Framework to Protect Public Infrastructure against Cyber-Physical Attacks [J].
Adepu, Sridhar ;
Shrivastava, Siddhant ;
Mathur, Aditya .
IEEE INTERNET COMPUTING, 2016, 20 (05) :38-45
[5]   Using Process Invariants to Detect Cyber Attacks on a Water Treatment System [J].
Adepu, Sridhar ;
Mathur, Aditya .
ICT SYSTEMS SECURITY AND PRIVACY PROTECTION, SEC 2016, 2016, 471 :91-104
[6]   Generalized attacker and attack models for Cyber Physical Systems [J].
Adepu, Sridhar ;
Mathur, Aditya .
PROCEEDINGS 2016 IEEE 40TH ANNUAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE WORKSHOPS, VOL 1, 2016, :283-292
[7]   An Investigation into the Response of a Water Treatment System to Cyber Attacks [J].
Adepu, Sridhar ;
Mathur, Aditya .
2016 IEEE 17TH INTERNATIONAL SYMPOSIUM ON HIGH ASSURANCE SYSTEMS ENGINEERING (HASE), 2016, :141-148
[8]   Model-based Attack Detection Scheme for Smart Water Distribution Networks [J].
Ahmed, Chuadhry Mujeeb ;
Murguia, Carlos ;
Ruths, Justin .
PROCEEDINGS OF THE 2017 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (ASIA CCS'17), 2017, :101-113
[9]  
Allen-Bradley, 2012, LOGIX5000 CONTROLLER, V1756
[10]  
[Anonymous], 2016, CYBER PHYS SYST SECU
1234