Cyber-attack detection is essential for ensuring the cybersecurity of control systems. However, existing methods for detecting cyber-attacks often require extensive upgrades to field modules or modifications to specific monitoring signals. To address this issue, this book introduces a novel replay attack detection scheme that integrates dynamical system characteristics with data-driven implementation, requiring only control and monitoring side implementation. Specifically, this approach considers the impact of replay attacks and the control system’s response by proposing a dynamical delay estimation method for detection. The detection logic is based on characterizing and comparing the fluctuation ranges of dynamical delays. A sliding window technique is used to quantify the dynamical delay between the input and output data of the cyber-physical control system. Additionally, a randomized algorithm is employed to determine the initial value of the delay estimation method, while online updating of the dynamical delay estimation is provided for real-time replay attack detection. To emphasize the replay attack effect, an innovative window adaptive strategy is developed for adaptive detection and tracking of replay attacks.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Replay Attack Detection for Cyber-Physical Control Systems: A Dynamical Delay Estimation Method

  • Dong Zhao,
  • Bo Yang,
  • Yueyang Li,
  • Hui Zhang

摘要

Cyber-attack detection is essential for ensuring the cybersecurity of control systems. However, existing methods for detecting cyber-attacks often require extensive upgrades to field modules or modifications to specific monitoring signals. To address this issue, this book introduces a novel replay attack detection scheme that integrates dynamical system characteristics with data-driven implementation, requiring only control and monitoring side implementation. Specifically, this approach considers the impact of replay attacks and the control system’s response by proposing a dynamical delay estimation method for detection. The detection logic is based on characterizing and comparing the fluctuation ranges of dynamical delays. A sliding window technique is used to quantify the dynamical delay between the input and output data of the cyber-physical control system. Additionally, a randomized algorithm is employed to determine the initial value of the delay estimation method, while online updating of the dynamical delay estimation is provided for real-time replay attack detection. To emphasize the replay attack effect, an innovative window adaptive strategy is developed for adaptive detection and tracking of replay attacks.