Uncovering stealthy cyberattacks that can cripple infrastructure
Cyber-physical systems (CPSs) describe those in which computers are responsible for controlling physical machinery, supported by a network of sensors. CPSs include infrastructure such as the power grid, water distribution networks and traffic management systems. Sensor data in CPSs is typically sent wirelessly, and is vulnerable to malicious interference. Kangkang Zhang, the CSP-CPS-A-ICA project’s principal researcher and a research associate at Imperial College London, focuses on the security vulnerabilities in these systems. Supported by the Marie Skłodowska-Curie Actions programme, Zhang aimed to build a theoretical foundation of the problem, and then implement the results to provide practical solutions. “I’m working to develop new methodologies against the potential cyberattacks, such as attack detection, and the ability to discriminate between faults and attacks,” he says.
Stealthy attacks
His focus was on so-called ‘stealthy’ attacks. If the attacker has access to the wireless networks, they can launch an attack by injecting false data, prompting the controlling computer to take improper actions. “If the attacker intelligently designs the injected data, then the attack will not show up at the system measurements, but will cause serious damage to the internals of the system,” Zhang adds. An example is the Stuxnet computer worm that was created to attack Iran’s nuclear programme. The virus caused the high-speed gas centrifuges used to enrich uranium to spin out of control and destroy themselves, all while reporting safe readings to the operators.
Security strategies
Zhang was able to build a methodology to detect such stealthy attacks using a complex mathematical data analysis. By reconstructing historical data along the system dynamics, the malicious input can be revealed. “The concept is not totally fail-safe, and still has a very small risk profile,” notes Zhang. “When the attack is perfectly stealthy, this methodology may fail.” Nevertheless, Zhang’s research supports a wide range of security efforts. “I try to provide mathematical tools for finding vulnerabilities in these cyber-physical systems, to tell people this system has vulnerabilities so they can change the design, such as putting more sensors or actuators in place.” His work will also help researchers to distinguish intentional cyberattacks from more prosaic faults in industrial systems, and spotlight what strategies can be taken to mitigate damage from an attack on the system. Since completing the fellowship in August this year, Zhang has been working at Imperial College London while looking for a permanent job in academia. He is also applying for grants from the European Research Council and UK Research and Innovation to support further research in this space, including on security for drone aircraft and AI systems. Zhang says: “I hope to test our cybersecurity results on more and more practical systems and build a sustainable research group to deeply investigate this problem.”
Keywords
CSP-CPS-A-ICA, cyberattack, stealthy, sensor, cyber-physical systems, detection, distinguish, industrial, Stuxnet, infrastructure