Blogs (1) >>
ASE 2019
Sun 10 - Fri 15 November 2019 San Diego, California, United States
Thu 14 Nov 2019 16:20 - 16:40 at Cortez 1 - Emerging Domains Chair(s): Joshua Garcia

The threat of attack faced by cyber-physical systems (CPSs), especially when they play a critical role in automating public infrastructure, has motivated research into a wide variety of attack defence mechanisms. Assessing their effectiveness is challenging, however, as realistic sets of attacks to test them against are not always available. In this paper, we propose smart fuzzing, an automated, machine learning guided technique for systematically finding ‘test suites’ of CPS network attacks, without requiring any expertise in the system’s control programs or physical processes. Our approach uses predictive machine learning models and metaheuristic search algorithms to guide the fuzzing of actuators so as to drive the CPS into different unsafe physical states. We demonstrate the efficacy of smart fuzzing by implementing it for two real-world CPS testbeds—a water purification plant and a water distribution system—finding attacks that drive them into 27 different unsafe states involving water flow, pressure, and tank levels, including six that were not covered by an established attack benchmark. Finally, we use our approach to test the effectiveness of an invariant-based defence system for the water treatment plant, finding two attacks that were not detected by its physical invariant checks, highlighting a potential weakness that could be exploited in certain conditions.

Slides (2019-11-ASE-for-web.pdf)5.99MiB

Thu 14 Nov
Times are displayed in time zone: (GMT-07:00) Tijuana, Baja California change

16:00 - 17:40: Papers - Emerging Domains at Cortez 1
Chair(s): Joshua GarciaUniversity of California, Irvine
ase-2019-papers16:00 - 16:20
Jeffrey PalmerinoRochester Institute of Technology, Qi YuRochester Institute of Technology, Travis Desell University of North Dakota, Daniel KrutzRochester Institute of Technology
ase-2019-papers16:20 - 16:40
Yuqi ChenSingapore University of Technology and Design, Singapore, Chris PoskittSingapore University of Technology and Design, Jun SunSingapore Management University, Singapore, Sridhar AdepuSingapore University of Technology and Design, Singapore, Fan ZhangZhejiang University, Zhejiang Lab, and Alibaba-Zhejiang University Joint Institute of Frontier Technologies, China
DOI Pre-print File Attached
ase-2019-Journal-First-Presentations16:40 - 17:00
Man ZhangKristiania University, Shaukat AliSimula Research Lab, Tao YueNanjing University of Aeronautics and Astronautics & Simula Research Laboratory
Link to publication
ase-2019-Journal-First-Presentations17:00 - 17:20
George MathewDepartment of Computer Science, North Carolina State University, Amritanshu AgrawalWayfair, Tim MenziesNorth Carolina State University
Link to publication
ase-2019-Demonstrations17:20 - 17:30
Rohit MehraAccenture Labs, India, Vibhu Saujanya SharmaAccenture Labs, Vikrant KaulgudAccenture Labs, India, Sanjay PodderAccenture
ase-2019-Demonstrations17:30 - 17:40
Zixin LiNanjing University, Haoran WuState Key Laboratory for Novel Software Technology, Nanjing University, Jiehui XuNanjing University, Xingya WangState Key Laboratory for Novel Software Technology, Nanjing University, Lingming ZhangThe University of Texas at Dallas, Zhenyu ChenNanjing University