NoiSense Print : detecting data integrity attacks on sensor measurements using hardware-based fingerprints

Ahmed, Chuadhry Mujeeb and Mathur, Aditya P. and Ochoa, Martín (2020) NoiSense Print : detecting data integrity attacks on sensor measurements using hardware-based fingerprints. ACM Transactions on Privacy and Security, 24 (1). 2. ISSN 2471-2574 (https://doi.org/10.1145/3410447)

Preview

Text. Filename: Ahmed_etal_ACM_TOPS_2020_NoiSense_Print_detecting_data_integrity_attacks_on_sensor_measurements.pdf Accepted Author Manuscript Download (889kB)| Preview

Abstract

Fingerprinting of various physical and logical devices has been proposed for uniquely identifying users or devices of mainstream IT systems such as PCs, laptops, and smart phones. However, the application of such techniques in Industrial Control Systems (ICS) is less explored for reasons such as a lack of direct access to such systems and the cost of faithfully reproducing realistic threat scenarios. This work addresses the feasibility of using fingerprinting techniques in the context of realistic ICS related to water treatment and distribution systems. A model-free sensor fingerprinting scheme (NoiSense) and a model-based sensor fingerprinting scheme (NoisePrint) are proposed. Using extensive experimentation with sensors, it is shown that noise patterns due to microscopic imperfections in hardware manufacturing can uniquely identify sensors with accuracy as high as 97%. The proposed technique can be used to detect physical attacks, such as the replacement of legitimate sensors by faulty or manipulated sensors. For NoisePrint, a combined fingerprint for sensor and process noise is created. The difference (called residual), between expected and observed values, i.e., noise, is used to derive a model of the system. It was found that in steady state the residual vector is a function of process and sensor noise. Data from experiments reveals that a multitude of sensors can be uniquely identified with a minimum accuracy of 90% based on NoisePrint. Also proposed is a novel challenge-response protocol that exposes more powerful cyber-attacks, including replay attacks.

ORCID iDs

Ahmed, Chuadhry Mujeeb ORCID: https://orcid.org/0000-0003-3644-0465

• Share and Export
  

  ASCII CitationEP3 XMLRIS (EndNote Online, Zotero, Ref manager, etc)HTML CitationOpenURL ContextObject in SpanRIOXX2 XMLRDF+N-TriplesBibTeXMPEG-21 DIDLMODSRefWorksRDF+N3Multiline CSVJSONDublin CoreData Cite XMLSimple MetadataEndNoteAtomMETSOpenURL ContextObjectRDF+XMLRefer
• Item metadata

  Item type:	Article
  ID code:	74860
  Dates:	Date Event 30 November 2020 Published 28 September 2020 Published Online 1 July 2020 Accepted
  Notes:	© Author 2020. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in ACM Transactions on Privacy and Security, http://dx.doi.org/10.1145/3410447
  Subjects:	Bibliography. Library Science. Information Resources > Information resources > Electronic information resources
  Department:	Faculty of Science > Computer and Information Sciences
  Depositing user:	Pure Administrator
  Date deposited:	10 Dec 2020 12:45
  Last modified:	12 Dec 2024 10:40
  URI:	https://strathprints.strath.ac.uk/id/eprint/74860