-
MISGUIDE: Security-Aware Attack Analytics for Smart Grid Load Frequency Control
Authors:
Nur Imtiazul Haque,
Prabin Mali,
Mohammad Zakaria Haider,
Mohammad Ashiqur Rahman,
Sumit Paudyal
Abstract:
Incorporating advanced information and communication technologies into smart grids (SGs) offers substantial operational benefits while increasing vulnerability to cyber threats like false data injection (FDI) attacks. Current SG attack analysis tools predominantly employ formal methods or adversarial machine learning (ML) techniques with rule-based bad data detectors to analyze the attack space. H…
▽ More
Incorporating advanced information and communication technologies into smart grids (SGs) offers substantial operational benefits while increasing vulnerability to cyber threats like false data injection (FDI) attacks. Current SG attack analysis tools predominantly employ formal methods or adversarial machine learning (ML) techniques with rule-based bad data detectors to analyze the attack space. However, these attack analytics either generate simplistic attack vectors detectable by the ML-based anomaly detection models (ADMs) or fail to identify critical attack vectors from complex controller dynamics in a feasible time. This paper introduces MISGUIDE, a novel defense-aware attack analytics designed to extract verifiable multi-time slot-based FDI attack vectors from complex SG load frequency control dynamics and ADMs, utilizing the Gurobi optimizer. MISGUIDE can identify optimal (maliciously triggering under/over frequency relays in minimal time) and stealthy attack vectors. Using real-world load data, we validate the MISGUIDE-identified attack vectors through real-time hardware-in-the-loop (OPALRT) simulations of the IEEE 39-bus system.
△ Less
Submitted 7 November, 2024;
originally announced November 2024.
-
SHATTER: Control and Defense-Aware Attack Analytics for Activity-Driven Smart Home Systems
Authors:
Nur Imtiazul Haque,
Maurice Ngouen,
Mohammad Ashiqur Rahman,
Selcuk Uluagac,
Laurent Njilla
Abstract:
Modern smart home control systems utilize real-time occupancy and activity monitoring to ensure control efficiency, occupants' comfort, and optimal energy consumption. Moreover, adopting machine learning-based anomaly detection models (ADMs) enhances security and reliability. However, sufficient system knowledge allows adversaries/attackers to alter sensor measurements through stealthy false data…
▽ More
Modern smart home control systems utilize real-time occupancy and activity monitoring to ensure control efficiency, occupants' comfort, and optimal energy consumption. Moreover, adopting machine learning-based anomaly detection models (ADMs) enhances security and reliability. However, sufficient system knowledge allows adversaries/attackers to alter sensor measurements through stealthy false data injection (FDI) attacks. Although ADMs limit attack scopes, the availability of information like occupants' location, conducted activities, and alteration capability of smart appliances increase the attack surface. Therefore, performing an attack space analysis of modern home control systems is crucial to design robust defense solutions. However, state-of-the-art analyzers do not consider contemporary control and defense solutions and generate trivial attack vectors. To address this, we propose a control and defense-aware novel attack analysis framework for a modern smart home control system, efficiently extracting ADM rules. We verify and validate our framework using a state-of-the-art dataset and a prototype testbed.
△ Less
Submitted 27 April, 2023;
originally announced May 2023.
-
BIoTA Control-Aware Attack Analytics for Building Internet of Things
Authors:
Nur Imtiazul Haque,
Mohammad Ashiqur Rahman,
Dong Chen,
Hisham Kholidy
Abstract:
Modern building control systems adopt demand control heating, ventilation, and cooling (HVAC) for increased energy efficiency. The integration of the Internet of Things (IoT) in the building control system can determine real-time demand, which has made the buildings smarter, reliable, and efficient. As occupants in a building are the main source of continuous heat and $CO_2$ generation, estimating…
▽ More
Modern building control systems adopt demand control heating, ventilation, and cooling (HVAC) for increased energy efficiency. The integration of the Internet of Things (IoT) in the building control system can determine real-time demand, which has made the buildings smarter, reliable, and efficient. As occupants in a building are the main source of continuous heat and $CO_2$ generation, estimating the accurate number of people in real-time using building IoT (BIoT) system facilities is essential for optimal energy consumption and occupants' comfort. However, the incorporation of less secured IoT sensor nodes and open communication network in the building control system eventually increases the number of vulnerable points to be compromised. Exploiting these vulnerabilities, attackers can manipulate the controller with false sensor measurements and disrupt the system's consistency. The attackers with the knowledge of overall system topology and control logics can launch attacks without alarming the system. This paper proposes a building internet of things analyzer (BIoTA) framework\footnote{https://github.com/imtiazulhaque/research-implementations/tree/main/biota} that assesses the smart building HVAC control system's security using formal attack modeling. We evaluate the proposed attack analyzer's effectiveness on the commercial occupancy dataset (COD) and the KTH live-in lab dataset. To the best of our knowledge, this is the first research attempt to formally model a BIoT-based HVAC control system and perform an attack analysis.
△ Less
Submitted 23 July, 2021;
originally announced July 2021.
-
A Novel Framework for Threat Analysis of Machine Learning-based Smart Healthcare Systems
Authors:
Nur Imtiazul Haque,
Mohammad Ashiqur Rahman,
Md Hasan Shahriar,
Alvi Ataur Khalil,
Selcuk Uluagac
Abstract:
Smart healthcare systems (SHSs) are providing fast and efficient disease treatment leveraging wireless body sensor networks (WBSNs) and implantable medical devices (IMDs)-based internet of medical things (IoMT). In addition, IoMT-based SHSs are enabling automated medication, allowing communication among myriad healthcare sensor devices. However, adversaries can launch various attacks on the commun…
▽ More
Smart healthcare systems (SHSs) are providing fast and efficient disease treatment leveraging wireless body sensor networks (WBSNs) and implantable medical devices (IMDs)-based internet of medical things (IoMT). In addition, IoMT-based SHSs are enabling automated medication, allowing communication among myriad healthcare sensor devices. However, adversaries can launch various attacks on the communication network and the hardware/firmware to introduce false data or cause data unavailability to the automatic medication system endangering the patient's life. In this paper, we propose SHChecker, a novel threat analysis framework that integrates machine learning and formal analysis capabilities to identify potential attacks and corresponding effects on an IoMT-based SHS. Our framework can provide us with all potential attack vectors, each representing a set of sensor measurements to be altered, for an SHS given a specific set of attack attributes, allowing us to realize the system's resiliency, thus the insight to enhance the robustness of the model. We implement SHChecker on a synthetic and a real dataset, which affirms that our framework can reveal potential attack vectors in an IoMT system. This is a novel effort to formally analyze supervised and unsupervised machine learning models for black-box SHS threat analysis.
△ Less
Submitted 4 March, 2021;
originally announced March 2021.
-
Adversarial Attacks to Machine Learning-Based Smart Healthcare Systems
Authors:
AKM Iqtidar Newaz,
Nur Imtiazul Haque,
Amit Kumar Sikder,
Mohammad Ashiqur Rahman,
A. Selcuk Uluagac
Abstract:
The increasing availability of healthcare data requires accurate analysis of disease diagnosis, progression, and realtime monitoring to provide improved treatments to the patients. In this context, Machine Learning (ML) models are used to extract valuable features and insights from high-dimensional and heterogeneous healthcare data to detect different diseases and patient activities in a Smart Hea…
▽ More
The increasing availability of healthcare data requires accurate analysis of disease diagnosis, progression, and realtime monitoring to provide improved treatments to the patients. In this context, Machine Learning (ML) models are used to extract valuable features and insights from high-dimensional and heterogeneous healthcare data to detect different diseases and patient activities in a Smart Healthcare System (SHS). However, recent researches show that ML models used in different application domains are vulnerable to adversarial attacks. In this paper, we introduce a new type of adversarial attacks to exploit the ML classifiers used in a SHS. We consider an adversary who has partial knowledge of data distribution, SHS model, and ML algorithm to perform both targeted and untargeted attacks. Employing these adversarial capabilities, we manipulate medical device readings to alter patient status (disease-affected, normal condition, activities, etc.) in the outcome of the SHS. Our attack utilizes five different adversarial ML algorithms (HopSkipJump, Fast Gradient Method, Crafting Decision Tree, Carlini & Wagner, Zeroth Order Optimization) to perform different malicious activities (e.g., data poisoning, misclassify outputs, etc.) on a SHS. Moreover, based on the training and testing phase capabilities of an adversary, we perform white box and black box attacks on a SHS. We evaluate the performance of our work in different SHS settings and medical devices. Our extensive evaluation shows that our proposed adversarial attack can significantly degrade the performance of a ML-based SHS in detecting diseases and normal activities of the patients correctly, which eventually leads to erroneous treatment.
△ Less
Submitted 7 October, 2020;
originally announced October 2020.
-
Machine Learning in Generation, Detection, and Mitigation of Cyberattacks in Smart Grid: A Survey
Authors:
Nur Imtiazul Haque,
Md Hasan Shahriar,
Md Golam Dastgir,
Anjan Debnath,
Imtiaz Parvez,
Arif Sarwat,
Mohammad Ashiqur Rahman
Abstract:
Smart grid (SG) is a complex cyber-physical system that utilizes modern cyber and physical equipment to run at an optimal operating point. Cyberattacks are the principal threats confronting the usage and advancement of the state-of-the-art systems. The advancement of SG has added a wide range of technologies, equipment, and tools to make the system more reliable, efficient, and cost-effective. Des…
▽ More
Smart grid (SG) is a complex cyber-physical system that utilizes modern cyber and physical equipment to run at an optimal operating point. Cyberattacks are the principal threats confronting the usage and advancement of the state-of-the-art systems. The advancement of SG has added a wide range of technologies, equipment, and tools to make the system more reliable, efficient, and cost-effective. Despite attaining these goals, the threat space for the adversarial attacks has also been expanded because of the extensive implementation of the cyber networks. Due to the promising computational and reasoning capability, machine learning (ML) is being used to exploit and defend the cyberattacks in SG by the attackers and system operators, respectively. In this paper, we perform a comprehensive summary of cyberattacks generation, detection, and mitigation schemes by reviewing state-of-the-art research in the SG domain. Additionally, we have summarized the current research in a structured way using tabular format. We also present the shortcomings of the existing works and possible future research direction based on our investigation.
△ Less
Submitted 1 September, 2020;
originally announced October 2020.
-
G-IDS: Generative Adversarial Networks Assisted Intrusion Detection System
Authors:
Md Hasan Shahriar,
Nur Imtiazul Haque,
Mohammad Ashiqur Rahman,
Miguel Alonso Jr
Abstract:
The boundaries of cyber-physical systems (CPS) and the Internet of Things (IoT) are converging together day by day to introduce a common platform on hybrid systems. Moreover, the combination of artificial intelligence (AI) with CPS creates a new dimension of technological advancement. All these connectivity and dependability are creating massive space for the attackers to launch cyber attacks. To…
▽ More
The boundaries of cyber-physical systems (CPS) and the Internet of Things (IoT) are converging together day by day to introduce a common platform on hybrid systems. Moreover, the combination of artificial intelligence (AI) with CPS creates a new dimension of technological advancement. All these connectivity and dependability are creating massive space for the attackers to launch cyber attacks. To defend against these attacks, intrusion detection system (IDS) has been widely used. However, emerging CPS technologies suffer from imbalanced and missing sample data, which makes the training of IDS difficult. In this paper, we propose a generative adversarial network (GAN) based intrusion detection system (G-IDS), where GAN generates synthetic samples, and IDS gets trained on them along with the original ones. G-IDS also fixes the difficulties of imbalanced or missing data problems. We model a network security dataset for an emerging CPS using NSL KDD-99 dataset and evaluate our proposed model's performance using different metrics. We find that our proposed G-IDS model performs much better in attack detection and model stabilization during the training process than a standalone IDS.
△ Less
Submitted 31 May, 2020;
originally announced June 2020.
