SAGE: Stealthy Attack GEneration

Cyber-physical systems (CPS) have been increasingly attacked by hackers. Recent studies have shown that CPS are especially vulnerable to insider attacks, in which case the attacker has full knowledge of the systems configuration. To better prevent such types of attacks, we need to understand how insider attacks are generated. Typically, there are three critical aspects for a successful insider attack: (i) Maximize damage, (ii) Avoid detection and (iii) Minimize the attack cost. In this paper we propose a “Stealthy Attack GEneration” (SAGE) framework by formulizing a novel optimization problem considering these three objectives and the physical constraints of the CPS. By adding small worst-case perturbations to the system, the SAGE attack can generate significant damage, while remaining undetected by the systems monitoring algorithms. The proposed methodology is evaluated on several anomaly detection algorithms. The results show that SAGE attacks can cause severe damage while staying undetected and keeping the cost of an attack low. Our method can be accessed in the supplementary material of this paper to aid researcher and practitioners in the design and development of resilient CPS and detection algorithms.

信息物理系统（Cyber-physical Systems, CPS）日益遭受黑客的攻击。现有研究表明，CPS尤其容易受到内部人员攻击——此类攻击场景中，攻击者可完全掌握系统的配置细节。为更好地防范此类攻击，我们需要厘清内部人员攻击的生成机制。通常，一次成功的内部人员攻击需满足三个核心要件：（i）最大化破坏效果，（ii）规避检测，（iii）最小化攻击成本。 本文提出「隐秘攻击生成（Stealthy Attack GEneration, SAGE）」框架，通过构建兼顾上述三大目标与CPS物理约束的新型优化问题实现该框架。该攻击方法通过向系统注入极小的最坏情况扰动，可在不被系统监测算法察觉的前提下，造成显著的破坏效果。 本文所提方法在多款异常检测算法上完成了验证。实验结果表明，SAGE攻击可在保持隐蔽性与低攻击成本的同时，引发严重的系统破坏。研究者与工程实践者可通过本文的补充材料获取该方法的实现，以助力韧性信息物理系统与检测算法的设计与开发。