Browsing by Author "Cardenas, A. A."
Now showing 1 - 2 of 2
- Results Per Page
- Sort Options
Item A Business That Can't Lose: Investing in Attacks against the Colombian Power Grid(Elsevier B.V., 2019-05-31) Barreto, C.; Cardenas, A. A.; Holmes, Jennifer; Palao, Augustin; Restrepo, J. C.; Holmes, Jennifer; Palao, AugustinIn 2005 a company in charge of repairing electric transmission towers made a deal with guerrilla militants to demolish the towers. This company thrived, because the attacks were attributed to guerrilla groups, who commit these attacks often. However, the number of attacks increased significantly, raising alarms and leading to the discovery of the plot. We model this situation as a game between contractors and the power transmission company, and show how misaligned incentives enabled contractors to profit by colluding with guerrilla groups. We also analyze how to modify the contractual policies reducing the incentives to collude with guerrillas. In particular, the transmission company can prevent attacks by creating competition and exploiting market inefficiencies. ©2019 Elsevier B.V.Item Hide and Seek: An Architecture for Improving Attack-Visibility in Industrial Control Systems(Springer Verlag, 2019-06) Giraldo, Jairo; Urbina, David; Cardenas, A. A.; Tippenhauer, N. O.; Giraldo, Jairo; Urbina, DavidIn the past years we have seen an emerging field of research focusing on using the “physics” of a Cyber-Physical System to detect attacks. In its basic form, a security monitor is deployed somewhere in the industrial control network, observes a time-series of the operation of the system, and identifies anomalies in those measurements in order to detect potentially manipulated control commands or manipulated sensor readings. While there is a growing literature on detection mechanisms in that research direction, the problem of where to monitor the physical behavior of the system has received less attention. In this paper, we analyze the problem of where should we monitor these systems, and what attacks can and cannot be detected depending on the location of this network monitor. The location of the monitor is particularly important, because an attacker can bypass attack-detection by lying in some network interfaces while reporting that everything is normal in the others. Our paper is the first detailed study of what can and cannot be detected based on the devices an attacker has compromised and where we monitor our network. We show that there are locations that maximize our visibility against such attacks. Based on our analysis, we design a low-level security monitor that is able to directly observe the field communication between sensors, actuators, and Programmable Logic Controllers (PLCs). We implement that security monitor in a realistic testbed, and demonstrate that it can detect attacks that would otherwise be undetected at the supervisory network. © Springer Nature Switzerland AG 2019.