Dynamic Network Path Provisioning and Selection for the Detection and Mitigation of Data Tampering Attacks in Networked Control Systems

Networked control systems can help build cost-effective and flexible industrial systems. A system that can function while being immune to cyberattacks is necessary. A method called fixed redundant path selection (FRPS) has been proposed to detect and mitigate data tampering attacks in a networked mo...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Kento Aida, Kenta Yamada, Ryosuke Hotchi, Ryogo Kubo
Formato: article
Lenguaje:EN
Publicado: IEEE 2021
Materias:
Acceso en línea:https://doaj.org/article/19a8eee0fa0d4edeaa33828504d36217
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
id oai:doaj.org-article:19a8eee0fa0d4edeaa33828504d36217
record_format dspace
spelling oai:doaj.org-article:19a8eee0fa0d4edeaa33828504d362172021-11-18T00:07:42ZDynamic Network Path Provisioning and Selection for the Detection and Mitigation of Data Tampering Attacks in Networked Control Systems2169-353610.1109/ACCESS.2021.3124024https://doaj.org/article/19a8eee0fa0d4edeaa33828504d362172021-01-01T00:00:00Zhttps://ieeexplore.ieee.org/document/9592785/https://doaj.org/toc/2169-3536Networked control systems can help build cost-effective and flexible industrial systems. A system that can function while being immune to cyberattacks is necessary. A method called fixed redundant path selection (FRPS) has been proposed to detect and mitigate data tampering attacks in a networked motion control system. This system contains redundant forward network paths from the controller to the motor sides to detect the attacked path by comparing the values that are received through respective paths. Then, a path selector on the motor side chooses a value on the path that is not attacked based on the majority decision. Increasing the number of redundant paths improves the detection performance of simultaneous attacks against multiple paths. However, it also increases the amount of traffic because the same data are transmitted to all of the redundant paths. This study proposes a dynamic redundant path selection (DRPS) method to balance the detection performance and the amount of traffic. The proposed method initially applies three redundant paths and changes the number of redundant paths to five only when the path selector detects a difference among the received values for the three paths. The experiments confirm that the proposed DRPS outperforms the conventional FRPS. The former can detect and mitigate the data tampering attacks while reducing the number of network paths during tampering detection when the system is exposed to simultaneous attacks against up to two of the redundant paths.Kento AidaKenta YamadaRyosuke HotchiRyogo KuboIEEEarticleCyberattackcyber-physical systemmotion controlnetworked control systemtampering detectionElectrical engineering. Electronics. Nuclear engineeringTK1-9971ENIEEE Access, Vol 9, Pp 147430-147441 (2021)
institution DOAJ
collection DOAJ
language EN
topic Cyberattack
cyber-physical system
motion control
networked control system
tampering detection
Electrical engineering. Electronics. Nuclear engineering
TK1-9971
spellingShingle Cyberattack
cyber-physical system
motion control
networked control system
tampering detection
Electrical engineering. Electronics. Nuclear engineering
TK1-9971
Kento Aida
Kenta Yamada
Ryosuke Hotchi
Ryogo Kubo
Dynamic Network Path Provisioning and Selection for the Detection and Mitigation of Data Tampering Attacks in Networked Control Systems
description Networked control systems can help build cost-effective and flexible industrial systems. A system that can function while being immune to cyberattacks is necessary. A method called fixed redundant path selection (FRPS) has been proposed to detect and mitigate data tampering attacks in a networked motion control system. This system contains redundant forward network paths from the controller to the motor sides to detect the attacked path by comparing the values that are received through respective paths. Then, a path selector on the motor side chooses a value on the path that is not attacked based on the majority decision. Increasing the number of redundant paths improves the detection performance of simultaneous attacks against multiple paths. However, it also increases the amount of traffic because the same data are transmitted to all of the redundant paths. This study proposes a dynamic redundant path selection (DRPS) method to balance the detection performance and the amount of traffic. The proposed method initially applies three redundant paths and changes the number of redundant paths to five only when the path selector detects a difference among the received values for the three paths. The experiments confirm that the proposed DRPS outperforms the conventional FRPS. The former can detect and mitigate the data tampering attacks while reducing the number of network paths during tampering detection when the system is exposed to simultaneous attacks against up to two of the redundant paths.
format article
author Kento Aida
Kenta Yamada
Ryosuke Hotchi
Ryogo Kubo
author_facet Kento Aida
Kenta Yamada
Ryosuke Hotchi
Ryogo Kubo
author_sort Kento Aida
title Dynamic Network Path Provisioning and Selection for the Detection and Mitigation of Data Tampering Attacks in Networked Control Systems
title_short Dynamic Network Path Provisioning and Selection for the Detection and Mitigation of Data Tampering Attacks in Networked Control Systems
title_full Dynamic Network Path Provisioning and Selection for the Detection and Mitigation of Data Tampering Attacks in Networked Control Systems
title_fullStr Dynamic Network Path Provisioning and Selection for the Detection and Mitigation of Data Tampering Attacks in Networked Control Systems
title_full_unstemmed Dynamic Network Path Provisioning and Selection for the Detection and Mitigation of Data Tampering Attacks in Networked Control Systems
title_sort dynamic network path provisioning and selection for the detection and mitigation of data tampering attacks in networked control systems
publisher IEEE
publishDate 2021
url https://doaj.org/article/19a8eee0fa0d4edeaa33828504d36217
work_keys_str_mv AT kentoaida dynamicnetworkpathprovisioningandselectionforthedetectionandmitigationofdatatamperingattacksinnetworkedcontrolsystems
AT kentayamada dynamicnetworkpathprovisioningandselectionforthedetectionandmitigationofdatatamperingattacksinnetworkedcontrolsystems
AT ryosukehotchi dynamicnetworkpathprovisioningandselectionforthedetectionandmitigationofdatatamperingattacksinnetworkedcontrolsystems
AT ryogokubo dynamicnetworkpathprovisioningandselectionforthedetectionandmitigationofdatatamperingattacksinnetworkedcontrolsystems
_version_ 1718425210006274048