| With the high integration of industry and information technology(IT),a large number of cyber threats are flooding into industrial control network.The cybersecurity of critical infrastructures has become one of the most addressed issues in industrial control network.Although many detection approaches are developed with burgeoning research interests,the technical capability of existing detection methods is still insufficient because the stealth integrity attacks have occurred.In addition,a reliable and efficient testbed is crucial for research on cyber-attacks.Nowadays,the existing testbeds have some problems,such as high cost,poor portability,and lack adjustability for different attacks.It seriously hinders the research of industrial control network security.Based on the problems existed in the detection of integrity attacks in industrial control network,this paper mainly studies the following aspects:(1)We propose a semi-physical simulation testbed.The boiler-turbine unit,controllers,actuators and sensors are simulated by Raspberry.The communication way among raspberry 3B employs Modbus/Tcp by physical links.The performances of the boiler-turbine unit in open loop and close loop are verified in the proposed testbed.In addition,few works have been done to verify the impact of attacks on virtual or physical plants to ensure that the testbed accurately simulates a real system.Therefore,the integrity attacks are injected into the proposed testbed to verify the reliable of the proposed testbed for cybersecurity of industrial control network.(2)We propose a novel data analytical algorithm to identify the stealth tampering attacks in ICSs according to the correlation analysis.First,the improved grey relational analysis is used to evaluate the correlation between measurements and control variables.Then,SVM is used to classify the tampering attack according to the values of correlation.A dataset is created from the proposed testbed to verify the effectiveness of the proposed algorithm.In addition,the performance of the proposed algorithm is also studied based on the new gas pipeline dataset(GS).Such a novel algorithm,which has better accuracy and reliability,is compared with the state of the art based on the data analysis.(3)Replay attack is one of the most stealth in industrial control systems at present.Therefore,this paper focuses on replay attacks in industrial control systems.Based on Kalman filter,the general form of the effect of replay attack on the cumulative deviation of target system control is derived.The effect of the replay attack duration and the content of the replay attack data on the cumulative deviation of the control amount is also analyzed.Finally,it is verified by experimental simulation that the replay attack duration and the content of the replay attack data determine the amount of accumulated deviation of the control,which in turn determines the strength of the replay attack on the target system. |
PDF Full Text Request