Modeling attacker behavior in Cyber-Physical-Systems

  • Samuel Rodriguez Gonzalez University of Oklahoma / Universidad de los Andes
  • Juan Betancourt Osorio Universidad de los Andes
  • Germán Pardo González Universidad de los Andes
  • Daniel Cuellar Universidad de los Andes
  • Camilo Gomez Universidad de los Andes
  • Francesco Mariotti University of Firenze / Consorzio Interuniversitario Nazionale per l’Informatica
  • Leonardo Montecchi Norwegian University of Science and Technology
  • Paolo Lollini University of Firenze / Consorzio Interuniversitario Nazionale per l’Informatica

Resumo


Societies are increasingly dependent on Cyber Physical Systems (CPSs), which are exposed to natural and human-made attacks. Attacks on CPSs can result in security breaches and behaviors that may impose harm on their environments. Understanding attack mechanisms is crucial to preventing losses or damage to people, assets or information. We develop a computational environment that allows to implement attacker agents under a stochastic optimization framework, allowing to use different techniques to model attacking behavior (i.e., policies), including approximate dynamic programming, reinforcement learning, or stochastic programming, as well as arbitrary policies (e.g., rules of thumb). We rely on the ADVISE formalism to represent attack paths on CPSs, leveraging their Markov Decision Process structure to build an environment that allows to test attacker and defender policies. The proposed environment is tested by simulating attacks on a SCADA system previously addressed in the literature, demonstrating satisfactory convergence for a Q-learning algorithm, which allows to identify the attack steps that most frequently lead to successful attacks. The proposed approach allows flexibility in modeling attackers, and allows to conceive models with interacting attacker and defender agents, which is left as the main goal of future work.

Palavras-chave: attacker-defender, reinforcement learning, cyber-physical systems, stochastic optimization
Publicado
21/11/2022
Como Citar

Selecione um Formato
GONZALEZ, Samuel Rodriguez; OSORIO, Juan Betancourt; GONZÁLEZ, Germán Pardo; CUELLAR, Daniel; GOMEZ, Camilo; MARIOTTI, Francesco; MONTECCHI, Leonardo; LOLLINI, Paolo. Modeling attacker behavior in Cyber-Physical-Systems. In: WORKSHOP ON VALIDATION AND VERIFICATION OF FUTURE CYBER-PHYSICAL SYSTEMS (WAFERS), 3. , 2022, Fortaleza/CE. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2022 . p. 117–124.