Design and Analysis of Intrusion Detection Protocols in Cyber Physical Systems

dc.contributor.authorMitchel, Robert Raymondl IIIen
dc.contributor.committeechairChen, Ing-Rayen
dc.contributor.committeememberEltoweissy, Mohamed Youssefen
dc.contributor.committeememberLu, Chang-Tienen
dc.contributor.committeememberLou, Wenjingen
dc.contributor.committeememberMidkiff, Scott F.en
dc.contributor.departmentComputer Scienceen
dc.date.accessioned2013-04-24T08:00:20Zen
dc.date.available2013-04-24T08:00:20Zen
dc.date.issued2013-04-23en
dc.description.abstractIn this dissertation research we aim to design and validate intrusion detection system (IDS) protocols for a cyber physical system (CPS) comprising sensors, actuators, control units, and physical objects for controlling and protecting physical infrastructures.<br />The design part includes host IDS, system IDS and IDS response designs. The validation part includes a novel model-based analysis methodology with simulation validation. Our objective is to maximize the CPS reliability or lifetime in the presence of malicious nodes performing attacks which can cause security failures. Our host IDS design results in a lightweight, accurate, autonomous and adaptive protocol that runs on every node in the CPS to detect misbehavior of neighbor nodes based on state-based behavior specifications. Our system IDS design results in a robust and resilient protocol that can cope with malicious, erroneous, partly trusted, uncertain and incomplete information in a CPS. Our IDS response design results in a highly adaptive and dynamic control protocol that can adjust detection strength in response to environment changes in attacker strength and behavior. The end result is an energy-aware and adaptive IDS that can maximize the CPS lifetime in the presence of malicious attacks, as well as malicious, erroneous, partly trusted, uncertain and incomplete information.<br />We develop a probability model based on stochastic Petri nets to describe the behavior of a CPS incorporating our proposed intrusion detection and response designs, subject to attacks by malicious nodes exhibiting a range of attacker behaviors, including reckless, random, insidious and opportunistic attacker models. We identify optimal intrusion detection settings under which the CPS reliability or lifetime is maximized for each attacker model. Adaptive control for maximizing IDS performance is achieved by dynamically adjusting detection and response strength in response to attacker strength and behavior detected at runtime. We conduct extensive analysis of our designs with four case studies, namely, a mobile group CPS, a medical CPS, a smart grid CPS and an unmanned aircraft CPS. The results show that our adaptive intrusion and response designs operating at optimizing conditions significantly outperform existing anomaly-based IDS techniques for CPSs.en
dc.description.degreePh. D.en
dc.format.mediumETDen
dc.identifier.othervt_gsexam:726en
dc.identifier.urihttp://hdl.handle.net/10919/19338en
dc.publisherVirginia Techen
dc.rightsIn Copyrighten
dc.rights.urihttp://rightsstatements.org/vocab/InC/1.0/en
dc.subjectIntrusion Detection Systemsen
dc.subjectCyber Physical Systemsen
dc.titleDesign and Analysis of Intrusion Detection Protocols in Cyber Physical Systemsen
dc.typeDissertationen
thesis.degree.disciplineComputer Science and Applicationsen
thesis.degree.grantorVirginia Polytechnic Institute and State Universityen
thesis.degree.leveldoctoralen
thesis.degree.namePh. D.en

Files

Original bundle
Now showing 1 - 2 of 2
Loading...
Thumbnail Image
Name:
Mitchell_RR_D_2013.pdf
Size:
2.78 MB
Format:
Adobe Portable Document Format
Loading...
Thumbnail Image
Name:
Mitchell_RR_D_2013_support_1.pdf
Size:
1.02 MB
Format:
Adobe Portable Document Format
Description:
Supporting documents