Difference between revisions of "Projects:2020s2-7331 Take-over and retrieve control: attack and defence in networked multi-agent systems"

From Projects
Jump to: navigation, search
(Objectives)
(Networked Multi-agent System)
 
(22 intermediate revisions by the same user not shown)
Line 8: Line 8:
 
To achieve the objective, a multi-agent system (MAS) with cyber defence and control retrieve capabilities will be developed using CPS technology. Various types of cyber-attacks will be designed and developed to test on the MAS and ensure its robustness. Each member of the project team is assigned one of the four objectives as his/her major focus, which will be discussed in the following section.  
 
To achieve the objective, a multi-agent system (MAS) with cyber defence and control retrieve capabilities will be developed using CPS technology. Various types of cyber-attacks will be designed and developed to test on the MAS and ensure its robustness. Each member of the project team is assigned one of the four objectives as his/her major focus, which will be discussed in the following section.  
  
=== Project team ===
+
=== Project Team ===
==== Project students ====
+
==== Project Students ====
 
* Moyang Feng – a1726464
 
* Moyang Feng – a1726464
 
* Shuqi Li – a1700965
 
* Shuqi Li – a1700965
 
* Liuxin Shen – a1710063
 
* Liuxin Shen – a1710063
 
* Zhiang Cheng – a1707604
 
* Zhiang Cheng – a1707604
 +
 
==== Supervisors ====
 
==== Supervisors ====
 
* Professor Peng Shi
 
* Professor Peng Shi
 +
* Professor Cheng-Chew Lim
 +
 
==== Advisors ====
 
==== Advisors ====
 
* Xin Yuan
 
* Xin Yuan
Line 21: Line 24:
 
* Zhi Lian
 
* Zhi Lian
 
* Yang Fei
 
* Yang Fei
 +
 +
=== Motivations ===
 +
* Networked MAS is an active research topic among CPSs
 +
* Existence of cyber-security problems in CPSs
 +
* Unpredictable cyber-attacks affect the performance of CPSs
 +
 +
=== Project Aim ===
 +
* Develop cyber-defence mechanisms for a networked MAS under various cyber-attacks, and implement environment scanning for the system.
 +
 
=== Objectives ===
 
=== Objectives ===
* Design and implement a Multi-Agent System under MATLAB and V-REP environment
+
* Design and build a networked MAS for environment scanning
* Design and simulate various cyber-attacks on the proposed MAS
+
* Analyse and simulate various cyber-attacks techniques on the proposed MAS
* Design and build a prediction and prevention system for defending cyber-attacks
+
* Design and build a cyber-defence module to predict, prevent and retrieve control on the MAS from attackers
* Design control-retrieve techniques on the MAS after it is hacked
 
  
 
== Background ==
 
== Background ==
=== Topic 1 ===
+
=== Agent ===
 +
* An independent and autonomous software entity.
 +
=== Multi-agent System (MAS)​ ===
 +
* A group of interacting intelligent agents[1]​.
 +
* Designed to complete complex tasks [1].
 +
=== Cyber-physical System (CPS) ===
 +
* An integration of computation, networking, and physical processes [2].
 +
* Widely used in many industries (smart grid, automobile, etc.).
 +
* Networked Multi-agent System is a form of CPS.
 +
=== Cyber Attack ===
 +
* An unpredictable malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself [3].
 +
 
 +
=== Cyber Security in CPS ===
 +
* Techniques and measures taken to prevent and protect the system from attacks [4].
 +
* Confidentiality, Integrity, Availability, Authenticity [4].
  
 
== Method ==
 
== Method ==
 +
=== Networked Multi-agent System ===
 +
[[File:System Diagram 7331.png|thumb|System diagram]]
 +
[[File:Communication flowchart.png|thumb|Communication module]]
 +
* The host and agents operate in parallel with bidirectional communication
 +
* Agents handle precise motor control and data collection
 +
* The host handles data processing and area scanning plots
 +
 +
=== Cyber-attack ===
 +
[[File:Attack flowchart.png|thumb|Attack flowchart]]
 +
* DoS Attack that floods attack based on the UDP protocol with enormous number of packets sent to the communication ports
 +
* Replay Attack is a kind of information disclosure that replays previously sniffed outdated packets
 +
* Deception Attack captures packets passed between the host and the agents, injects and resends false data. It is a variant of replay attack.
 +
 +
=== Cyber-defence ===
 +
[[File:System Defence.png|thumb|Defence module]]
 +
* Mirroring methods for communication
 +
* Retrieve control and feedback to the host
 +
* Unique ID encrypted through random seed
 +
* Boundary checks to maintain stability
  
 
== Results ==
 
== Results ==
 +
The project team has implemented a multi-agent system and designed a conference room test scenario under simulation. The MAS is capable of defending DoS and deception attacks while scanning the area.
 +
[[File:No def.png|thumb|Area scanning results when operating without external cyber-attacks]]
 +
[[File:No def deception.png|thumb|Area scanning results under deception attacks without defence module enabled]]
 +
[[File:Def deception.png|thumb|Area scanning results under deception attacks with defence module enabled]]
 +
 +
The figures show comparisons of area scanning results in the test scenario, where the blue dots are traces of the agents and red dots are the scanned points reported from the agents. The MAS succeeded in defending DoS and deception attacks and only responded to the correct messages from the host. The system was corrupted by the DoS attack at first and produced no result, but after activating the defence module the results were as normal. Replay attack results were ignored due to its ineffectiveness in this scenario.
  
 
== Conclusion ==
 
== Conclusion ==
 +
In this project, we have achieved the following: 
 +
* Implemented the MAS for environment scanning in a simulated conference room scenario
 +
* Simulated various types of cyber-attack on the designed MAS
 +
* Built effective cyber-defence mechanisms into the MAS
 +
However, there are still aspects need to be improved in the future, including: 
 +
* Porting the MAS from simulation environment to physical environment 
 +
* Improving the performance of the MAS under different test scenarios
 +
* Optimising the cyber-defence mechanisms to prevent other types of potential cyber-attacks
  
 
== References ==
 
== References ==
[1] a, b, c, "Simple page", In Proceedings of the Conference of Simpleness, 2010.
+
[1] F. Alkhateeb, E. A. Maghayreh and S. Aljawarneh, "A Multi Agent-Based System for Securing University Campus: Design and Architecture," 2010 International Conference on Intelligent Systems, Modelling and Simulation, Liverpool, 2010, pp. 75-79, doi: 10.1109/ISMS.2010.25.​
 +
 
 +
[2] E. Lee, "Cyber Physical Systems: Design Challenges", 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC), 2008. doi: 10.1109/isorc.2008.25.​
 +
 
 +
[3] "Committee on National Security Systems (CNSS) Glossary", Rmf.org, 2020. [Online]. Available: https://rmf.org/wp-content/uploads/2017/10/CNSSI-4009.pdf. [Accessed: 17- Sep- 2020].
  
[2] ...
+
[4] C. K. Keerthi, M. A. Jabbar and B. Seetharamulu, "Cyber Physical Systems(CPS):Security Issues, Challenges and Solutions," 2017 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), Coimbatore, 2017, pp. 1-4, doi: 10.1109/ICCIC.2017.8524312.

Latest revision as of 19:40, 8 June 2021

Abstract here

Introduction

A cyber-physical system (CPS) is a computer system in which a mechanism is controlled or monitored by computer-based algorithms. CPS is widely used in many industries, including smart grid, autonomous automobile systems, medical monitoring, industrial control systems, robotics systems, and automatic pilot avionics. With the rapid development of CPS, cyber security becomes the major concern in the application of CPS technology. The project aims to explore the relationship between physical layer and cyber layer within a CPS, find the system vulnerabilities that may be used by cyber-attackers, and modify the system to prevent potential cyber-attack. To achieve the objective, a multi-agent system (MAS) with cyber defence and control retrieve capabilities will be developed using CPS technology. Various types of cyber-attacks will be designed and developed to test on the MAS and ensure its robustness. Each member of the project team is assigned one of the four objectives as his/her major focus, which will be discussed in the following section.

Project Team

Project Students

  • Moyang Feng – a1726464
  • Shuqi Li – a1700965
  • Liuxin Shen – a1710063
  • Zhiang Cheng – a1707604

Supervisors

  • Professor Peng Shi
  • Professor Cheng-Chew Lim

Advisors

  • Xin Yuan
  • Yuan Sun
  • Zhi Lian
  • Yang Fei

Motivations

  • Networked MAS is an active research topic among CPSs
  • Existence of cyber-security problems in CPSs
  • Unpredictable cyber-attacks affect the performance of CPSs

Project Aim

  • Develop cyber-defence mechanisms for a networked MAS under various cyber-attacks, and implement environment scanning for the system.

Objectives

  • Design and build a networked MAS for environment scanning
  • Analyse and simulate various cyber-attacks techniques on the proposed MAS
  • Design and build a cyber-defence module to predict, prevent and retrieve control on the MAS from attackers

Background

Agent

  • An independent and autonomous software entity.

Multi-agent System (MAS)​

  • A group of interacting intelligent agents[1]​.
  • Designed to complete complex tasks [1].

Cyber-physical System (CPS)

  • An integration of computation, networking, and physical processes [2].
  • Widely used in many industries (smart grid, automobile, etc.).
  • Networked Multi-agent System is a form of CPS.

Cyber Attack

  • An unpredictable malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself [3].

Cyber Security in CPS

  • Techniques and measures taken to prevent and protect the system from attacks [4].
  • Confidentiality, Integrity, Availability, Authenticity [4].

Method

Networked Multi-agent System

System diagram
Communication module
  • The host and agents operate in parallel with bidirectional communication
  • Agents handle precise motor control and data collection
  • The host handles data processing and area scanning plots

Cyber-attack

Attack flowchart
  • DoS Attack that floods attack based on the UDP protocol with enormous number of packets sent to the communication ports
  • Replay Attack is a kind of information disclosure that replays previously sniffed outdated packets
  • Deception Attack captures packets passed between the host and the agents, injects and resends false data. It is a variant of replay attack.

Cyber-defence

Defence module
  • Mirroring methods for communication
  • Retrieve control and feedback to the host
  • Unique ID encrypted through random seed
  • Boundary checks to maintain stability

Results

The project team has implemented a multi-agent system and designed a conference room test scenario under simulation. The MAS is capable of defending DoS and deception attacks while scanning the area.

Area scanning results when operating without external cyber-attacks
Area scanning results under deception attacks without defence module enabled
Area scanning results under deception attacks with defence module enabled

The figures show comparisons of area scanning results in the test scenario, where the blue dots are traces of the agents and red dots are the scanned points reported from the agents. The MAS succeeded in defending DoS and deception attacks and only responded to the correct messages from the host. The system was corrupted by the DoS attack at first and produced no result, but after activating the defence module the results were as normal. Replay attack results were ignored due to its ineffectiveness in this scenario.

Conclusion

In this project, we have achieved the following: 

  • Implemented the MAS for environment scanning in a simulated conference room scenario
  • Simulated various types of cyber-attack on the designed MAS
  • Built effective cyber-defence mechanisms into the MAS

However, there are still aspects need to be improved in the future, including: 

  • Porting the MAS from simulation environment to physical environment 
  • Improving the performance of the MAS under different test scenarios
  • Optimising the cyber-defence mechanisms to prevent other types of potential cyber-attacks

References

[1] F. Alkhateeb, E. A. Maghayreh and S. Aljawarneh, "A Multi Agent-Based System for Securing University Campus: Design and Architecture," 2010 International Conference on Intelligent Systems, Modelling and Simulation, Liverpool, 2010, pp. 75-79, doi: 10.1109/ISMS.2010.25.​

[2] E. Lee, "Cyber Physical Systems: Design Challenges", 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC), 2008. doi: 10.1109/isorc.2008.25.​

[3] "Committee on National Security Systems (CNSS) Glossary", Rmf.org, 2020. [Online]. Available: https://rmf.org/wp-content/uploads/2017/10/CNSSI-4009.pdf. [Accessed: 17- Sep- 2020].​

[4] C. K. Keerthi, M. A. Jabbar and B. Seetharamulu, "Cyber Physical Systems(CPS):Security Issues, Challenges and Solutions," 2017 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), Coimbatore, 2017, pp. 1-4, doi: 10.1109/ICCIC.2017.8524312.