Difference between revisions of "Projects:2020s2-7331 Take-over and retrieve control: attack and defence in networked multi-agent systems"

From Projects
Jump to: navigation, search
(Results)
(Results)
Line 77: Line 77:
 
[[File:No def deception.png|thumb|Area scanning results under deception attacks without defence module enabled]]
 
[[File:No def deception.png|thumb|Area scanning results under deception attacks without defence module enabled]]
 
[[File:Def deception.png|thumb|Area scanning results under deception attacks with defence module enabled]]
 
[[File:Def deception.png|thumb|Area scanning results under deception attacks with defence module enabled]]
 +
 +
 +
The figures show comparisons of area scanning results in the test scenario, where the blue dots are traces of the agents and red dots are the scanned points reported from the agents. The MAS succeeded in defending DoS and deception attacks and only responded to the correct messages from the host. The system was corrupted by the DoS attack at first and produced no result, but after activating the defence module the results were as normal. Replay attack results were ignored due to its ineffectiveness in this scenario.
  
 
== Conclusion ==
 
== Conclusion ==

Revision as of 19:35, 8 June 2021

Abstract here

Introduction

A cyber-physical system (CPS) is a computer system in which a mechanism is controlled or monitored by computer-based algorithms. CPS is widely used in many industries, including smart grid, autonomous automobile systems, medical monitoring, industrial control systems, robotics systems, and automatic pilot avionics. With the rapid development of CPS, cyber security becomes the major concern in the application of CPS technology. The project aims to explore the relationship between physical layer and cyber layer within a CPS, find the system vulnerabilities that may be used by cyber-attackers, and modify the system to prevent potential cyber-attack. To achieve the objective, a multi-agent system (MAS) with cyber defence and control retrieve capabilities will be developed using CPS technology. Various types of cyber-attacks will be designed and developed to test on the MAS and ensure its robustness. Each member of the project team is assigned one of the four objectives as his/her major focus, which will be discussed in the following section.

Project Team

Project Students

  • Moyang Feng – a1726464
  • Shuqi Li – a1700965
  • Liuxin Shen – a1710063
  • Zhiang Cheng – a1707604

Supervisors

  • Professor Peng Shi
  • Professor Cheng-Chew Lim

Advisors

  • Xin Yuan
  • Yuan Sun
  • Zhi Lian
  • Yang Fei

Motivations

  • Networked MAS is an active research topic among CPSs
  • Existence of cyber-security problems in CPSs
  • Unpredictable cyber-attacks affect the performance of CPSs

Project Aim

  • Develop cyber-defence mechanisms for a networked MAS under various cyber-attacks, and implement environment scanning for the system.

Objectives

  • Design and build a networked MAS for environment scanning
  • Analyse and simulate various cyber-attacks techniques on the proposed MAS
  • Design and build a cyber-defence module to predict, prevent and retrieve control on the MAS from attackers

Background

Agent

  • An independent and autonomous software entity.

Multi-agent System (MAS)​

  • A group of interacting intelligent agents[1]​.
  • Designed to complete complex tasks [1].

Cyber-physical System (CPS)

  • An integration of computation, networking, and physical processes [2].
  • Widely used in many industries (smart grid, automobile, etc.).
  • Networked Multi-agent System is a form of CPS.

Cyber Attack

  • An unpredictable malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself [3].

Cyber Security in CPS

  • Techniques and measures taken to prevent and protect the system from attacks [4].
  • Confidentiality, Integrity, Availability, Authenticity [4].

Method

Networked Multi-agent System

  • The host and agents operate in parallel with bidirectional communication
  • Agents handle precise motor control and data collection
  • The host handles data processing and area scanning plots

Cyber-attack

  • DoS Attack that floods attack based on the UDP protocol with enormous number of packets sent to the communication ports
  • Replay Attack is a kind of information disclosure that replays previously sniffed outdated packets
  • Deception Attack captures packets passed between the host and the agents, injects and resends false data. It is a variant of replay attack.

Cyber-defence

  • Mirroring methods for communication
  • Retrieve control and feedback to the host
  • Unique ID encrypted through random seed
  • Boundary checks to maintain stability

Results

The project team has implemented a multi-agent system and designed a conference room test scenario under simulation. The MAS is capable of defending DoS and deception attacks while scanning the area.

Area scanning results when operating without external cyber-attacks
Area scanning results under deception attacks without defence module enabled
Area scanning results under deception attacks with defence module enabled


The figures show comparisons of area scanning results in the test scenario, where the blue dots are traces of the agents and red dots are the scanned points reported from the agents. The MAS succeeded in defending DoS and deception attacks and only responded to the correct messages from the host. The system was corrupted by the DoS attack at first and produced no result, but after activating the defence module the results were as normal. Replay attack results were ignored due to its ineffectiveness in this scenario.

Conclusion

References

[1] F. Alkhateeb, E. A. Maghayreh and S. Aljawarneh, "A Multi Agent-Based System for Securing University Campus: Design and Architecture," 2010 International Conference on Intelligent Systems, Modelling and Simulation, Liverpool, 2010, pp. 75-79, doi: 10.1109/ISMS.2010.25.​

[2] E. Lee, "Cyber Physical Systems: Design Challenges", 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC), 2008. doi: 10.1109/isorc.2008.25.​

[3] "Committee on National Security Systems (CNSS) Glossary", Rmf.org, 2020. [Online]. Available: https://rmf.org/wp-content/uploads/2017/10/CNSSI-4009.pdf. [Accessed: 17- Sep- 2020].​

[4] C. K. Keerthi, M. A. Jabbar and B. Seetharamulu, "Cyber Physical Systems(CPS):Security Issues, Challenges and Solutions," 2017 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), Coimbatore, 2017, pp. 1-4, doi: 10.1109/ICCIC.2017.8524312.