Difference between revisions of "Projects:2020s2-7331 Take-over and retrieve control: attack and defence in networked multi-agent systems"

Abstract here

Introduction

A cyber-physical system (CPS) is a computer system in which a mechanism is controlled or monitored by computer-based algorithms. CPS is widely used in many industries, including smart grid, autonomous automobile systems, medical monitoring, industrial control systems, robotics systems, and automatic pilot avionics. With the rapid development of CPS, cyber security becomes the major concern in the application of CPS technology. The project aims to explore the relationship between physical layer and cyber layer within a CPS, find the system vulnerabilities that may be used by cyber-attackers, and modify the system to prevent potential cyber-attack. To achieve the objective, a multi-agent system (MAS) with cyber defence and control retrieve capabilities will be developed using CPS technology. Various types of cyber-attacks will be designed and developed to test on the MAS and ensure its robustness. Each member of the project team is assigned one of the four objectives as his/her major focus, which will be discussed in the following section.

Project Team

Project Students

• Moyang Feng – a1726464
• Shuqi Li – a1700965
• Liuxin Shen – a1710063
• Zhiang Cheng – a1707604

Supervisors

• Professor Peng Shi
• Professor Cheng-Chew Lim

Advisors

• Xin Yuan
• Yuan Sun
• Zhi Lian
• Yang Fei

Motivations

• Networked MAS is an active research topic among CPSs
• Existence of cyber-security problems in CPSs
• Unpredictable cyber-attacks affect the performance of CPSs

Project Aim

• Develop cyber-defence mechanisms for a networked MAS under various cyber-attacks, and implement environment scanning for the system.

Objectives

• Design and build a networked MAS for environment scanning
• Analyse and simulate various cyber-attacks techniques on the proposed MAS
• Design and build a cyber-defence module to predict, prevent and retrieve control on the MAS from attackers

Background

Agent

• An independent and autonomous software entity.

Multi-agent System (MAS)​

• A group of interacting intelligent agents[1]​.
• Designed to complete complex tasks [1].

Cyber-physical System (CPS)

• An integration of computation, networking, and physical processes [2].
• Widely used in many industries (smart grid, automobile, etc.).
• Networked Multi-agent System is a form of CPS.

Cyber Attack

• An unpredictable malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself [3].

Cyber Security in CPS

• Techniques and measures taken to prevent and protect the system from attacks [4].
• Confidentiality, Integrity, Availability, Authenticity [4].

Method

Networked Multi-agent System

• The host and agents operate in parallel with bidirectional communication
• Agents handle precise motor control and data collection
• The host handles data processing and area scanning plots

Cyber-attack

• DoS Attack that floods attack based on the UDP protocol with enormous number of packets sent to the communication ports
• Replay Attack is a kind of information disclosure that replays previously sniffed outdated packets
• Deception Attack captures packets passed between the host and the agents, injects and resends false data. It is a variant of replay attack.

Cyber-defence

• Mirroring methods for communication
• Retrieve control and feedback to the host
• Unique ID encrypted through random seed
• Boundary checks to maintain stability

Results

The project team has implemented a multi-agent system and designed a conference room test scenario under simulation. The MAS is capable of defending DoS and deception attacks while scanning the area.

Area scanning results when operating without external cyber-attacks

Area scanning results under deception attacks without defence module enabled

Area scanning results under deception attacks with defence module enabled

The figures show comparisons of area scanning results in the test scenario, where the blue dots are traces of the agents and red dots are the scanned points reported from the agents. The MAS succeeded in defending DoS and deception attacks and only responded to the correct messages from the host. The system was corrupted by the DoS attack at first and produced no result, but after activating the defence module the results were as normal. Replay attack results were ignored due to its ineffectiveness in this scenario.

Conclusion

In this project, we have achieved the following: 

• Implemented the MAS for environment scanning in a simulated conference room scenario
• Simulated various types of cyber-attack on the designed MAS
• Built effective cyber-defence mechanisms into the MAS

However, there are still aspects need to be improved in the future, including: 

• Porting the MAS from simulation environment to physical environment 
• Improving the performance of the MAS under different test scenarios
• Optimising the cyber-defence mechanisms to prevent other types of potential cyber-attacks

References

[1] F. Alkhateeb, E. A. Maghayreh and S. Aljawarneh, "A Multi Agent-Based System for Securing University Campus: Design and Architecture," 2010 International Conference on Intelligent Systems, Modelling and Simulation, Liverpool, 2010, pp. 75-79, doi: 10.1109/ISMS.2010.25.​

[2] E. Lee, "Cyber Physical Systems: Design Challenges", 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC), 2008. doi: 10.1109/isorc.2008.25.​

[3] "Committee on National Security Systems (CNSS) Glossary", Rmf.org, 2020. [Online]. Available: https://rmf.org/wp-content/uploads/2017/10/CNSSI-4009.pdf. [Accessed: 17- Sep- 2020].​

[4] C. K. Keerthi, M. A. Jabbar and B. Seetharamulu, "Cyber Physical Systems(CPS):Security Issues, Challenges and Solutions," 2017 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), Coimbatore, 2017, pp. 1-4, doi: 10.1109/ICCIC.2017.8524312.