论文标题
积极的测试和保护网络物理系统
Active Fuzzing for Testing and Securing Cyber-Physical Systems
论文作者
论文摘要
关键基础设施中的网络物理系统(CPSS)面临着攻击者的普遍威胁,激发了对确保它们的各种对策的研究。但是,评估这些对策的有效性是具有挑战性的,但是,由于攻击的实际基准很难手动构建,因此由于巨大的搜索空间和资源要求,盲目测试是无效的,并且智能模糊方法需要不切实际的数据和网络访问。在这项工作中,我们提出了主动模糊,这是一种自动方法,用于查找数据包级CPS网络攻击的测试套件,以攻击者可以观察传感器和操纵数据包的方案,但没有有关有效载荷编码的现有知识。我们的方法学习了用于预测采样网络数据包产生的传感器值的回归模型,并使用这些预测来指导搜索有效负载操作(即位翻转),最有可能将CPS驱动到不安全状态。我们解决方案的关键是使用在线主动学习,该学习通过对估计可最大程度地改进的有效载荷进行采样来迭代更新模型。我们通过将其用于水净化工厂测试床实施主动模糊的功效,发现它可以自动发现流量,压力和过度/底流攻击的测试套件,而与最可比的方法相比,所有这些都具有较少的时间,数据和网络访问。最后,我们证明我们的预测模型也可以用作对策本身,将它们作为异常检测器和预警系统实施。
Cyber-physical systems (CPSs) in critical infrastructure face a pervasive threat from attackers, motivating research into a variety of countermeasures for securing them. Assessing the effectiveness of these countermeasures is challenging, however, as realistic benchmarks of attacks are difficult to manually construct, blindly testing is ineffective due to the enormous search spaces and resource requirements, and intelligent fuzzing approaches require impractical amounts of data and network access. In this work, we propose active fuzzing, an automatic approach for finding test suites of packet-level CPS network attacks, targeting scenarios in which attackers can observe sensors and manipulate packets, but have no existing knowledge about the payload encodings. Our approach learns regression models for predicting sensor values that will result from sampled network packets, and uses these predictions to guide a search for payload manipulations (i.e. bit flips) most likely to drive the CPS into an unsafe state. Key to our solution is the use of online active learning, which iteratively updates the models by sampling payloads that are estimated to maximally improve them. We evaluate the efficacy of active fuzzing by implementing it for a water purification plant testbed, finding it can automatically discover a test suite of flow, pressure, and over/underflow attacks, all with substantially less time, data, and network access than the most comparable approach. Finally, we demonstrate that our prediction models can also be utilised as countermeasures themselves, implementing them as anomaly detectors and early warning systems.