Low-complexity secure protocols to defend cyber-physical systems against network isolation attacks

Dong Hoon Shin; Jinkyu Koo; Lei Yang; Xiaojun Lin; Saurabh Bagchi; Junshan Zhang

doi:10.1109/CNS.2013.6682696

Low-complexity secure protocols to defend cyber-physical systems against network isolation attacks

Dong Hoon Shin, Jinkyu Koo, Lei Yang, Xiaojun Lin, Saurabh Bagchi, Junshan Zhang

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

5 Scopus citations

Abstract

This paper studies the network isolation attack, a devastating type of attacks on cyber-physical systems. In this attack, an adversary compromises a set of nodes that enclose a region in order to isolate the region from the rest of the network. Assuming that the compromised nodes wish not to be detected, we propose a solution to defend against the network isolation attack. Our goal is to achieve the following security guarantee: either a legitimate node can successfully deliver a message to another legitimate node, or the network control center can identify a small set of suspect nodes, which are guaranteed to contain a compromised node. Toward achieving this goal, we develop two protocols: one is for secure delivery of messages among nodes and the other is for secure collection of messages from nodes at the network control center. We show that our proposed protocols are provably secure, i.e., attain the aforementioned security guarantee. Further, our protocols achieve this guarantee with overhead that is orders-of-magnitude smaller than existing baseline protocols. Our proposed protocols are thus scalable for large networks.

Original language	English (US)
Title of host publication	2013 IEEE Conference on Communications and Network Security, CNS 2013
Publisher	IEEE Computer Society
Pages	91-99
Number of pages	9
ISBN (Print)	9781479908950
DOIs	https://doi.org/10.1109/CNS.2013.6682696
State	Published - Jan 1 2013
Event	1st IEEE International Conference on Communications and Network Security, CNS 2013 - Washington, DC, United States Duration: Oct 14 2013 → Oct 16 2013

Publication series

Name	2013 IEEE Conference on Communications and Network Security, CNS 2013

Other

Other	1st IEEE International Conference on Communications and Network Security, CNS 2013
Country	United States
City	Washington, DC
Period	10/14/13 → 10/16/13

ASJC Scopus subject areas

Computer Networks and Communications

Access to Document

10.1109/CNS.2013.6682696

Fingerprint Dive into the research topics of 'Low-complexity secure protocols to defend cyber-physical systems against network isolation attacks'. Together they form a unique fingerprint.

Cite this

Shin, D. H., Koo, J., Yang, L., Lin, X., Bagchi, S., & Zhang, J. (2013). Low-complexity secure protocols to defend cyber-physical systems against network isolation attacks. In 2013 IEEE Conference on Communications and Network Security, CNS 2013 (pp. 91-99). [6682696] (2013 IEEE Conference on Communications and Network Security, CNS 2013). IEEE Computer Society. https://doi.org/10.1109/CNS.2013.6682696

Low-complexity secure protocols to defend cyber-physical systems against network isolation attacks. / Shin, Dong Hoon; Koo, Jinkyu; Yang, Lei; Lin, Xiaojun; Bagchi, Saurabh; Zhang, Junshan.

2013 IEEE Conference on Communications and Network Security, CNS 2013. IEEE Computer Society, 2013. p. 91-99 6682696 (2013 IEEE Conference on Communications and Network Security, CNS 2013).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Shin, DH, Koo, J, Yang, L, Lin, X, Bagchi, S & Zhang, J 2013, Low-complexity secure protocols to defend cyber-physical systems against network isolation attacks. in 2013 IEEE Conference on Communications and Network Security, CNS 2013., 6682696, 2013 IEEE Conference on Communications and Network Security, CNS 2013, IEEE Computer Society, pp. 91-99, 1st IEEE International Conference on Communications and Network Security, CNS 2013, Washington, DC, United States, 10/14/13. https://doi.org/10.1109/CNS.2013.6682696

Shin DH, Koo J, Yang L, Lin X, Bagchi S, Zhang J. Low-complexity secure protocols to defend cyber-physical systems against network isolation attacks. In 2013 IEEE Conference on Communications and Network Security, CNS 2013. IEEE Computer Society. 2013. p. 91-99. 6682696. (2013 IEEE Conference on Communications and Network Security, CNS 2013). https://doi.org/10.1109/CNS.2013.6682696

Shin, Dong Hoon ; Koo, Jinkyu ; Yang, Lei ; Lin, Xiaojun ; Bagchi, Saurabh ; Zhang, Junshan. / Low-complexity secure protocols to defend cyber-physical systems against network isolation attacks. 2013 IEEE Conference on Communications and Network Security, CNS 2013. IEEE Computer Society, 2013. pp. 91-99 (2013 IEEE Conference on Communications and Network Security, CNS 2013).

@inproceedings{a4d4627d4d2f4aa282a78413f67c3b06,

title = "Low-complexity secure protocols to defend cyber-physical systems against network isolation attacks",

abstract = "This paper studies the network isolation attack, a devastating type of attacks on cyber-physical systems. In this attack, an adversary compromises a set of nodes that enclose a region in order to isolate the region from the rest of the network. Assuming that the compromised nodes wish not to be detected, we propose a solution to defend against the network isolation attack. Our goal is to achieve the following security guarantee: either a legitimate node can successfully deliver a message to another legitimate node, or the network control center can identify a small set of suspect nodes, which are guaranteed to contain a compromised node. Toward achieving this goal, we develop two protocols: one is for secure delivery of messages among nodes and the other is for secure collection of messages from nodes at the network control center. We show that our proposed protocols are provably secure, i.e., attain the aforementioned security guarantee. Further, our protocols achieve this guarantee with overhead that is orders-of-magnitude smaller than existing baseline protocols. Our proposed protocols are thus scalable for large networks.",

author = "Shin, {Dong Hoon} and Jinkyu Koo and Lei Yang and Xiaojun Lin and Saurabh Bagchi and Junshan Zhang",

year = "2013",

month = jan,

day = "1",

doi = "10.1109/CNS.2013.6682696",

language = "English (US)",

isbn = "9781479908950",

series = "2013 IEEE Conference on Communications and Network Security, CNS 2013",

publisher = "IEEE Computer Society",

pages = "91--99",

booktitle = "2013 IEEE Conference on Communications and Network Security, CNS 2013",

note = "1st IEEE International Conference on Communications and Network Security, CNS 2013 ; Conference date: 14-10-2013 Through 16-10-2013",

}

TY - GEN

T1 - Low-complexity secure protocols to defend cyber-physical systems against network isolation attacks

AU - Shin, Dong Hoon

AU - Koo, Jinkyu

AU - Yang, Lei

AU - Lin, Xiaojun

AU - Bagchi, Saurabh

AU - Zhang, Junshan

PY - 2013/1/1

Y1 - 2013/1/1

N2 - This paper studies the network isolation attack, a devastating type of attacks on cyber-physical systems. In this attack, an adversary compromises a set of nodes that enclose a region in order to isolate the region from the rest of the network. Assuming that the compromised nodes wish not to be detected, we propose a solution to defend against the network isolation attack. Our goal is to achieve the following security guarantee: either a legitimate node can successfully deliver a message to another legitimate node, or the network control center can identify a small set of suspect nodes, which are guaranteed to contain a compromised node. Toward achieving this goal, we develop two protocols: one is for secure delivery of messages among nodes and the other is for secure collection of messages from nodes at the network control center. We show that our proposed protocols are provably secure, i.e., attain the aforementioned security guarantee. Further, our protocols achieve this guarantee with overhead that is orders-of-magnitude smaller than existing baseline protocols. Our proposed protocols are thus scalable for large networks.

AB - This paper studies the network isolation attack, a devastating type of attacks on cyber-physical systems. In this attack, an adversary compromises a set of nodes that enclose a region in order to isolate the region from the rest of the network. Assuming that the compromised nodes wish not to be detected, we propose a solution to defend against the network isolation attack. Our goal is to achieve the following security guarantee: either a legitimate node can successfully deliver a message to another legitimate node, or the network control center can identify a small set of suspect nodes, which are guaranteed to contain a compromised node. Toward achieving this goal, we develop two protocols: one is for secure delivery of messages among nodes and the other is for secure collection of messages from nodes at the network control center. We show that our proposed protocols are provably secure, i.e., attain the aforementioned security guarantee. Further, our protocols achieve this guarantee with overhead that is orders-of-magnitude smaller than existing baseline protocols. Our proposed protocols are thus scalable for large networks.

UR - http://www.scopus.com/inward/record.url?scp=84893581477&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84893581477&partnerID=8YFLogxK

U2 - 10.1109/CNS.2013.6682696

DO - 10.1109/CNS.2013.6682696

M3 - Conference contribution

AN - SCOPUS:84893581477

SN - 9781479908950

T3 - 2013 IEEE Conference on Communications and Network Security, CNS 2013

SP - 91

EP - 99

BT - 2013 IEEE Conference on Communications and Network Security, CNS 2013

PB - IEEE Computer Society

T2 - 1st IEEE International Conference on Communications and Network Security, CNS 2013

Y2 - 14 October 2013 through 16 October 2013

ER -