Probabilistic verification of attack detection using logical observer

Lefebvre D.
;Seatzu C.;Giua A.
Ultimo
2020-01-01

Abstract

This paper focuses on the detection of cyber-attacks in a timed probabilistic setting. The plant and the possible attacks are described in terms of a labeled continuous time Markov model that includes both observable and unobservable events, and where each attack corresponds to a particular subset of states. Consequently, attack detection is reformulated as a state estimation problem. A verification methodology is described using a parallel-like composition of the Markov model and its logical observer. The construction of this parallel composition allows us to (i) concisely characterize the set of attacks that can be detected based on the sequences of observations they generate, and (ii) compute performance indicators of interest, such as the a priori probability of an undetectable attack, the average detectability, and the mean delay to detection.
2020
Inglese
IFAC-PapersOnLine
Elsevier B.V.
RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS
IFAC-PAPERSONLINE
53
4
95
100
6
WOS:000651644000015
2-s2.0-85106639250
15th IFAC Workshop on Discrete Event Systems, WODES 2020
Contributo
Esperti anonimi
November 11-13, 2020
Rio de Janeiro, Brasil
internazionale
scientifica
average attack detectability
continuous time Markov model
Cyber-security
4 Contributo in Atti di Convegno (Proceeding)::4.1 Contributo in Atti di convegno
Lefebvre, D.; Seatzu, C.; Hadjicostis, C. N.; Giua, A.
273
4
4.1 Contributo in Atti di convegno
open
info:eu-repo/semantics/conferencePaper
File in questo prodotto:
File Dimensione Formato  
20wodes_a.pdf

accesso aperto

Tipologia: versione editoriale
Dimensione 374.28 kB
Formato Adobe PDF
Visualizza/Apri
374.28 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Questionario e social

Condividi su:
Impostazioni cookie