Detection of Cyber Attacks in Industrial Control Systems by Intrinsic Sensor Data
Amir Globerson, Blavatnik School of Computer Science, TAU
Matan Gavish, Computer Science and Engineering, HUJI
Ronen Talmon, Electrical Engineering, Technion
Generative neural models have improved dramatically recently. With this progress comes the risk that such models will be used to attack systems that rely on sensor data for authentication and anomaly detection. Many such learning systems are installed worldwide, protecting critical infrastructure or private data against malfunction and cyber attacks.
In this research, we formulated the scenario of such an authentication system facing generative impersonation attacks, and characterized it from a theoretical perspective and explore its practical implications.
In particular, we asked fundamental theoretical questions in learning, statistics and information theory:
How hard is it to detect a “fake reality”?
How much data does the attacker need to collect before it can reliably generate nominally-looking artificial data?
Are there optimal strategies for the attacker or the authenticator?
We cast the problem as a maximin game, characterize the optimal strategy for both attacker and authenticator in the general case, and provide the optimal strategies in closed form for the case of Gaussian source distributions. Our analysis reveals the structure of the optimal attack and the relative importance of data collection for both authenticator and attacker.
Based on these insights we design practical learning approaches and show that they result in models that are more robust to various attacks on real-world data. Our method was applied to problems of handwriting recognition as well as face authentication. It was found to significantly outperform strong baselines in terms of robustness to attacks.
The work was accepted for publication at the prestigious ICLR 2020 conference, which is the top venue for work in deep learning. In fact the paper received the highest reviewing scores among all submissions to the conference and was selected for oral presentation.
After publication of the paper, we are continuing to make progress on theoretical questions related to the setup above. Namely, can we obtain closed form estimates for other distributions.
We have also begun to explore the important application to video, which introduces a host of theoretical and practical challenges.