News Release 

Detecting and mitigating network attacks with a multi-prong approach

Chinese Association of Automation

To solve a problem, you must first see the problem. More than that, whatever fallout the problem is causing must be controlled while you solve it. That's the approach an international team of researchers has taken for combatting network attacks. They published their results in IEEE/CAA Journal of Automatica Sinica.

"The communication network and the physical system in a networked control system are vulnerable to potential malicious attacks--including jamming, replay and others," said Dr. Chandreyee Bhowmick, Department of Electrical and Computer Engineering at the Missouri University of Science and Technology.

"One common attribute of all these attacks is that they all tend to deviate the traffic flow in the communications links from the normal value, thus increasing network-induced delays and packet losses."

Bhowmick and colleagues developed a hybrid learning approach to not only detect attacks, but to compensate for the issues the attacks cause. According to Bhowmick, many cyber-attacks target information availability rather than data secrecy.

"For such attacks, even the most complicated encryption algorithms fail," Bhowmick said. "To address this issue, in this study, we developed novel attack detection and estimation schemes by using a learning approach that captures the vulnerable communication links, which is challenging because the state matrix is unknown."

The state matrix is the state of the system, which includes the speed and type of information flow. A system under attack has even more unpredictable information flow, or lack thereof. In Bhowmick's proposed scheme, an adaptive observer can detect the onset of attacks and learns how the attacks are disrupting the system. This allows the system to react and perform optimally, even under duress.

However, the proposed method isn't perfect, and the researchers plan to fine-tune their approach to operate in even more complicated attacks.

"Although this approach can detect a broad range of t attacks on both the network and the physical system, detection of sophisticated attacks remains the scope of future work," Bhowmick said. "Studying the signature of such attacks and using probabilistic approach to detect them is one of the prospects of future work."

###

Other contributors include Haifeng Niu of Google Inc., Avimanyu Sahoo with the School of Electrical and Computer Engineering at Oklahoma State University, and S. Jagannathan with the Department of Electrical and Computer Engineering at the Missouri University of Science and Technology.

Fulltext of the paper is available: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8894751

http://www.ieee-jas.org/en/article/doi/10.1109/JAS.2019.1911762

IEEE/CAA Journal of Automatica Sinica aims to publish high-quality, high-interest, far-reaching research achievements globally, and provide an international forum for the presentation of original ideas and recent results related to all aspects of automation. Researchers (including globally highly cited scholars) from institutions all over the world, such as MIT, Yale University, Stanford University, University of Cambridge, Princeton University, select to share their research with a large audience through JAS.

IEEE/CAA Journal of Automatica Sinica is indexed in SCIE, EI, Scopus, etc. The latest CiteScore is 5.31, ranked among top 9% (22/232) in the category of "Control and Systems Engineering", and top 10% (27/269, 20/189) both in the categories of "Information System" and "Artificial Intelligence". JAS has been in the 1st quantile (Q1) in all three categories it belongs to.

Why publish with us: Fast and high quality peer review; Simple and effective online submission system; Widest possible global dissemination of your research; Indexed in SCIE, EI, IEEE, Scopus, Inspec.

JAS papers can be found at http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=6570654 or http://www.ieee-jas.org

Disclaimer: AAAS and EurekAlert! are not responsible for the accuracy of news releases posted to EurekAlert! by contributing institutions or for the use of any information through the EurekAlert system.