NoiSense: Detecting Data Integrity Attacks on Sensor Measurements using Hardware based Fingerprints
share
In recent years fingerprinting of various physical and logical devices has been proposed with the goal of uniquely identifying users or devices of mainstream IT systems such as PCs, Laptops and smart phones. On the other hand, the application of such techniques in Cyber-Physical Systems (CPS) is less explored due to various reasons, such as difficulty of direct access to critical systems and the cost involved in faithfully reproducing realistic scenarios. In this work we evaluate the feasibility of using fingerprinting techniques in the context of realistic Industrial Control Systems related to water treatment and distribution. Based on experiments conducted with 44 sensors of six different types, it is shown that noise patterns due to microscopic imperfections in hardware manufacturing can be used to uniquely identify sensors in a CPS with up to 97 be used in to detect physical attacks, such as the replacement of legitimate sensors by faulty or manipulated sensors. We also show that, unexpectedly, sensor fingerprinting can effectively detect advanced physical attacks such as analog sensor spoofing due to variations in received energy at the transducer of an active sensor. Also, it can be leveraged to construct a novel challenge-response protocol that exposes cyber-attacks.
READ FULL TEXT