2014 |
Kocsis, Jin (Wei) A Biologically Inspired Hierarchical Cyber-Physical Integrated Security Analysis Framework for Smart Grids PhD Thesis University of Toronto, 2014. Abstract | BibTeX | Tags: CPS, PhD thesis, smart grid, thesis @phdthesis{WeiPhDThesis14, title = {A Biologically Inspired Hierarchical Cyber-Physical Integrated Security Analysis Framework for Smart Grids}, author = {Jin (Wei) Kocsis}, year = {2014}, date = {2014-06-18}, address = {Toronto, Ontario}, school = {University of Toronto}, abstract = {The last few years have witnessed the radical transformation in structure and functionality of electrical energy systems. Such systems were traditionally executed in the physical world and are now also cyber-enabled. This cyber-enabled energy system, called smart grid, can be envisioned as the marriage of information technology with the electricity network. While its increased dependence on cyber infrastructure aims to enable greater reliability, efficiency and capacity of power delivery, this reliance also creates a host of unfamiliar vulnerabilities. Due to the highly integrated and connected nature of smart grids, it is important to account for their salient cyber-physical coupling when making critical design decisions and identifying solutions to promote security. In this dissertation, we present a flocking-theory inspired dynamical systems paradigm to model smart grid cyber-physical interactions related to smart grid stability. Such a biologically-inspired framework enables the convenient description of (discrete) cyber and (analog) physical couplings. Through this paradigm, we demonstrate real-time cyber-physical integrated control and communication strategies using “wisely”-placed phasor measurement units and energy storages to re-stabilize a smart grid system under various forms of cyber and physical attacks. Our research has evolved in three stages. We first propose a multi-agent dynamical systems paradigm to model the cyber-physical interactions related to smart grid stability. In our multi-agent framework each node, representing both electrical and information system components, is modeled as having dynamics that synergistically describe physical and information couplings with neighboring agents. Inspired by the analogy between the flocking behavior in the nature and the stability of the cyber-enabled synchronous generators, We develop a flocking-based scheme to formulate the cyber-physical integrated action for each agent. It is clear from our analysis framework that redundant cyber information acquisition and use increases risks of cyber-attack whereby indiscriminate cyber-dependence and -connectivity increases attack scope and impact. To address this problem, in the second stage, we extend the multi-agent paradigm to a two-tier hierarchical framework by effectively leveraging physical couplings between the agents and identifying the critical ones that increase vulnerability to cyber- or physical- attack. With the developed hierarchical framework, the cyber information redundancy is reduced by only leveraging cyber coupling at critical agents. In the context of the hierarchical framework, we analyze the physical impact of cyber attack. We focus on two major attacks widely effecting the smart grid, attacks on timely data delivery, such as Denial-of-Service (DoS) attacks, and attacks on information accuracy, such as false data injection attacks. The DoS attack can cause communication delay of critical cyber information and result in significant power delivery disruption. To defend against the DoS attacks, we propose an intelligent multicast routing strategy, called Goal-Seeking Obstacle and Collision Evasion (GOALiE), which is appropriate to smart grids and resilient to DoS attacks. We also develop a novel witness-based cyber-physical protocol whereby physical coherence is leveraged to probe and identify the false data injection on Phasor Measurement Unit (PMU) data and estimate the true information values for attack mitigation.}, keywords = {CPS, PhD thesis, smart grid, thesis}, pubstate = {published}, tppubtype = {phdthesis} } The last few years have witnessed the radical transformation in structure and functionality of electrical energy systems. Such systems were traditionally executed in the physical world and are now also cyber-enabled. This cyber-enabled energy system, called smart grid, can be envisioned as the marriage of information technology with the electricity network. While its increased dependence on cyber infrastructure aims to enable greater reliability, efficiency and capacity of power delivery, this reliance also creates a host of unfamiliar vulnerabilities. Due to the highly integrated and connected nature of smart grids, it is important to account for their salient cyber-physical coupling when making critical design decisions and identifying solutions to promote security. In this dissertation, we present a flocking-theory inspired dynamical systems paradigm to model smart grid cyber-physical interactions related to smart grid stability. Such a biologically-inspired framework enables the convenient description of (discrete) cyber and (analog) physical couplings. Through this paradigm, we demonstrate real-time cyber-physical integrated control and communication strategies using “wisely”-placed phasor measurement units and energy storages to re-stabilize a smart grid system under various forms of cyber and physical attacks. Our research has evolved in three stages. We first propose a multi-agent dynamical systems paradigm to model the cyber-physical interactions related to smart grid stability. In our multi-agent framework each node, representing both electrical and information system components, is modeled as having dynamics that synergistically describe physical and information couplings with neighboring agents. Inspired by the analogy between the flocking behavior in the nature and the stability of the cyber-enabled synchronous generators, We develop a flocking-based scheme to formulate the cyber-physical integrated action for each agent. It is clear from our analysis framework that redundant cyber information acquisition and use increases risks of cyber-attack whereby indiscriminate cyber-dependence and -connectivity increases attack scope and impact. To address this problem, in the second stage, we extend the multi-agent paradigm to a two-tier hierarchical framework by effectively leveraging physical couplings between the agents and identifying the critical ones that increase vulnerability to cyber- or physical- attack. With the developed hierarchical framework, the cyber information redundancy is reduced by only leveraging cyber coupling at critical agents. In the context of the hierarchical framework, we analyze the physical impact of cyber attack. We focus on two major attacks widely effecting the smart grid, attacks on timely data delivery, such as Denial-of-Service (DoS) attacks, and attacks on information accuracy, such as false data injection attacks. The DoS attack can cause communication delay of critical cyber information and result in significant power delivery disruption. To defend against the DoS attacks, we propose an intelligent multicast routing strategy, called Goal-Seeking Obstacle and Collision Evasion (GOALiE), which is appropriate to smart grids and resilient to DoS attacks. We also develop a novel witness-based cyber-physical protocol whereby physical coherence is leveraged to probe and identify the false data injection on Phasor Measurement Unit (PMU) data and estimate the true information values for attack mitigation. |
2013 |
Liu, Shan Coordinated Variable Structure Switching Attacks for Smart Grid PhD Thesis Texas A&M University, 2013. Abstract | BibTeX | Tags: CPS, PhD thesis, smart grid, thesis @phdthesis{LiuPhDThesis13, title = {Coordinated Variable Structure Switching Attacks for Smart Grid}, author = {Shan Liu}, year = {2013}, date = {2013-05-01}, address = {College Station, TX}, school = {Texas A&M University}, abstract = {The effective modeling and analysis of large-scale power system disturbances especially those stemming from intentional attack represents an open engineering and research problem. Challenges stem from the need to develop intelligent models of cyber-physical attacks that produce salient disruptions and appropriately describe meaningful cyber-physical interdependencies such that they balance precision, scale and complexity. In our research, we present a foundation for the development of a class of intelligent cyber-physical attacks termed coordinated variable structure switching attacks whereby opponents aim to destabilize the power grid through controlled switching sequence. Such switching is facilitated by cyber attack and corruption of communication channels and control signals of the associated switch(es). We provide methods and theorems to construct such attack models and demonstrate their utility in the simulation of extensive system disturbances. Our proposed class of cyber-physical switching attacks for smart grid systems has the potential to disrupt large-scale power system operation within a short interval of time. Through successful cyber intrusion, an opponent can remotely apply a state dependent coordinated switching sequence on one or more relays and circuit breakers of a power system to disrupt operation. Existence of this switching vulnerability is dependent on the local structure of the power grid. Variable structure systems theory is employed to eectively model the cyber-physical aspects of a smart grid, determine the existence of the vulnerability and construct the destabilizing switching attack sequence. We illustrate the utility of the attack approach assess its impact on the dierent power system test cases including the single machine innite bus power system model and theWestern Electricity Coordinating Council (WECC) 3-machine, 9-bus system through MATLAB/Simulink and PSCAD simulation environment. The results demonstrate the potential of our approach for practical attack. Moreover, we build on our work in several ways. First, we extend the research to demonstrate an approach to mitigation within the variable structure system framework. We demonstrate via small signal analysis how through persistent switching a stable sliding mode can be used to disrupt a dynamical system that seems stable. We also design an approach to vulnerability analysis to assess the feasibility of coordinated variable structure switching attacks. Moreover, we study the performance of our attack construction approach when the opponent has imperfect knowledge of the local system dynamics and partial knowledge of the generator state. Based on the system with modeling errors, we study the performance of coordinated variable structure switching attacks in the presence of state estimation. Finally, we illustrate the concepts of attack model within the multiple switching framework, the cascading failure analysis is employed in the New-England 10-machine, 39-bus power system using MATLAB/Simulink and DSATools simulation environment. Our results demonstrate the potential for coordinated variable structure switching attacks to enable large-scale power system disturbances.}, keywords = {CPS, PhD thesis, smart grid, thesis}, pubstate = {published}, tppubtype = {phdthesis} } The effective modeling and analysis of large-scale power system disturbances especially those stemming from intentional attack represents an open engineering and research problem. Challenges stem from the need to develop intelligent models of cyber-physical attacks that produce salient disruptions and appropriately describe meaningful cyber-physical interdependencies such that they balance precision, scale and complexity. In our research, we present a foundation for the development of a class of intelligent cyber-physical attacks termed coordinated variable structure switching attacks whereby opponents aim to destabilize the power grid through controlled switching sequence. Such switching is facilitated by cyber attack and corruption of communication channels and control signals of the associated switch(es). We provide methods and theorems to construct such attack models and demonstrate their utility in the simulation of extensive system disturbances. Our proposed class of cyber-physical switching attacks for smart grid systems has the potential to disrupt large-scale power system operation within a short interval of time. Through successful cyber intrusion, an opponent can remotely apply a state dependent coordinated switching sequence on one or more relays and circuit breakers of a power system to disrupt operation. Existence of this switching vulnerability is dependent on the local structure of the power grid. Variable structure systems theory is employed to eectively model the cyber-physical aspects of a smart grid, determine the existence of the vulnerability and construct the destabilizing switching attack sequence. We illustrate the utility of the attack approach assess its impact on the dierent power system test cases including the single machine innite bus power system model and theWestern Electricity Coordinating Council (WECC) 3-machine, 9-bus system through MATLAB/Simulink and PSCAD simulation environment. The results demonstrate the potential of our approach for practical attack. Moreover, we build on our work in several ways. First, we extend the research to demonstrate an approach to mitigation within the variable structure system framework. We demonstrate via small signal analysis how through persistent switching a stable sliding mode can be used to disrupt a dynamical system that seems stable. We also design an approach to vulnerability analysis to assess the feasibility of coordinated variable structure switching attacks. Moreover, we study the performance of our attack construction approach when the opponent has imperfect knowledge of the local system dynamics and partial knowledge of the generator state. Based on the system with modeling errors, we study the performance of coordinated variable structure switching attacks in the presence of state estimation. Finally, we illustrate the concepts of attack model within the multiple switching framework, the cascading failure analysis is employed in the New-England 10-machine, 39-bus power system using MATLAB/Simulink and DSATools simulation environment. Our results demonstrate the potential for coordinated variable structure switching attacks to enable large-scale power system disturbances. |
2012 |
Jainsky, Julien Sebastien Defenses Against Covert-Communications in Multimedia and Sensor Networks PhD Thesis Texas A&M University, 2012. Abstract | BibTeX | Tags: forensics, mmsn, PhD thesis, thesis @phdthesis{JaiPhDThesis12, title = {Defenses Against Covert-Communications in Multimedia and Sensor Networks}, author = {Julien Sebastien Jainsky}, year = {2012}, date = {2012-12-01}, address = {College Station, TX}, school = {Texas A&M University}, abstract = {Steganography and covert-communications represent a great and real threat today more than ever due to the evolution of modern communications. This doctoral work proposes defenses against such covert-communication techniques in two threatening but underdeveloped domains. Indeed, this work focuses on the novel problem of visual sensor network steganalysis but also proposes one of the first solutions against video steganography. The first part of the thesis looks at covert-communications in videos. The contribution of this study resides in the combination of image processing using motion vector interpolation and non-traditional detection theory to obtain better results in identifying the presence of embedded messages in videos compared to what existing still-image steganalytic solutions would offer. The proposed algorithm called MoViSteg utilizes the specifics of video, as a whole and not as a series of images, to decide on the occurrence of steganography. Contrary to other solutions, MoViSteg is a video-specific algorithm, and not a repetitive still-image steganalysis, and allows for detection of embedding in partially corrupted sequences. This thesis also lays the foundation for the novel study of visual sensor network steganalysis. We develop three different steganalytic solutions to the problem of covert communications in visual sensor networks. Because of the inadequacy of the existing steganalytic solutions present in the current research literature, we introduce the novel concept of preventative steganalysis, which aims at discouraging potential steganographic attacks. We propose a set of solutions with active and passive warden scenarii using the material made available by the network. To quantify the efficiency of the preventative steganalysis, a new measure for evaluating the risk of steganography is proposed: the embedding potential which relies on the uncertainty of the image’s pixel values prone to corruption.}, keywords = {forensics, mmsn, PhD thesis, thesis}, pubstate = {published}, tppubtype = {phdthesis} } Steganography and covert-communications represent a great and real threat today more than ever due to the evolution of modern communications. This doctoral work proposes defenses against such covert-communication techniques in two threatening but underdeveloped domains. Indeed, this work focuses on the novel problem of visual sensor network steganalysis but also proposes one of the first solutions against video steganography. The first part of the thesis looks at covert-communications in videos. The contribution of this study resides in the combination of image processing using motion vector interpolation and non-traditional detection theory to obtain better results in identifying the presence of embedded messages in videos compared to what existing still-image steganalytic solutions would offer. The proposed algorithm called MoViSteg utilizes the specifics of video, as a whole and not as a series of images, to decide on the occurrence of steganography. Contrary to other solutions, MoViSteg is a video-specific algorithm, and not a repetitive still-image steganalysis, and allows for detection of embedding in partially corrupted sequences. This thesis also lays the foundation for the novel study of visual sensor network steganalysis. We develop three different steganalytic solutions to the problem of covert communications in visual sensor networks. Because of the inadequacy of the existing steganalytic solutions present in the current research literature, we introduce the novel concept of preventative steganalysis, which aims at discouraging potential steganographic attacks. We propose a set of solutions with active and passive warden scenarii using the material made available by the network. To quantify the efficiency of the preventative steganalysis, a new measure for evaluating the risk of steganography is proposed: the embedding potential which relies on the uncertainty of the image’s pixel values prone to corruption. |
2008 |
Okorafor, Unoma Ndili Secure Integrated Routing and Localization in Wireless Optical Sensor Networks PhD Thesis Texas A&M University, 2008. Abstract | BibTeX | Tags: mmsn, PhD thesis, thesis @phdthesis{OkoPhDThesis08, title = {Secure Integrated Routing and Localization in Wireless Optical Sensor Networks}, author = {Unoma Ndili Okorafor}, year = {2008}, date = {2008-08-31}, address = {College Station, Texas}, school = {Texas A&M University}, abstract = {Wireless ad hoc and sensor networks are envisioned to be self-organizing and autonomous networks, that may be randomly deployed where no fixed infrastructure is either feasible or cost-effective. The successful commercialization of such networks depends on the feasible implementation of network services to support security-aware applications. Recently, free space optical (FSO) communication has emerged as a viable technology for broadband distributed wireless optical sensor network (WOSN) applications. The challenge of employing FSO include its susceptibility to adverse weather conditions and the line of sight requirement between two communicating nodes. In addition, it is necessary to consider security at the initial design phase of any network and routing protocol. This dissertation addresses the feasibility of randomly deployed WOSNs employing broad beam FSO with regard to the network layer, in which two important problems are specifically investigated. First, we address the parameter assignment problem which considers the relationship amongst the physical layer parameters of node density, transmission radius and beam divergence of the FSO signal in order to yield probabilistic guarantees on network connectivity. We analyze the node isolation property of WOSNs, and its relation to the connectivity of the network. Theoretical analysis and experimental investigation were conducted to assess the effects of hierarchical clustering as well as fading due to atmospheric turbulence on connectivity, thereby demonstrating the design choices necessary to make the random deployment of the WOSN feasible. Second, we propose a novel light-weight circuit-based, secure and integrated routing and localization paradigm within the WOSN, that leverages the resources of the base station. Our scheme exploits the hierarchical cluster-based organization of the network, and the directionality of links to deliver enhanced security performance including per hop and broadcast authentication, confidentiality, integrity and freshness of routing signals. We perform security and attack analysis and synthesis to characterize the protocol’s performance, compared to existing schemes, and demonstrate its superior performance for WOSNs. Through the investigation of this dissertation, we demonstrate the fundamental tradeoff between security and connectivity in WOSNs, and illustrate how the transmission radius may be used as a high sensitivity tuning parameter to balance there two metrics of network performance. We also present WOSNs as a field of study that opens up several directions for novel research, and encompasses problems such as connectivity analysis, secure routing and localization, intrusion detection, topology control, secure data aggregation and novel attack scenarios.}, keywords = {mmsn, PhD thesis, thesis}, pubstate = {published}, tppubtype = {phdthesis} } Wireless ad hoc and sensor networks are envisioned to be self-organizing and autonomous networks, that may be randomly deployed where no fixed infrastructure is either feasible or cost-effective. The successful commercialization of such networks depends on the feasible implementation of network services to support security-aware applications. Recently, free space optical (FSO) communication has emerged as a viable technology for broadband distributed wireless optical sensor network (WOSN) applications. The challenge of employing FSO include its susceptibility to adverse weather conditions and the line of sight requirement between two communicating nodes. In addition, it is necessary to consider security at the initial design phase of any network and routing protocol. This dissertation addresses the feasibility of randomly deployed WOSNs employing broad beam FSO with regard to the network layer, in which two important problems are specifically investigated. First, we address the parameter assignment problem which considers the relationship amongst the physical layer parameters of node density, transmission radius and beam divergence of the FSO signal in order to yield probabilistic guarantees on network connectivity. We analyze the node isolation property of WOSNs, and its relation to the connectivity of the network. Theoretical analysis and experimental investigation were conducted to assess the effects of hierarchical clustering as well as fading due to atmospheric turbulence on connectivity, thereby demonstrating the design choices necessary to make the random deployment of the WOSN feasible. Second, we propose a novel light-weight circuit-based, secure and integrated routing and localization paradigm within the WOSN, that leverages the resources of the base station. Our scheme exploits the hierarchical cluster-based organization of the network, and the directionality of links to deliver enhanced security performance including per hop and broadcast authentication, confidentiality, integrity and freshness of routing signals. We perform security and attack analysis and synthesis to characterize the protocol’s performance, compared to existing schemes, and demonstrate its superior performance for WOSNs. Through the investigation of this dissertation, we demonstrate the fundamental tradeoff between security and connectivity in WOSNs, and illustrate how the transmission radius may be used as a high sensitivity tuning parameter to balance there two metrics of network performance. We also present WOSNs as a field of study that opens up several directions for novel research, and encompasses problems such as connectivity analysis, secure routing and localization, intrusion detection, topology control, secure data aggregation and novel attack scenarios. |
Luh, William Distributed Secrecy for Information Theoretic Sensor Network Models PhD Thesis Texas A&M University, 2008. Abstract | BibTeX | Tags: PhD thesis, phys-layer, thesis @phdthesis{LuhPhDThesis08, title = {Distributed Secrecy for Information Theoretic Sensor Network Models}, author = {William Luh}, year = {2008}, date = {2008-08-15}, address = {College Station, TX}, school = {Texas A&M University}, abstract = {This dissertation presents a novel problem inspired by the characteristics of sensor networks. The basic setup through-out the dissertation is that a set of sensor nodes encipher their data without collaboration and without any prior shared secret materials. The challenge is dealt by an eavesdropper who intercepts a subset of the enciphered data and wishes to gain knowledge of the uncoded data. This problem is challenging and novel given that the eavesdropper is assumed to know everything, including secret cryptographic keys used by both the encoders and decoders. We study the above problem using information theoretic models as a necessary first step towards an understanding of the characteristics of this system problem. This dissertation contains four parts. The first part deals with noiseless channels, and the goal is for sensor nodes to both source code and encipher their data. We derive inner and outer regions of the capacity region (i.e the set of all source coding and equivocation rates) for this problem under general distortion constraints. The main conclusion in this part is that unconditional secrecy is unachievable unless the distortion is maximal, rendering the data useless. In the second part we thus provide a practical coding scheme based on distributed source coding using syndromes (DISCUS) that provides secrecy beyond the equivocation measure, i.e. secrecy on each symbol in the message. The third part deals with discrete memoryless channels, and the goal is for sensor nodes to both channel code and encipher their data. We derive inner and outer regions to the secrecy capacity region, i.e. the set of all channel coding rates that achieve (weak) unconditional secrecy. The main conclusion in this part is that interference allows (weak) unconditional secrecy to be achieved in contrast with the first part of this dissertation. The fourth part deals with wireless channels with fading and additive Gaussian noise. We derive a general outer region and an inner region based on an equal SNR assumption, and show that the two are partially tight when the maximum available user powers are admissible.}, keywords = {PhD thesis, phys-layer, thesis}, pubstate = {published}, tppubtype = {phdthesis} } This dissertation presents a novel problem inspired by the characteristics of sensor networks. The basic setup through-out the dissertation is that a set of sensor nodes encipher their data without collaboration and without any prior shared secret materials. The challenge is dealt by an eavesdropper who intercepts a subset of the enciphered data and wishes to gain knowledge of the uncoded data. This problem is challenging and novel given that the eavesdropper is assumed to know everything, including secret cryptographic keys used by both the encoders and decoders. We study the above problem using information theoretic models as a necessary first step towards an understanding of the characteristics of this system problem. This dissertation contains four parts. The first part deals with noiseless channels, and the goal is for sensor nodes to both source code and encipher their data. We derive inner and outer regions of the capacity region (i.e the set of all source coding and equivocation rates) for this problem under general distortion constraints. The main conclusion in this part is that unconditional secrecy is unachievable unless the distortion is maximal, rendering the data useless. In the second part we thus provide a practical coding scheme based on distributed source coding using syndromes (DISCUS) that provides secrecy beyond the equivocation measure, i.e. secrecy on each symbol in the message. The third part deals with discrete memoryless channels, and the goal is for sensor nodes to both channel code and encipher their data. We derive inner and outer regions to the secrecy capacity region, i.e. the set of all channel coding rates that achieve (weak) unconditional secrecy. The main conclusion in this part is that interference allows (weak) unconditional secrecy to be achieved in contrast with the first part of this dissertation. The fourth part deals with wireless channels with fading and additive Gaussian noise. We derive a general outer region and an inner region based on an equal SNR assumption, and show that the two are partially tight when the maximum available user powers are admissible. |
Czarlinska, Alexandra Stealthy Attacks and Defense Strategies in Competing Sensor Networks PhD Thesis Texas A&M University, 2008. Abstract | BibTeX | Tags: mmsn, PhD thesis, thesis @phdthesis{CzaPhDThesis08, title = {Stealthy Attacks and Defense Strategies in Competing Sensor Networks}, author = {Alexandra Czarlinska}, year = {2008}, date = {2008-08-01}, address = {College Station, TX}, school = {Texas A&M University}, abstract = {The fundamental objective of sensor networks underpinning a variety of applications is the collection of reliable information from the surrounding environment. The correctness of the collected data is especially important in applications involving societal welfare and safety, in which the acquired information may be utilized by end-users for decision-making. The distributed nature of sensor networks and their deployment in unattended and potentially hostile environments, however, renders this collection task challenging for both scalar and visual data. In this work we propose and address the twin problem of carrying out and defending against a stealthy attack on the information gathered by a sensor network at the physical sensing layer as perpetrated by a competing hostile network. A stealthy attack in this context is an intelligent attempt to disinform a sensor network in a manner that mitigates attack discovery. In comparison with previous sensor network security studies, we explicitly model the attack scenario as an active competition between two networks where difficulties arise from the pervasive nature of the attack, the possibility of tampering during data acquisition prior to encryption, and the lack of prior knowledge regarding the characteristics of the attack We examine the problem from the perspective of both the hostile and the legitimate network. The interaction between the networks is modeled as a game where a stealth utility is derived and shown to be consistent for both players in the case of stealthy direct attacks and stealthy cross attacks. Based on the stealth utility, the optimal attack and defense strategies are obtained for each network. For the legitimate network, minimization of the attacker’s stealth results in the possibility of attack detection through established paradigms and the ability to mitigate the power of the attack. For the hostile network, maximization of the stealth utility translates into the optimal attack avoidance. This attack avoidance does not require active communication among the hostile nodes but rather relies on a level of coordination which we quantify. We demonstrate the significance and effectiveness of the solution for sensor networks acquiring scalar and multidimensional data such as surveillance sequences and relate the results to existing image sensor networks. Finally we discuss the implications of these results for achieving secure event acquisition in unattended environments.}, keywords = {mmsn, PhD thesis, thesis}, pubstate = {published}, tppubtype = {phdthesis} } The fundamental objective of sensor networks underpinning a variety of applications is the collection of reliable information from the surrounding environment. The correctness of the collected data is especially important in applications involving societal welfare and safety, in which the acquired information may be utilized by end-users for decision-making. The distributed nature of sensor networks and their deployment in unattended and potentially hostile environments, however, renders this collection task challenging for both scalar and visual data. In this work we propose and address the twin problem of carrying out and defending against a stealthy attack on the information gathered by a sensor network at the physical sensing layer as perpetrated by a competing hostile network. A stealthy attack in this context is an intelligent attempt to disinform a sensor network in a manner that mitigates attack discovery. In comparison with previous sensor network security studies, we explicitly model the attack scenario as an active competition between two networks where difficulties arise from the pervasive nature of the attack, the possibility of tampering during data acquisition prior to encryption, and the lack of prior knowledge regarding the characteristics of the attack We examine the problem from the perspective of both the hostile and the legitimate network. The interaction between the networks is modeled as a game where a stealth utility is derived and shown to be consistent for both players in the case of stealthy direct attacks and stealthy cross attacks. Based on the stealth utility, the optimal attack and defense strategies are obtained for each network. For the legitimate network, minimization of the attacker’s stealth results in the possibility of attack detection through established paradigms and the ability to mitigate the power of the attack. For the hostile network, maximization of the stealth utility translates into the optimal attack avoidance. This attack avoidance does not require active communication among the hostile nodes but rather relies on a level of coordination which we quantify. We demonstrate the significance and effectiveness of the solution for sensor networks acquiring scalar and multidimensional data such as surveillance sequences and relate the results to existing image sensor networks. Finally we discuss the implications of these results for achieving secure event acquisition in unattended environments. |
Mathai, Nebu John Cybernetic Automata: An Approach for the Realization of Economical Cognition for Multi-Robot Systems PhD Thesis Texas A&M University, 2008, ((Winner of TAMU 2008 U.S. Senator Phil Gramm Doctoral Award)). Abstract | BibTeX | Tags: CPS, dyn-sys, PhD thesis, thesis @phdthesis{MatPhDThesis08, title = {Cybernetic Automata: An Approach for the Realization of Economical Cognition for Multi-Robot Systems}, author = {Nebu John Mathai}, year = {2008}, date = {2008-05-01}, address = {College Station, TX}, school = {Texas A&M University}, abstract = {(Winner of TAMU 2008 U.S. Senator Phil Gramm Doctoral Award) The multi-agent robotics paradigm has attracted much attention due to the variety of pertinent applications that are well-served by the use of a multiplicity of agents (including space robotics, search and rescue, and mobile sensor networks). The use of this paradigm for most applications, however, demands economical, lightweight agent designs for reasons of longer operational life, lower economic cost, faster and easily-verified designs, etc. An important contributing factor to an agent’s cost is its control architecture. Due to the emergence of novel implementation technologies carrying the promise of economical implementation, we consider the development of a technology-independent specification for computational machinery. To that end, the use of cybernetics toolsets (control and dynamical systems theory) is appropriate, enabling a principled specification of robotic control architectures in mathematical terms that could be mapped directly to diverse implementation substrates. This dissertation, hence, addresses the problem of developing a technologyindependent specification for lightweight control architectures to enable robotic agents to serve in a multi-agent scheme. We present the principled design of static and dynamical regulators that elicit useful behaviors, and integrate these within an overall architecture for both single and multi-agent control. Since the use of control theory can be limited in unstructured environments, a major focus of the work is on the engineering of emergent behavior. The proposed scheme is highly decentralized, requiring only local sensing and no inter-agent communication. Beyond several simulation-based studies, we provide experimental results for a two-agent system, based on a custom implementation employing field-programmable gate arrays.}, note = {(Winner of TAMU 2008 U.S. Senator Phil Gramm Doctoral Award)}, keywords = {CPS, dyn-sys, PhD thesis, thesis}, pubstate = {published}, tppubtype = {phdthesis} } (Winner of TAMU 2008 U.S. Senator Phil Gramm Doctoral Award) The multi-agent robotics paradigm has attracted much attention due to the variety of pertinent applications that are well-served by the use of a multiplicity of agents (including space robotics, search and rescue, and mobile sensor networks). The use of this paradigm for most applications, however, demands economical, lightweight agent designs for reasons of longer operational life, lower economic cost, faster and easily-verified designs, etc. An important contributing factor to an agent’s cost is its control architecture. Due to the emergence of novel implementation technologies carrying the promise of economical implementation, we consider the development of a technology-independent specification for computational machinery. To that end, the use of cybernetics toolsets (control and dynamical systems theory) is appropriate, enabling a principled specification of robotic control architectures in mathematical terms that could be mapped directly to diverse implementation substrates. This dissertation, hence, addresses the problem of developing a technologyindependent specification for lightweight control architectures to enable robotic agents to serve in a multi-agent scheme. We present the principled design of static and dynamical regulators that elicit useful behaviors, and integrate these within an overall architecture for both single and multi-agent control. Since the use of control theory can be limited in unstructured environments, a major focus of the work is on the engineering of emergent behavior. The proposed scheme is highly decentralized, requiring only local sensing and no inter-agent communication. Beyond several simulation-based studies, we provide experimental results for a two-agent system, based on a custom implementation employing field-programmable gate arrays. |
2006 |
Fei, Chuhong Analysis and Design of Watermark-Based Multimedia Authentication Systems PhD Thesis University of Toronto, 2006. Abstract | BibTeX | Tags: drm, PhD thesis, thesis @phdthesis{FeiPhDThesis08, title = {Analysis and Design of Watermark-Based Multimedia Authentication Systems}, author = {Chuhong Fei}, year = {2006}, date = {2006-01-01}, address = {Toronto, Canada}, school = {University of Toronto}, abstract = {Multimedia authentication techniques are required to protect the integrity and origin of digital multimedia data. In watermark-based multimedia authentication systems, a source-dependent authenticator is invisibly embedded within the protected data itself, in order to alert unacceptable distortions on the data and to authenticate the legitimate source. This thesis investigates the design and analysis of such systems. We formulate the authentication problem as error detection coding with robustness to certain types of legitimate channel noise. System performance requirements such as semi-fragility, security, key payload, embedding distortion, and algorithm complexity are all investigated in the unified framework to obtain best tradeoffs among them.In the analysis of multimedia authentication systems, we demonstrate how lattice codes can be used to address semi-fragile requirements and embedding distortion in a practical scheme. Security against possible malicious attacks is considered at the code level, and cryptographic techniques are incorporated to construct secure codes. We propose a novel security enhancement strategy based on nested lattice codes that results in secure and efficient authentication algorithms. Unconditional security is also investigated. We provide a formal methodology using composite hypothesis testing to balance robustness and fragility objectives with respect to legitimate and illegitimate distortions that is superior to existing approaches. We show that a quantization-based watermarking scheme is more appropriate for achieving semi-fragility.In system design, we propose two practical watermark-based authentication schemes for natural images: one for uncompressed images, the other for JPEG compressed ones. Our proposed algorithms are able to distinguish incidental distortions, such as JPEG compression and image enhancement filtering, from malicious tampering such as image object removal and substitution even in a small portion of the protected images. Our algorithms are secure against an active attacker, and are able to determine the degree of distortion and its location. In addition, our proposed joint compression and authentication scheme for compressed images is able to increase compression efficiency while keeping practical robustness to mild incidental signal processing changes. Effectiveness of the proposed algorithms is demonstrated by simulations and comparison with existing schemes. In the analysis of multimedia authentication systems, we demonstrate how lattice codes can be used to address semi-fragile requirements and embedding distortion in a practical scheme. Security against possible malicious attacks is considered at the code level, and cryptographic techniques are incorporated to construct secure codes. We propose a novel security enhancement strategy based on nested lattice codes that results in secure and efficient authentication algorithms. Unconditional security is also investigated. We provide a formal methodology using composite hypothesis testing to balance robustness and fragility objectives with respect to legitimate and illegitimate distortions that is superior to existing approaches. We show that a quantization-based watermarking scheme is more appropriate for achieving semi-fragility. In system design, we propose two practical watermark-based authentication schemes for natural images: one for uncompressed images, the other for JPEG compressed ones. Our proposed algorithms are able to distinguish incidental distortions, such as JPEG compression and image enhancement filtering, from malicious tampering such as image object removal and substitution even in a small portion of the protected images. Our algorithms are secure against an active attacker, and are able to determine the degree of distortion and its location. In addition, our proposed joint compression and authentication scheme for compressed images is able to increase compression efficiency while keeping practical robustness to mild incidental signal processing changes. Effectiveness of the proposed algorithms is demonstrated by simulations and comparison with existing schemes.}, keywords = {drm, PhD thesis, thesis}, pubstate = {published}, tppubtype = {phdthesis} } Multimedia authentication techniques are required to protect the integrity and origin of digital multimedia data. In watermark-based multimedia authentication systems, a source-dependent authenticator is invisibly embedded within the protected data itself, in order to alert unacceptable distortions on the data and to authenticate the legitimate source. This thesis investigates the design and analysis of such systems. We formulate the authentication problem as error detection coding with robustness to certain types of legitimate channel noise. System performance requirements such as semi-fragility, security, key payload, embedding distortion, and algorithm complexity are all investigated in the unified framework to obtain best tradeoffs among them.In the analysis of multimedia authentication systems, we demonstrate how lattice codes can be used to address semi-fragile requirements and embedding distortion in a practical scheme. Security against possible malicious attacks is considered at the code level, and cryptographic techniques are incorporated to construct secure codes. We propose a novel security enhancement strategy based on nested lattice codes that results in secure and efficient authentication algorithms. Unconditional security is also investigated. We provide a formal methodology using composite hypothesis testing to balance robustness and fragility objectives with respect to legitimate and illegitimate distortions that is superior to existing approaches. We show that a quantization-based watermarking scheme is more appropriate for achieving semi-fragility.In system design, we propose two practical watermark-based authentication schemes for natural images: one for uncompressed images, the other for JPEG compressed ones. Our proposed algorithms are able to distinguish incidental distortions, such as JPEG compression and image enhancement filtering, from malicious tampering such as image object removal and substitution even in a small portion of the protected images. Our algorithms are secure against an active attacker, and are able to determine the degree of distortion and its location. In addition, our proposed joint compression and authentication scheme for compressed images is able to increase compression efficiency while keeping practical robustness to mild incidental signal processing changes. Effectiveness of the proposed algorithms is demonstrated by simulations and comparison with existing schemes. In the analysis of multimedia authentication systems, we demonstrate how lattice codes can be used to address semi-fragile requirements and embedding distortion in a practical scheme. Security against possible malicious attacks is considered at the code level, and cryptographic techniques are incorporated to construct secure codes. We propose a novel security enhancement strategy based on nested lattice codes that results in secure and efficient authentication algorithms. Unconditional security is also investigated. We provide a formal methodology using composite hypothesis testing to balance robustness and fragility objectives with respect to legitimate and illegitimate distortions that is superior to existing approaches. We show that a quantization-based watermarking scheme is more appropriate for achieving semi-fragility. In system design, we propose two practical watermark-based authentication schemes for natural images: one for uncompressed images, the other for JPEG compressed ones. Our proposed algorithms are able to distinguish incidental distortions, such as JPEG compression and image enhancement filtering, from malicious tampering such as image object removal and substitution even in a small portion of the protected images. Our algorithms are secure against an active attacker, and are able to determine the degree of distortion and its location. In addition, our proposed joint compression and authentication scheme for compressed images is able to increase compression efficiency while keeping practical robustness to mild incidental signal processing changes. Effectiveness of the proposed algorithms is demonstrated by simulations and comparison with existing schemes. |