Guaranteed cost control of cyber‐physical systems with packet dropouts under dos jamming attacks

Cyber‐Physical Systems (CPSs) are vulnerable to malicious network attacks due to tight combination of cyber‐system and physical system through a more open network communication. In this paper, a guaranteed cost control problem for a CPS under DoS jamming attacks is solved via both state feedback and output feedback methods. Specifically, an energy constraint DoS jammer with clear periodic attack strategy is proposed to attack wireless channel and to degrade the system performance. Without knowing the DoS jammer's attack strategy, a passive attack‐tolerant mechanism is established, and the corresponding state feedback and output feedback controllers are designed to achieve guaranteed cost control for the CPS with inherent packet dropouts under DoS jamming attacks. Finally, numerical examples are presented to demonstrate the effectiveness of the guaranteed cost controllers.     

混合攻击下直流微电网的FDI估计与模糊控制联合设计

研究基于T-S模糊模型的直流微电网(DC-MG)系统在拒绝服务(DoS)和虚假数据注入(FDI)混合攻击下的协同估计控制框架.考虑网络化T-S模糊模型和并行分布补偿(PDC)模糊控制规则中的非均匀时间尺度,建立DC-MG系统的T-S模型.为了放宽现有的DoS攻击模型通常假定攻击的频率和持续时间均有限的要求,在攻击信号的休眠和活跃期的已知范围内提出一种新的DoS攻击模型.同时,构造一个切换脉冲观测器来估计由外部动态系统产生的未知FDI攻击信号.然后,利用依赖于攻击参数的时变Lyapunov函数方法,导出系统在混合攻击下的指数稳定性判据.此外,基于线性矩阵不等式给出了模糊控制器和FDI攻击观测器的联合设计方法.最后,通过案例研究验证了所提出理论结果的有效性.     

网络攻击下信息物理融合电力系统的弹性事件触发控制

本文将电动汽车（Electric vehicles，EVs）引入到典型的信息物理系统（Cyber-physical systems，CPS）智能电网中，采用负荷频率控制（Load frequency control，LFC）方法，能够快速抑制系统扰动所引发的频率变化.在考虑拒绝服务（Denial-of-Service，DoS）攻击的情况下，提出了一种弹性事件触发机制，使系统能够容忍攻击所造成的数据丢失.与此同时，PI型静态输出反馈控制器的输入按需更新，减少了通信负担.对于建立的闭环时滞系统模型，构造新型李亚普诺夫泛函，对系统进行稳定性分析，推导出系统所能承受的最大DoS攻击持续时间，并对控制器增益和弹性事件触发矩阵进行协同设计.最后，通过多域电力系统仿真，验证了所提出方法的有效性.     

Sliding Mode Control for Nonlinear Markovian Jump Systems Under Denial-of-Service Attacks

This paper investigates the sliding mode control (SMC) problem for a class of discrete-time nonlinear networked Markovian jump systems (MJSs) in the presence of probabilistic denial-of-service (DoS) attacks. The communication network via which the data is propagated is unsafe and the malicious adversary can attack the system during state feedback. By considering random Denial-of-Service attacks, a new sliding mode variable is designed, which takes into account the distribution information of the probabilistic attacks. Then, by resorting to Lyapunov theory and stochastic analysis methods, sufficient conditions are established for the existence of the desired sliding mode controller, guaranteeing both reachability of the designed sliding surface and stability of the resulting sliding motion. Finally, a simulation example is given to demonstrate the effectiveness of the proposed sliding mode control algorithm.      

DoS攻击下网络控制系统的记忆型事件触发控制

针对一类网络化控制系统，当考虑网络控制系统遭受PWM （Pulsewidth-Modulated）型DoS （Denial-of-Service， DoS）攻击时，提出一种基于缓存机制的记忆型事件触发机制策略.本文考虑的DoS攻击可检测，并且攻击的周期时长以及每周期内的最短休眠时间已知.为了减少网络控制系统中数据包的发送频次，本文设计了基于相对误差的新型事件触发策略，与传统事件触发策略相比，通过增加缓存器来有效利用已经发送的历史采样数据，最终达到改善系统动态过程的目的.接下来，综合考虑网络攻击和事件触发方案，建立了网络化切换系统模型，构造分段李雅普诺夫泛函，推导出系统指数稳定的结论并且对控制器增益及事件触发参数进行协同设计.最后，通过仿真案例，验证了所提出方法的有效性.     

基于学习的线性多智能体系统弹性最优协同容错控制

针对一类线性多智能体系统,研究其在网络间歇性拒绝服务攻击下的最优同步控制问题.首先,在时变非对称通讯网络拓扑结构下,提出一种弹性最优协同容错控制策略,并优化多智能体的合作二次性能指标,然后证明全局跟踪误差在出现执行器故障和网络攻击时仍然渐进收敛.进一步,当考虑多智能体子系统模型参数未知,同时系统发生执行器故障的情况下,提出利用局部系统状态和输入信息的自学习迭代算法求解代数Riccati方程,计算子系统的反馈控制器增益,实现弹性协同容错控制目标.最后,通过Chua电路网络仿真算例验证所提出的控制方法的有效性.     

DoS攻击下基于多率采样的多智能体系统安全一致性

本 文 研 究 了 一 类 带 有 多 率 采 样 的 线 性 多 智 能 体 系 统(Multiagent Systems, MASs)在 拒 绝 服 务(Denial-of-Service, DoS)攻击下的安全一致性控制问题, 其中DoS攻击通常阻断智能体之间的信息传输. 本文将多 率采样在网络化控制系统中的结果推广到了多智能体系统, 并考虑了非理想通信网络环境. 首先, 通过引入一个匹 配机制来同步由多率采样引起的智能体不同状态分量的采样数据. 然后, 在DoS攻击下, 针对带有多率采样的线 性MAS提出了一个基于多率采样的安全一致性控制器. 通过使用李雅普诺夫稳定性理论和切换系统方法, 获得了 包含DoS 攻击持续时间以及攻击频率的安全一致性充分条件. 最后, 给出了一个仿真例子来验证所提方法的有效 性, 并给出了多率采样与单率采样机制的性能对比分析.     

针对工业信息物理系统中的拒绝服务攻击建立检测模型

无线通信网络的脆弱性使工业信息物理系统(ICPS)的稳定性容易遭受拒绝服务(DoS)攻击的影响.为检测ICPS中的DoS攻击,本文基于反馈控制理论,采用卡尔曼滤波器和χ2检测器结合的检测方案建立攻击检测模型.卡尔曼滤波器用于去除环境噪声,并得到测量残差;χ2检测器通过测量残差得到检测值,再结合攻击检测判决规则,判断系统是否受到DoS攻击.为证明所采用方法的有效性,以球杆系统为被控对象,通过Simulink/TrueTime进行仿真,并使用欧几里得检测器作对比实验.实验结果表明,基于反馈控制理论的攻击检测模型可以有效地检测ICPS中的DoS攻击;相较于欧几里得检测器,χ2检测器能够更好地检测DoS攻击.     

Markov 系统矩阵未知情况下的控制器设计

针对Markov 系统矩阵参数未知的实际情况, 提出一种基于状态反馈控制与自适应控制相结合的控制方法. 基于线性矩阵不等式技术给出相应控制器参数的求解条件. 与现有大多数自适应控制方法相比, 所提方法不仅使估计误差几乎处处有界, 而且原系统的系统状态几乎处处渐近稳定, 具有较好的收敛特性. 在所得结果的基础上, 进一步讨论了转移速率部分未知时的相关控制问题. 数值算例验证了所提出的设计方法的有效性.

     

Resilient and Safe Platooning Control of Connected Automated Vehicles Against Intermittent Denial-of-Service Attacks

Connected automated vehicles (CAVs) serve as a promising enabler for future intelligent transportation systems because of their capabilities in improving traffic efficiency and driving safety, and reducing fuel consumption and vehicle emissions. A fundamental issue in CAVs is platooning control that empowers a convoy of CAVs to be cooperatively maneuvered with desired longitudinal spacings and identical velocities on roads. This paper addresses the issue of resilient and safe platooning control of CAVs subject to intermittent denial-of-service (DoS) attacks that disrupt vehicle-to-vehicle communications. First, a heterogeneous and uncertain vehicle longitudinal dynamic model is presented to accommodate a variety of uncertainties, including diverse vehicle masses and engine inertial delays, unknown and nonlinear resistance forces, and a dynamic platoon leader. Then, a resilient and safe distributed longitudinal platooning control law is constructed with an aim to preserve simultaneous individual vehicle stability, attack resilience, platoon safety and scalability. Furthermore, a numerically efficient offline design algorithm for determining the desired platoon control law is developed, under which the platoon resilience against DoS attacks can be maximized but the anticipated stability, safety and scalability requirements remain preserved. Finally, extensive numerical experiments are provided to substantiate the efficacy of the proposed platooning method.      

DoS干扰攻击下的信息物理系统状态反馈稳定

基于网络的工业控制系统作为信息物理系统(CPSs)的一种重要应用正迅猛发展.然而,近年来针对工业控制系统的恶意网络攻击引起了人们对CPS安全问题的广泛关注.拒绝服务(DoS)干扰攻击作为CPS中最容易发生的攻击方式得到了深入研究.对此,提出一种能量受限的、周期的DoS干扰攻击模型,攻击的目的是增大无线信道发生数据包随机丢包的概率.基于一类CPS简化模型,考虑CPS中传感器与控制器(S-C)之间无线信道同时存在DoS干扰攻击和固有随机数据包丢失的情况,采用状态反馈,基于随机Lyapunov函数和线性矩阵不等式方法得到可以保证系统稳定的充分条件,并利用系统稳定的充分条件和锥补线性化算法设计控制器.最后,通过两个数值仿真例子验证所提出控制策略的有效性.     

基于DoS攻击能量分级的ICPS综合安全控制与通信协同设计

针对一类有限能量拒绝服务（denial of service,DoS）攻击与执行器故障共存的工业信息物理系统（industry cyber-physical system,ICPS）,研究了综合安全控制与通信协同设计问题。首先,考虑单侧网络遭受DoS攻击的情形,构建了ICPS综合安全控制架构,并从防御者的视角通过分析不...     

基于线性预测的DDoS攻击检测方法

分布式拒绝服务攻击的原理简单、危害严重,如TCP淹没攻击。该文介绍一种快速、有效的方法来检测TCP SYN flooding攻击,通过线性预测分析来预防、拒绝服务攻击(DoS)。该检测机制采用TCP在响应超时情况下的指数回退算法性质,计算受攻击网络中的收到的SYN和发出的SYN＋ACK数据包数量之差进行数学建模,可以在很短的延时内检测SYN Flooding攻击。该算法可以方便地运用在叶节点路由器和防火墙中。     

列车控制系统的抗拒绝服务攻击弹性控制策略

当遭受拒绝服务(DoS)攻击时,分布式列车控制系统的弹性控制问题受到广泛关注.本文提出了一种基于分布式领导车状态观测器和障碍李雅普诺夫函数的弹性控制策略,不仅可以避免列车碰撞,同时实现了编队控制的目标.首先,给出了一种分布式的领导车状态观测器设计方法,用于实时估计领导车的状态.理论分析表明,在DoS攻击满足一定约束的条件下,该状态观测器的估计误差具有指数稳定特性.在此基础上,通过将列车碰撞避免问题转化为状态受限问题,提出一种基于障碍李雅普诺夫函数的状态受限控制律,解决了DoS攻击下确保碰撞避免的车队控制问题.最后,数值仿真证实了本文方法的有效性.     

一种基于IPv6 CGA的域内安全组播基础设施

针对任意源组播和特定源组播在抗DoS攻击方面的缺陷,论文提出了一种基于IPv6密码地址构建的域内安全组播基础设施结构。该结构通过规定域内可存在的组地址以及基于发送方和接收方证书的访问控制机制,在组播域内实现了抵抗来自恶意主机的控制平面和数据平面攻击。     

一种针对基于OpenFlow的SDN网络中控制层面的DoS攻击研究

针对OpenFlow协议报文交换机制里所有非数据报文均需要通过PACKET_IN报文上传控制器的弱点,提出一种不停查询未知转发地址从而造成SDN网络控制层面资源耗尽的新型DoS攻击方式,同时基于SDN网络可编程性提出检测攻击与降低网络时延的解决策略。首先通过SDN控制器北向应用接口,使用Defense4ALL应用中自定义功能,针对DoS攻击特性检测网络中恶意流量。然后利用控制器动态配置特性,实时更新交换机配置文件,改变网络转发策略,从而减轻攻击对整个网络造成的影响。实验仿真表明,在大规模高速攻击中,该方法的检测成功率接近100%,在攻击源较少的慢速攻击中检测成功率低于80%,整体网络延迟降低10ms以上。所提出的解决策略可以有效减少针对控制平面的DoS攻击对整个网络的干扰。     

Decentralized Resilient H∞ Load Frequency Control for Cyber-Physical Power Systems Under DoS Attacks

This paper designs a decentralized resilient H_∞ load frequency control (LFC) scheme for multi-area cyber-physical power systems (CPPSs). Under the network-based control framework, the sampled measurements are transmitted through the communication networks, which may be attacked by energy-limited denial-of-service (DoS) attacks with a characterization of the maximum count of continuous data losses (resilience index). Each area is controlled in a decentralized mode, and the impacts on one area from other areas via their interconnections are regarded as the additional load disturbance of this area. Then, the closed-loop LFC system of each area under DoS attacks is modeled as an aperiodic sampled-data control system with external disturbances. Under this modeling, a decentralized resilient H_∞ scheme is presented to design the state-feedback controllers with guaranteed H_∞ performance and resilience index based on a novel transmission interval-dependent loop functional method. When given the controllers, the proposed scheme can obtain a less conservative H_∞ performance and resilience index that the LFC system can tolerate. The effectiveness of the proposed LFC scheme is evaluated on a one-area CPPS and two three-area CPPSs under DoS attacks.      

基于生存性的DoS攻击防御方案

拒绝服务攻击(DoS)是Internet中常见的一种攻击形式,提出一种基于覆盖网络的防御DoS攻击的方案。通过覆盖网络中的冗余资源和自恢复功能确保系统在遭到DoS攻击时仍能提供一定性能的服务,并可自动从攻击中恢复正常。     

Ant-based IP traceback

The denial-of-service (DoS) attacks with the source IP address spoofing techniques has become a major threat to the Internet. An intrusion detection system is often used to detect DoS attacks and to coordinate with the firewall to block them. However, DoS attack packets consume and may exhaust all the resources, causing degrading network performance or, even worse, network breakdown. A proactive approach to DoS attacks is allocating the original attack host(s) issuing the attacks and stopping the malicious traffic, instead of wasting resources on the attack traffic.

In this paper, an ant-based traceback approach is proposed to identify the DoS attack origin. Instead of creating a new type or function or processing a high volume of fine-grained data used by previous research, the proposed traceback approach uses flow level information to identify the origin of a DoS attack.

Two characteristics of ant algorithm, quick convergence and heuristic, are adopted in the proposed approach on finding the DoS attack path. Quick convergence efficiently finds out the origin of a DoS attack; heuristic gives the solution even though partial flow information is provided by the network.

The proposed method is evaluated through simulation on various network environments and two simulated real networks, NSFNET and DFN. The simulation results show that the proposed method can successfully and efficiently find the DoS attack path in various simulated network environments, with full and partial flow information provided by the networks.     

Event-triggered containment control for multi-agent systems under hybrid cyber attacks

This paper studies event-triggered containment control problem of multi-agent systems (MASs) under deception attacks and denial-of-service (DoS) attacks. First, to save limited network resources, an event-triggered mechanism is proposed for MASs under hybrid cyber attacks. Different from the existing event-triggered mechanisms, the negative influences of deception attacks and DoS attacks are considered in the proposed triggering function. The communication frequencies between agents are reduced. Then, based on the proposed event-triggered mechanism, a corresponding control protocol is proposed to ensure that the followers will converge to the convex hull formed by the leaders under deception attacks and DoS attacks. Compared with the previous researches about containment control, in addition to hybrid cyber attacks being considered, the nonlinear functions related to the states of the agents are applied to describe the deception attack signals in the MAS. By orthogonal transformation of deception attack signals, the containment control problem under deception attacks and DoS attacks is reformulated as a stability problem. Then, the sufficient conditions on containment control can be obtained. Finally, a set of simulation example is used to verify the effectiveness of the proposed method.