Physics-Driven Page Fault Handling for Customized Deception against CPS Malware-Reference-Cited by-同舟云学术

Physics-Driven Page Fault Handling for Customized Deception against CPS Malware

Published:2022-05-28 Issue:3 Volume:21 Page:1-36
ISSN:1539-9087
Container-title:ACM Transactions on Embedded Computing Systems
language:en
Short-container-title:ACM Trans. Embed. Comput. Syst.

Author:

Rrushi Julian L.¹^ORCID

Affiliation:

1. Oakland University, Rochester, MI

Abstract

Malware crafted to attack cyber-physical systems such as the electrical power grid have a physics-centric nucleus. Cyber-physical systems malware understand physics and hence use their knowledge to guide how they initiate physical damage on a compromised industrial computer. We develop a physics-driven page fault handler in the seL4 microkernel, which, in addition to reducing the page fault rate, differentiates active physics in main memory from passive physics in the backing store. We aid the identification of active physics via a CPU scheduler that tracks the evolution of active physics over time. We exploit the concept of active physics to develop deception that is customized to attack the physics-centric nucleus of malware. We evaluated this research against a variety of malware samples and techniques, including both numerous samples from publicly available repositories and custom-made academic code, and present our findings in the article. The physics data of reference pertain to an electrical substation, with a higher focus on a power transformer and related industrial computer algorithms.

Funder

U.S. Department of Energy

daho National Laboratory

Publisher

Association for Computing Machinery (ACM)

Subject

Hardware and Architecture,Software

Link

https://dl.acm.org/doi/pdf/10.1145/3502742

Reference42 articles.

1. GitHub. n.d. GridPot: Symbolic Cyber-Physical Honeynet Framework. Retrieved February 11 2022 from https://github.com/sk4ld/gridpot.

2. Luis Garcia Ferdinand Brasser Mehmet H. Cintuglu Ahmad-Reza Sadeghi Osama Mohammed and Saman Zonouz. 2017. Hey my malware knows physics! Attacking PLCs with physical model aware rootkit. In Proceedings of the Networks and Distributed Systems Symposium .

3. Robert M. Lee Michael J. Assante and Tim Conway. 2016. Analysis of the Cyber Attack on the Ukrainian Power Grid . Defense Use Case White Paper. Available at at https://ics.sans.org/media/E-ISAC_SANS_Ukraine_DUC_5.pdf.

4. Abraham Silberschatz Peter Baer Galvin and Greg Gagne. 2012. Operating System Concepts (9th ed.). Wiley.

5. U.S. Department of Energy. 2006. Benefits of Using Mobile Transformers and Mobile Substations for Rapidly Restoring Electrical Service . Report to the United States Congress pursuant to Section 1816 of the Energy Policy Act of 2005. Retrieved February 11 2022 from http://energy.gov/sites/prod/files/oeprod/DocumentsandMedia/MTS_Report_to_Congress_FINAL_73106.pdf.

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A Comprehensive Survey of Cybersecurity Threats, Attacks, and Effective Countermeasures in Industrial Internet of Things;Technologies;2023-11-13