面向远程状态估计的多进程信息物理系统DDoS攻击与防御策略研究

        信息物理系统(Cyber-physical Systems, CPS) 借助无线网络系统将数据通过多个信道并行传输以提高系统执行的效率。然而，无线网络具有的开放性特点导致多进程CPS 面临多种网络攻击的威胁。分布式拒绝服务（Distributed Denial of Service, DDoS）攻击是当前最受关注的网络攻击之一，其通过耗尽服务器的带宽资源来达到影响服务器正常运行的目的。但与传统针对能量限制下的拒绝服务（Denial of Service, DoS）攻击的研究不同，DDoS攻击者由于控制多台主机无法确定攻击的能量限制。目前，多种基于数据特征的DDoS攻击入侵检测系统已经应用在CPS中，但缺少针对远程状态估计的DDoS 防御策略相关的研究。而目标服务器的带宽资源上限相对容易确定，因此本文以带宽资源为限制分别研究面向远程状态估计的多进程信息物理系统DDoS攻击与防御策略，主要内容如下：
     首先，本文构建了DDoS攻击下的多进程CPS的马尔可夫决策过程(Markov Decision Processes, MDP) 数学模型。在多进程CPS中，本地传感器采集数据并将其通过路由器发送至远端估计器。而DDoS攻击者通过向路由器发送恶意数据使数据包在转发过程中出现乱序问题，同时智能路由器可以通过节流控制对DDoS攻击进行防御。该数学模型分为多进程CPS系统传输模型、路由转发及远程估计模型、DDoS攻击MDP模型和节流控制MDP模型四部分。本文所建立的数学模型解决了数据传输中的乱序问题，并且更具解释性。
       进一步地，该工作分别基于DDoS攻击MDP模型和节流控制MDP模型对DDoS攻击和防御策略进行研究。一方面，本文分为无损信道和有损信道两种情况分别对DDoS攻击策略进行分析。文章在无损信道下提出了DDoS攻击的最优攻击策略和隐蔽攻击策略，并给出了例证和理论证明。而在有损信道下分析了最优攻击策略的结构特征，并通过仿真实验验证结构的存在。另一方面，本文对有损信道下的DDoS防御策略进行研究。本文定性分析节流控制模型参数特性，并证明使远端估计误差最小的最优节流控制策略的存在性和单调结构。然后通过深度强化学习算法对所提理论进行验证，并通过修改网络结构和损失函数对算法进行改进。最后通过多次仿真实验对比分析，验证了算法改进的有效性。

[1] TAO F, QI Q, WANG L, et al. Digital twins and cyber–physical systems toward smart manufacturing and industry 4.0: correlation and comparison[J]. Engineering, 2019, 05(04): 653-661.
[2] ZHANG J, PAN L, HAN Q L, et al. Deep learning based attack detection for cyber-physical system cybersecurity: a survey[J]. IEEE/CAA Journal of Automatica Sinica, 2021, 09(03): 377-391.
[3] 孟岩. 面向智能家居的物联网安全关键技术研究[D]. 上海：上海交通大学, 2021.
[4] EDU J S, SUCH J M, SUAREZ-TANGIL G. Smart home personal assistants: a security and privacy review[J]. ACM Computing Surveys (CSUR), 2020, 53(06): 01-36.
[5] DEY N, ASHOUR A S, SHI F, et al. Medical cyber-physical systems: a survey[J]. Journal of Medical Systems, 2018, 42: 01-13.
[6] LEE I, SOKOLSKY O, CHEN S, et al. Challenges and research directions in medical cyber– physical systems[J]. Proceedings of the IEEE, 2011, 100(01): 75-90.
[7] KOCABAS O, SOYATA T, AKTAS M K. Emerging security mechanisms for medical cyber physical systems[J]. IEEE/ACM Transactions on Computational Biology and Bioinformatics, 2016, 13(03): 401-416.
[8] WHITMAN M E, MATTORD H J. Principles of information security 4th edition[M]. Cengage Learning, 2011.
[9] CHERDANTSEVA Y, HILTON J. A reference model of information assurance & security[C]. 2013 International Conference on Availability, Reliability and Security. 2013: 546-555.
[10] CASE D U. Analysis of the cyber attack on the Ukrainian power grid[J]. Electricity Information Sharing and Analysis Center (E-ISAC), 2016, 388(03): 01-29.
[11] WANG P, WU X, HE X. Modeling and analyzing cyberattack effects on connected automated vehicular platoons[J]. Transportation Research Part C: Emerging Technologies, 2020, 115: 102625-102660.
[12] KHAN S K, SHIWAKOTI N, STASINOPOULOS P, et al. Cyber-attacks in the next-generation cars, mitigation techniques, anticipated readiness and future directions[J]. Accident Analysis & Prevention, 2020, 148: 105837-105882.
[13] LI C, RAGHUNATHAN A, JHA N K. Hijacking an insulin pump: security attacks and defenses for a diabetes therapy system[C]. 2011 IEEE 13th International Conference on E-health Networking, Applications and Aervices. 2011: 150-156.
[14] RADCLIFFE J. Hacking medical devices for fun and insulin: breaking the human SCADA system[C]. Black Hat Conference Presentation Slides. 2011: 2019-2032.
[15] GRAVINA R, ALINIA P, GHASEMZADEH H, et al. Multi-sensor fusion in body sensor networks:state-of-the-art and research challenges[J]. Information Fusion, 2017, 35: 68-80.
[16] CUI Y, QIAN Q, GUO C, et al. Towards DDoS detection mechanisms in software-defined networking[J]. Journal of Network and Computer Applications, 2021, 190: 103156-103193.
[17] KAUTISH S, REYANA A, VIDYARTHI A. SDMTA: attack detection and mitigation mechanism for DDoS vulnerabilities in hybrid cloud environment[J]. IEEE Transactions on Industrial Informatics, 2022, 18(09): 6455-6463.
[18] ZAINUDIN A, AHAKONYE L A C, AKTER R, et al. An efficient Hybrid-DNN for DDoS detection and classification in Software-Defined IIoT networks[J]. IEEE Internet of Things Journal, 2023, 10(10): 8491-8504.
[19] FOULADI R F, ERMIŞ O, ANARIM E. A DDoS attack detection and countermeasure scheme based on DWT and auto-encoder neural network for SDN[J]. Computer Networks, 2022, 214: 109140.
[20] XIA S M, GUO S Z, BAI W, et al. A new smart router-throttling method to mitigate DDoS attacks[J]. IEEE Access, 2019, 07: 107952-107963.
[21] DING D, HAN Q L, XIANG Y, et al. A survey on security control and attack detection for industrial cyber-physical systems[J]. Neurocomputing, 2018, 275: 1674-1683.
[22] MIRKOVIC J, REIHER P. A taxonomy of DDoS attack and DDoS defense mechanisms[J]. ACM SIGCOMM Computer Communication Review, 2004, 34(02): 39-53.
[23] PARK K, LEE H. On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets[J]. ACM SIGCOMM Computer Communication Review, 2001, 31(04): 15-26.
[24] SYVERSON P. A taxonomy of replay attacks [cryptographic protocols][C]. Proceedings the Computer Security Foundations Workshop VII. 1994: 187-191.
[25] CHEN Y. Study on the prevention of SYN flooding by using traffic policing[C]. NOMS 2000. 2000 IEEE/IFIP Network Operations and Management Symposium ‘The Networked Planet: Management Beyond 2000’ (Cat. No.00CB37074). 2000: 593-604.
[26] DENG F G, LI X H, ZHOU H Y, et al. Improving the security of multiparty quantum secret sharing against Trojan horse attack[J]. Physical Review A, 2005, 72(04): 044302.
[27] MAHESHWARI R, GAO J, DAS S R. Detecting wormhole attacks in wireless networks using connectivity information[C]. IEEE INFOCOM 2007-26th IEEE International Conference on Computer Communications. 2007: 107-115.
[28] PENG T, LECKIE C, RAMAMOHANARAO K. Survey of network-based defense mechanisms countering the DoS and DDoS problems[J]. ACM Computing Surveys (CSUR), 2007, 39(01): 03-49.
[29] LONG N, THOMAS R. Trends in denial of service attack technology[J]. CERT Coordination Center, 2001, 648(651): 569-590.
[30] MO Y, SINOPOLI B. Secure control against replay attacks[C]. 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton). 2009: 911-918.
[31] WANG H, ZHANG D, SHIN K G. Detecting SYN flooding attacks[C]. Proceedings. Twentyfirst Annual Joint Conference of the IEEE Computer and Communications Societies. 2002: 1530-1539.
[32] SUN Q, ZHANG K, SHI Y. Resilient model predictive control of cyber–physical systems under DoS attacks[J]. IEEE Transactions on Industrial Informatics, 2020, 16(07): 4920-4927.
[33] LI T, CHEN B, YU L, et al. Active security control approach against DoS attacks in cyberphysical systems[J]. IEEE Transactions on Automatic Control, 2021, 66(09): 4303-4310.
[34] ZHOU J, SHANG J, LI Y, et al. Optimal DoS attack against LQR control channels[J]. IEEE Transactions on Circuits and Systems II: Express Briefs, 2021, 68(04): 1348-1352.
[35] YAN J J, YANG G H. Secure state estimation of nonlinear cyber-physical systems against DoS attacks: a multiobserver approach[J]. IEEE Transactions on Cybernetics, 2023, 53(03): 14471459.
[36] ZHANG H, CHENG P, SHI L, et al. Optimal denial-of-service attack scheduling with energy constraint[J]. IEEE Transactions on Automatic Control, 2015, 60(11): 3023-3028.
[37] HUANGM,DINGK,DEYS,etal. Learning-basedDoSattackpowerallocationinmultiprocess systems[J]. IEEE Transactions on Neural Networks and Learning Systems, 2023, 34(10): 80178030.
[38] REN X, WU J, DEY S, et al. Attack allocation on remote state estimation in multi-systems: structural results and asymptotic solution[J]. Automatica, 2018, 87: 184-194.
[39] PAPADOPOULOS S, DROSOU A, TZOVARAS D. A novel graph-based descriptor for the detection of billing-related anomalies in cellular mobile networks[J]. IEEE Transactions on Mobile Computing, 2016, 15(11): 2655-2668.
[40] JIA Y, ZHONG F, ALRAWAIS A, et al. FlowGuard: an intelligent edge defense mechanism against IoT DDoS attacks[J]. IEEE Internet of Things Journal, 2020, 07(10): 9552-9562.
[41] BASSIL R, CHEHAB A, ELHAJJ I, et al. Signaling oriented denial of service on LTE networks[C]. Proceedings of the 10th ACM International Symposium on Mobility Management and Wireless Access. 2012: 153-158.
[42] GUPTA A, VERMA T, BALI S, et al. Detecting MS initiated signaling DDoS attacks in 3G/4G wirelessnetworks[C].2013FifthInternationalConferenceonCommunicationSystemsandNetworks (COMSNETS). 2013: 01-60.
[43] WU G, SUN J. Optimal data integrity attack on actuators in cyber-physical systems[C]. 2016 American Control Conference (ACC). 2016: 1160-1164.
[44] QIN J, LI M, SHI L, et al. Optimal denial-of-service attack scheduling with energy constraint over packet-dropping networks[J]. IEEE Transactions on Automatic Control, 2017, 63(06): 1648-1663.
[45] GUO Z, SHI D, JOHANSSON K H, et al. Optimal linear cyber-attack on remote state estimation [J]. IEEE Transactions on Control of Network Systems, 2017, 04(01): 04-13.
[46] YANG C, YANG W, SHI H. DoS attack in centralised sensor network against state estimation [J]. IET Control Theory & Applications, 2018, 12(09): 1244-1253.
[47] TAN L, PAN Y, WU J, et al. A new framework for DDoS attack detection and defense in SDN environment[J]. IEEE Access, 2020, 08: 161908-161919.
[48] CAI T, JIA T, ADEPU S, et al. ADAM: an adaptive DDoS attack mitigation scheme in softwaredefined cyber-physical system[J]. IEEE Transactions on Industrial Informatics, 2023, 19(06): 7802-7813.
[49] 倪明, 颜诘, 柏瑞, 等. 电力系统防恶意信息攻击的思考[J]. 电力系统自动化, 2016, 40:148-151.
[50] CHEN C M, GUAN D, HUANG Y Z, et al. Attack sequence detection in cloud using hidden markov model[C]. 2012 Seventh Asia Joint Conference on Information Security. 2012: 100103.
[51] MO Y, SINOPOLI B. Secure estimation in the presence of integrity attacks[J]. IEEE Transactions on Automatic Control, 2014, 60(04): 1145-1151.
[52] GAO R, HUANG J, WANG L. Leaderless consensus control of uncertain multi-agents systems with sensor and actuator attacks[J]. Information Sciences, 2019, 505: 144-156.
[53] CHEN Y, KAR S, MOURA J M. Resilient distributed estimation: sensor attacks[J]. IEEE Transactions on Automatic Control, 2018, 64(09): 3772-3779.
[54] MA R, SHI P, WU L. Dissipativity-based sliding-mode control of cyber-physical systems under denial-of-service attacks[J]. IEEE Transactions on Cybernetics, 2020, 51(05): 2306-2318.
[55] FENG S, CETINKAYA A, ISHII H, et al. Networked control under DoS attacks: tradeoffs between resilience and data rate[J]. IEEE Transactions on Automatic Control, 2021, 66(01): 460-467.
[56] HOVARESHTI P, GUPTA V, BARAS J S. Sensor scheduling using smart sensors[C]. 2007 46th IEEE Conference on Decision and Control. 2007: 494-499.
[57] ANDERSON B D, MOORE J B. Optimal filtering[M]. Courier Corporation, 2012.
[58] WEI D X, JIN C, LOW S H, et al. FAST TCP: motivation, architecture, algorithms, performance [J]. IEEE/ACM Transactions on Networking, 2006, 14(06): 1246-1259.
[59] SHORTEN R, WIRTH F, LEITH D. A positive systems model of TCP-like congestion control: asymptotic results[J]. IEEE/ACM Transactions on Networking, 2006, 14(03): 616-629.
[60] YAU D K, LUI J C, LIANG F, et al. Defending against distributed denial-of-service attacks with max-min fair server-centric router throttles[J]. IEEE/ACM Transactions On Networking, 2005, 13(01): 29-42.
[61] HOLLOT C V, MISRA V, TOWSLEY D, et al. Analysis and design of controllers for AQM routers supporting TCP flows[J]. IEEE Transactions on Automatic Control, 2002, 47(06): 945959.
[62] MALIALIS K, KUDENKO D. Multiagent router throttling: decentralized coordinated response against ddos attacks[C]. Proceedings of the AAAI Conference on Artificial Intelligence. 2013: 1551-1556.
[63] YANG G, WANG R, SABBAGH A, et al. Modeling optimal retransmission timeout interval for bundle protocol[J]. IEEE Transactions on Aerospace and Electronic Systems, 2018, 54(05): 2493-2508.
[64] LIU A, ZHANG W A, YU L, et al. New results on stabilization of networked control systems with packet disordering[J]. Automatica, 2015, 52: 255-259.
[65] YAO G, BEDEWY A M, SHROFF N B. Age-optimal low-power status update over timecorrelated fading channel[J]. IEEE Transactions on Mobile Computing, 2022, 22(08): 45004514.
[66] WU Y, DING K, LI Y, et al. Optimal unbiased linear sensor fusion over multiple lossy channels with collective observability[J]. Automatica, 2021, 128: 109568-109582.
[67] HERNÁNDEZ-LERMA O, LASSERRE J B. Discrete-time markov control processes: basic optimality criteria: volume 30[M]. Springer Science & Business Media, 2012.
[68] TOPKIS D M. Supermodularity and complementarity[M]. Princeton University Press, 2011.
[69] PUTERMAN M L. Markov decision processes: discrete stochastic dynamic programming[M]. John Wiley & Sons, 2014.