Your search keyword '"Peng, Xun"' showing total 13 results

1. Social Collective Attack Model and Procedures for Large-Scale Cyber-Physical Systems

Author

Yinqiao Xiong, Yifan Hu, Peng Xun, and Peidong Zhu

Subjects

Computer science, 020209 energy, 02 engineering and technology, security, Computer security, computer.software_genre, lcsh:Chemical technology, Biochemistry, Article, threat model, Analytical Chemistry, cyber-physical system, Attack model, collective behavior, 0202 electrical engineering, electronic engineering, information engineering, lcsh:TP1-1185, Electrical and Electronic Engineering, Instrumentation, Cyber-physical system, social users, 020206 networking & telecommunications, Adversary, Atomic and Molecular Physics, and Optics, disinformation, Smart grid, Threat model, Disinformation, computer

Abstract

A large-scale Cyber-Physical System (CPS) such as a smart grid usually provides service to a vast number of users as a public utility. Security is one of the most vital aspects in such critical infrastructures. The existing CPS security usually considers the attack from the information domain to the physical domain, such as injecting false data to damage sensing. Social Collective Attack on CPS (SCAC) is proposed as a new kind of attack that intrudes into the social domain and manipulates the collective behavior of social users to disrupt the physical subsystem. To provide a systematic description framework for such threats, we extend MITRE ATT&amp, CK, the most used cyber adversary behavior modeling framework, to cover social, cyber, and physical domains. We discuss how the disinformation may be constructed and eventually leads to physical system malfunction through the social-cyber-physical interfaces, and we analyze how the adversaries launch disinformation attacks to better manipulate collective behavior. Finally, simulation analysis of SCAC in a smart grid is provided to demonstrate the possibility of such an attack.

Published

2021

2. Successive direct load altering attack in smart grid

Author

Peidong Zhu, Sabita Maharjan, Peng Xun, and Pengshuai Cui

Subjects

021110 strategic, defence & security studies, Focus (computing), General Computer Science, Computer science, 020209 energy, Real-time computing, 0211 other engineering and technologies, food and beverages, 02 engineering and technology, Attack model, Smart grid, Component (UML), 0202 electrical engineering, electronic engineering, information engineering, Law

Abstract

In smart grid, a malicious entity can launch a direct load altering attack by injecting false commands into aggregators responsible for direct load control. It may remotely manipulate load, causing deviation in the operating frequency, and consequently lead to disruption in the system. In this paper, we mainly focus on the successive direct load altering attack, with which the attacker can continuously manipulate aggregators to achieve the larger impact. In addition to resulting in a larger impact, it is difficult for the controllers to detect such attacks as the attackers can inject false data to contaminate feedback data from aggregators to controllers. We present an attack model, and our analysis in this paper is from an attacker’s perspective. Our model and analysis can serve as an important component also in the future for designing the counter strategies to such attacks. We propose a new frequency response model, which shows changes of the frequency undergoing a successive direct load altering attack. Attackers can utilize this model to analyze the impact of an attack sequence. Considering that attack sequences with different false commands can result in different levels of impact, we develop a three-step optimization method to analyze and find the optimal attack sequence. Our simulation results validate the feasibility and effectiveness of the successive direct load altering attacks.

Published

2018

3. Network-based multidimensional moving target defense against false data injection attack in power system

Author

Yifan Hu, Peng Xun, Yinqiao Xiong, Chenxi Hu, Weiheng Shi, Peidong Zhu, and Yufei Zhu

Subjects

Preparation stage, General Computer Science, Computer science, Network packet, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Electric power system, Transmission (telecommunications), Multiple time dimensions, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Moving target defense, Law, computer

Abstract

Carefully-crafted attackers usually collect sufficient information regarding cyber-physical system (CPS) resources from accessible network communications before performing destructive activities. If these sophisticated cyberattacks like false data injection attack (FDIA) are developed, they are typically stealthy and barely detectable through general passive defense approaches. In this paper, we propose a network-based multidimensional moving target defense (NMMTD) mechanism for power system, which focuses on disrupting the development of FDIA in the preparation stage. We extend the attack space into multiple dimensions by randomizing data acquisitions in multiple rounds. In each round, we increase apparent complexity and uncertainty in network communications with different controlled changes. To reduce the traffic burden, we include the packet dropping policy in NMMTD for transparent network transmission. We demonstrate the effectiveness of NMMTD in preventing the attacker from intercepting data packets and securing power system against FDIA with little impact on both network and system performances.

Published

2021

4. An experimental study: An interpretative division method on principal component analysis

Author

Peng Xun, Ke Wang, Peidong Zhu, and Bowen Shang

Subjects

Statistics and Probability, 0209 industrial biotechnology, Computer science, General Engineering, 02 engineering and technology, Division (mathematics), computer.software_genre, 020901 industrial engineering & automation, Artificial Intelligence, Principal component analysis, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Data mining, computer

Published

2017

5. Detectors on Edge Nodes against False Data Injection on Transmission Lines of Smart Grid

Author

Peng Xun, Yinqiao Xiong, Zhenyu Zhang, Pengshuai Cui, and Peidong Zhu

Subjects

021110 strategic, defence & security studies, Computer Networks and Communications, Computer science, 020209 energy, Real-time computing, lcsh:Electronics, false data injection, 0211 other engineering and technologies, Programmable logic controller, Cyber-physical system, detection, lcsh:TK7800-8360, 02 engineering and technology, cyber-physical system, Smart grid, Electric power transmission, edge computing, Hardware and Architecture, Control and Systems Engineering, Control theory, Signal Processing, 0202 electrical engineering, electronic engineering, information engineering, Enhanced Data Rates for GSM Evolution, Electrical and Electronic Engineering, Edge computing

Abstract

False data injection (FDI) attack is a hot topic in large-scale Cyber-Physical Systems (CPSs), which can cause bad state estimation of controllers. In this paper, we focus on FDI detection on transmission lines of the smart grid. We propose a novel and effective detection framework to identify FDI attacks. Different from the previous methods, there are multi-tier detectors which utilize edge nodes such as the programmable logic controllers (PLCs) instead of the central controller to detect attacks. The proposed framework can decrease the transmission time of data to reduce the latency of decisions because many sensory data need not be transmitted to the central controller for detection. We also develop a detection algorithm which utilizes classifiers based on machine learning to identify FDI. The training process is split from every edge node and is placed on the central node. The detectors are lightweight and are properly adopted in our detection framework. Our simulation experiments show that the proposed detection framework can provide better detection results than the existing detection approaches.

Published

2018

6. False Data Injection Attack Based on Hyperplane Migration of Support Vector Machine in Transmission Network of the Smart Grid

Author

Peng Xun, Baoyao Wang, Yingwen Chen, Zhenyu Zhang, and Peidong Zhu

Subjects

Physics and Astronomy (miscellaneous), Computer science, 020209 energy, General Mathematics, 020208 electrical & electronic engineering, Real-time computing, Detector, smart grid, false data injection, support vector machine, hyperplane migration, 02 engineering and technology, Field (computer science), Support vector machine, Core (game theory), Smart grid, Hyperplane, Chemistry (miscellaneous), Transmission network, 0202 electrical engineering, electronic engineering, information engineering, Computer Science (miscellaneous), Key (cryptography), Computer Science::Cryptography and Security

Abstract

The smart grid is a key piece of infrastructure and its security has attracted widespread attention. The false data injection (FDI) attack is one of the important research issues in the field of smart grid security. Because this kind of attack has a great impact on the safe and stable operation of the smart grid, many effective detection methods have been proposed, such as an FDI detector based on the support vector machine (SVM). In this paper, we first analyze the problem existing in the detector based on SVM. Then, we propose a new attack method to reduce the detection effect of the FDI detector based on SVM and give a proof. The core of the method is that the FDI detector based on SVM cannot detect the attack vectors which are specially constructed and can replace the attack vectors into the training set when it is updated. Therefore, the training set is changed and then the next training result will be affected. With the increase of the number of the attack vectors which are injected into the positive space, the hyperplane moves to the side of the negative space, and the detection effect of the FDI detector based on SVM is reduced. Finally, we analyze the impact of different data injection modes for training results. Simulation experiments show that this attack method can impact the effectiveness of the FDI detector based on SVM.

Published

2018

7. Degrading Detection Performance of Wireless IDSs Through Poisoning Feature Selection

Author

Qiang Liu, Peng Xun, Yifan Dong, Peidong Zhu, and Yingwen Chen

Subjects

Computer science, business.industry, Backtracking line search, Word error rate, Feature selection, 02 engineering and technology, Intrusion detection system, computer.software_genre, 01 natural sciences, 010104 statistics & probability, symbols.namesake, 020204 information systems, Lagrange multiplier, 0202 electrical engineering, electronic engineering, information engineering, symbols, Wireless, Data mining, 0101 mathematics, business, Classifier (UML), computer, Wireless sensor network

Abstract

Machine learning algorithms have been increasingly adopted in Intrusion Detection Systems (IDSs) and achieved demonstrable results, but few studies have considered intrinsic vulnerabilities of these algorithms in adversarial environment. In our work, we adopt poisoning attack to influence the accuracy of wireless IDSs that adopt feature selection algorithms. Specifically, we adopt the gradient poisoning method to generate adversarial examples which induce classifier to select a feature subset to make the classification error rate biggest. We consider the box-constrained problem and use Lagrange multiplier and backtracking line search to find the feasible gradient. To evaluate our method, we experimentally demonstrate that our attack method can influence machine learning, including filter and embedded feature selection algorithms using three benchmark network public datasets and a wireless sensor network dataset, i.e., KDD99, NSL-KDD, Kyoto 2006+ and WSN-DS. Our results manifest that gradient poisoning method causes a significant drop in the classification accuracy of IDSs about 20%.

Published

2018

8. Load Scheduling of Thermostatical House-Hold Appliances Against Abrupt Changes in Smart Grid

Author

Peng Xun, Lu Feng, Pengshaui Cui, and Peidong Zhu

Subjects

Computer science, 020209 energy, Distributed computing, Reliability (computer networking), ComputerApplications_COMPUTERSINOTHERSYSTEMS, 02 engineering and technology, Load scheduling, Supply and demand, Scheduling (computing), Synchronization (alternating current), Smart grid, 0202 electrical engineering, electronic engineering, information engineering, Power grid, State (computer science)

Abstract

The security of power grid is of great importance for the development of modern society, and the balance of supply and demand is critical to ensure the reliability and security. Smart appliances, which are important parts of smart grid and can help balance the supply and demand. The load scheduling can decide whether the appliances should be running or resting at some point, and the load scheduling of thermostatical house-hold appliances can help securing the smart grid when abrupt changes occur. However, the load scheduling should be user-friendly, which have been ignored in many researches. In this paper, user-friendliness indicators of a load scheduling are given. We propose a load scheduling of thermostatical house-hold appliances against abrupt changes in smart grid, and each appliance is treated as an agent. Each agent chooses to run or rest based on the state of the smart grid and its own state. The simulation results show that the load scheduling we propose is user-friendly and can keep the smart grid in a safe state.

Published

2017

9. Command Disaggregation Attack and Mitigation in Industrial Internet of Things

Author

Peng Xun, Yifan Hu, Pengshuai Cui, Yan Zhang, and Peidong Zhu

Subjects

Engineering, command disaggregation, Physical system, cyber-physical attack, industrial Internet of Things, command correlation, attack detection, 02 engineering and technology, lcsh:Chemical technology, Computer security, computer.software_genre, Biochemistry, Article, Analytical Chemistry, Attack model, Control theory, 0202 electrical engineering, electronic engineering, information engineering, lcsh:TP1-1185, Electrical and Electronic Engineering, Instrumentation, Focus (computing), business.industry, Programmable logic controller, Process (computing), 020206 networking & telecommunications, Atomic and Molecular Physics, and Optics, Industrial Internet, 020201 artificial intelligence & image processing, business, computer

Abstract

A cyber-physical attack in the industrial Internet of Things can cause severe damage to physical system. In this paper, we focus on the command disaggregation attack, wherein attackers modify disaggregated commands by intruding command aggregators like programmable logic controllers, and then maliciously manipulate the physical process. It is necessary to investigate these attacks, analyze their impact on the physical process, and seek effective detection mechanisms. We depict two different types of command disaggregation attack modes: (1) the command sequence is disordered and (2) disaggregated sub-commands are allocated to wrong actuators. We describe three attack models to implement these modes with going undetected by existing detection methods. A novel and effective framework is provided to detect command disaggregation attacks. The framework utilizes the correlations among two-tier command sequences, including commands from the output of central controller and sub-commands from the input of actuators, to detect attacks before disruptions occur. We have designed components of the framework and explain how to mine and use these correlations to detect attacks. We present two case studies to validate different levels of impact from various attack models and the effectiveness of the detection framework. Finally, we discuss how to enhance the detection framework.

Published

2017

10. Parallelization of skyline probability computation over uncertain preferences

Author

Peng Xun, Peidong Zhu, Xiaoyong Li, Haoyang Zhu, and Qiang Liu

Subjects

Skyline, Theoretical computer science, Computer Networks and Communications, Computer science, Computation, Parallel algorithm, 02 engineering and technology, Object (computer science), computer.software_genre, Computer Science Applications, Theoretical Computer Science, Data set, Computational Theory and Mathematics, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Data mining, computer, Software

Abstract

Summary Query processing over uncertain preferences is very common in real-life situations, because many times, we cannot model users' preferences as strict partial orders. In this paper, we investigate skyline queries over uncertain preferences. The latest state-of-the-art algorithm, called Usky-base algorithm, makes significant advances. However, it still needs to be perfected in 2 aspects. (1) Theoretic analysis: The correctness of the algorithm is not fully verified. (2) Efficiency: Due to the heavy calculation introduced by adopting inclusion-exclusion principle to express the skyline probability, it needs massive time when computing skyline probabilities for large data sets. To address the above 2 concerns, we first review the Usky-base algorithm and lemmas it based on. Then we propose a novel parallel algorithm, called Parallel-sky, to compute skyline probability of a given object. Moreover, we propose an adding algorithm and a deleting algorithm to deal with dynamic scenarios where new objects are added in and outdated objects are deleted out. Furthermore, we extend our algorithm from computing skyline probability of a given object to all objects in a data set. We conduct extensive experiments on real and synthetic data sets to validate the effectiveness and efficiency of our proposals.

Published

2017

11. Discovering Multi-type Correlated Events with Time Series for Exception Detection of Complex Systems

Author

Peng Xun, Cun-Lu Li, Peidong Zhu, and Haoyang Zhu

Subjects

Series (mathematics), business.industry, Computer science, Complex system, Cloud computing, 02 engineering and technology, Type (model theory), computer.software_genre, Data set, 020204 information systems, Correlation analysis, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Data mining, Time series, business, computer

Abstract

With the increase of systems' complexity, exception detection becomes more important and difficult. For most complex systems, like cloud platform, exception detection is mainly conducted by analyzing a large amount of telemetry data collected from systems at runtime. Time series data and events data are two major types of telemetry data. Techniques of correlation analysis are important tools that are widely used by engineers for data-driven exception detection. Despite their importance, there has been little previous work addressing the correlations between two types of heterogeneous data for exception detection: continuous time series data and temporal events data. In this paper, we propose an approach to discovery the correlation between multi-type time series data and multi-type events data. Correlations between multi-type events data and multi-type time series data are used to detect systems' exceptions. Our experimental results on real data sets demonstrate the effectiveness of our method for exception detection.

Published

2016

12. Robustness of Cyber-Physical Systems against Simultaneous, Sequential and Composite Attack

Author

Pengshuai Cui, Peng Xun, Chengcheng Shao, and Peidong Zhu

Subjects

021110 strategic, defence & security studies, Computer Networks and Communications, Computer science, lcsh:Electronics, Data_MISCELLANEOUS, 0211 other engineering and technologies, Cyber-physical system, lcsh:TK7800-8360, 020207 software engineering, robustness, simultaneous attack, 02 engineering and technology, Computer security, computer.software_genre, composite attack, Attack model, Hardware and Architecture, Control and Systems Engineering, Robustness (computer science), Signal Processing, 0202 electrical engineering, electronic engineering, information engineering, sequential attack, Electrical and Electronic Engineering, computer, cyber physical systems

Abstract

In this paper, a failure model of Cyber-Physical systems and an attack model are proposed. We divide the attacks into three kinds: simultaneous attack, sequential attack and composite attack. Through numerical simulations, we find that: (1) the sequential attack may bring more damage in single physical systems, (2) the coupling process of cyber system and physical systems makes it possible that sequential attack causes more damage than simultaneous attacks when the attackers only attack the cyber system, (3) with some target sets, composite attack leads to more failures than both simultaneous attack and sequential attack. The above results suggest that defenders should take all the three kinds of attacks into account when they select the critical nodes.

Published

2018

13. Parallelization of group-based skyline computation for multi-core processors

Author

Qiang Liu, Xiaoyong Li, Peng Xun, Peidong Zhu, and Haoyang Zhu

Subjects

Skyline, Multi-core processor, Speedup, Computer Networks and Communications, Computer science, Parallel algorithm, InformationSystems_DATABASEMANAGEMENT, 02 engineering and technology, Parallel computing, Computer Science Applications, Theoretical Computer Science, Data set, Computational Theory and Mathematics, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Throughput (business), Software

Abstract

Summary Skyline computation is particularly useful in multi-criteria decision-making applications. However, it is inadequate to answer queries that need to analyze not only individual points but also groups of points. Compared to the traditional skyline computation, computing group-based skyline is much more complicated and expensive. This computational challenge promotes us to use modern computing platforms to accelerate the computation. In this paper, we introduce a novel multi-core algorithm to compute group-based skyline. We first compute the skyline layers of a data set in parallel, which are a critical intermediate result. In the algorithm, we maintain an efficiently updatable data structure for the shared global skyline layers, which is used to minimize dominance tests and maintain high throughput. Then we design an efficient parallel algorithm to find group-based skyline based on the skyline layers. Extensive experimental results on real and synthetic data sets show that our algorithms achieve 10-fold speedup with 16 parallel threads over state-of-the-art sequential algorithms on challenging workloads.

Published

2017