ConAML: Constrained Adversarial Machine Learning for Cyber-Physical Systems

Li, Jiangnan; Yang, Yingyuan; Sun, Jianhua; Tomsovic, Kevin; Qi, Hairong

doi:10.1145/3433210.3437513

Cited by 36 publications

(27 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This action may present a built-in defense mechanism. Li et al study potential vulnerabilities of ML applied in power systems by proposing constraints that adversarial examples must satisfy the intrinsic constraints of physical systems [14]. In power system SE the physical constraints have already been encoded in the mathematical model; however Liu et al propose an approach that guarantees attacker to pass those constraints in linear case [12].…”

Section: Problem Statementmentioning

confidence: 99%

See 1 more Smart Citation

Exploring Physical-Based Constraints in Short-Term Load Forecasting: A Defense Mechanism Against Cyberattack

Dezvarei¹,

Tomsovic²,

Sun³

et al. 2022

Preprint

Self Cite

View full text Add to dashboard Cite

Short term load forecasting is an essential task that supports utilities to schedule generating sufficient power for balancing supply and demand, and can become an attractive target for cyber attacks. It has been shown that the power system state estimation is vulnerable to false data injection attacks. Similarly, false data injection on input variables can result in large forecast errors. The load forecasting system should have a protective mechanism to mitigate such attacks. One approach is to model physical system constraints that would identify anomalies. This study investigates possible constraints associated with a load forecasting application. Looking at regional forecasted loads, we analyze the relation between each zone through similarity measures used in time series in order to identify constraints. Comprehensive results for historical ERCOT load data indicate variation in the measures recognizing the existence of malicious action. Still, these static measures can not be considered an efficient index across different scenarios.

show abstract

Section: Problem Statementmentioning

confidence: 99%

“…To address this issue, physical-based constraints can provide a stronger obstacle for attacker. Li et al propose adding inherent constraints in power system state estimation (SE) [14]. This idea makes a further constrained problem that needs to be solved by attackers while satisfying the physical systems' inherent constraints.…”

Section: Introductionmentioning

confidence: 99%

Exploring Physical-Based Constraints in Short-Term Load Forecasting: A Defense Mechanism Against Cyberattack

Dezvarei¹,

Tomsovic²,

Sun³

et al. 2022

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…As per Section 4.3.3, we apply a constrained gradient-guided mutation on the selected top test cases to maximize their likelihood of leading to traffic violations. The procedure, shown in Algorithm 1, is adapted from the constrained adversarial attack in [39].…”

mentioning

confidence: 99%

“…The simplest solution is to discard the perturbations (and subsequent iterations) that lead to constraint violation. However, as shown in [39], the insight for linear constraints is if an original (unperturbed) test case satisfies the constraints and the perturbation alone satisfies the constraints as well, then the perturbed test case also satisfies the constraints. Thus, only the perturbation needs to be checked against the constraints after each iteration.…”

mentioning

confidence: 99%

“…Thus, only the perturbation needs to be checked against the constraints after each iteration. If some constraints are violated, we apply a linear regression to the perturbation to map it back within the constrained region (motivated by [39]). For the linear regression, the non-constant part of the constraints are weights W where each row corresponds to the coefficients of one constraint, the constant parts 𝑦 are the objectives, and the projected perturbation 𝑑𝑥 𝑝𝑟𝑜 𝑗 are the variables to search for.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Neural Network Guided Evolutionary Fuzzing for Finding Traffic Violations of Autonomous Vehicles

Zhong¹,

Kaiser²,

Ray³

2021

Preprint

View full text Add to dashboard Cite

Self-driving cars and trucks, autonomous vehicles (avs), should not be accepted by regulatory bodies and the public until they have much higher confidence in their safety and reliability -which can most practically and convincingly be achieved by testing. But existing testing methods are inadequate for checking the end-toend behaviors of av controllers against complex, real-world corner cases involving interactions with multiple independent agents such as pedestrians and human-driven vehicles. While test-driving avs on streets and highways fails to capture many rare events, existing simulation-based testing methods mainly focus on simple scenarios and do not scale well for complex driving situations that require sophisticated awareness of the surroundings. To address these limitations, we propose a new fuzz testing technique, called AutoFuzz, which can leverage widely-used av simulators' API grammars. to generate semantically and temporally valid complex driving scenarios (sequences of scenes). AutoFuzz is guided by a constrained Neural Network (NN) evolutionary search over the API grammar to generate scenarios seeking to find unique traffic violations. Evaluation of our prototype on one state-of-the-art learning-based controller and two rule-based controllers shows that AutoFuzz efficiently finds hundreds of realistic traffic violations resembling real-world crashes. Further, fine-tuning the learning-based controller with the traffic violations found by AutoFuzz successfully reduced the traffic violations found in the new version of the av controller software.

show abstract

Understanding the Ineffectiveness of the Transfer Attack in Intrusion Detection System

Duan,

Zhao,

Luo

et al. 2024

Advances in Information Security

View full text Add to dashboard Cite

ConAML: Constrained Adversarial Machine Learning for Cyber-Physical Systems

Cited by 36 publications

References 47 publications

Exploring Physical-Based Constraints in Short-Term Load Forecasting: A Defense Mechanism Against Cyberattack

Exploring Physical-Based Constraints in Short-Term Load Forecasting: A Defense Mechanism Against Cyberattack

Neural Network Guided Evolutionary Fuzzing for Finding Traffic Violations of Autonomous Vehicles

Understanding the Ineffectiveness of the Transfer Attack in Intrusion Detection System

Contact Info

Product

Resources

About