Friday, March 18, 2022

Setting traps for cyber attacks

URI gets grant to help us fight cyberwar

Hugh Markey 

It’s no secret that the newest form of warfare is waged in cyber space. Bad actors are continually generating programs that attempt to disrupt American electronic infrastructure such as power grids. 

University of Rhode Assistant Professor of Engineering Hui Lin is working on a plan to combat those attacks with the help of a $500,000 grant from the National Science Foundation.

The five-year award is for “CAREER: PARP: Mislead Physical-Disruption Attacks by Preemptive Anti-Reconnaissance for Power Grids’ Cyber-Physical Infrastructures.” Lin and his team will develop programs that are designed to essentially disrupt the disruptors. 

“My research objective is to increase the resilience of industrial control systems. We’re specifically focused on the electrical power grid, and we will try to address this issue by choosing a very different option than previous research approaches.

“Generally, people may think that cyber-attacks and their detection follow a passive principle. When attacks happen, we try to detect them as soon as possible and try to recover as quickly as possible. But what I’m trying to propose is that instead of passive detection, let us disrupt reconnaissance and even mislead some of the reconnaissance that potential attackers would perform. 

It’s like setting a trap for the attackers even before they initiate any malicious activities. In this way, if the attackers can design some sort of attack strategy, their design will be based on misleading information.”

Lin hopes to develop mathematical programs that will detect when a system is being targeted. From there, his program would feed the potential attacker false information in such a way that it is accepted as accurate, all the while leaving the legitimate activities unaffected. While his current work focuses on power grids, Lin sees similar programs being developed for use in other industrial control systems.

Creating something as high-tech as what Lin proposes won’t be an easy task. “We’re mainly disrupting information provided to the suspicious user by injecting some of the data into the communications networks that may be used by a targeting system. 

One challenge is that to inject what is called ‘spoofed’ or misleading information calls for material that needs to be realistic. Another is that the information must follow the physical laws in the power system. 

For example, if you we know that the voltage level of our plug is 110 volts, but the spoofed data says that the voltage level is in this area is probably 150 volts, then the attacker would know that this is not a realistic datum. And we also need to ensure that the legitimate operation can successfully distinguish the spoofed data from the from the actual data. That is not an easy task.”

Another challenge Lin will face is the lack of prior research to aid in his work. “At this moment, there are few people doing this kind of research. If you were doing research that is based on the existing work of many people, you have a good starting point. Still, very few people are touching this field so we’re still kind of moving on by ourselves. We have to think about how to design the experiment and how to evaluate the results and consider all the possible outcomes. That’s one of the biggest challenges I’m going to face in the next five years.

“Of course, if we’re successful, researchers will be very happy to see their work applied to real utilities and benefit a large number of people.”

The details of the award can also be found on the NSF website: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2144513&HistoricalAwards=false.