IEEE Access (Jan 2024)

Experimental Validation of the Attack-Detection Capability of Encrypted Control Systems Using Man-in-the-Middle Attacks

  • Akane Kosugi,
  • Kaoru Teranishi,
  • Kiminao Kogiso

DOI
https://doi.org/10.1109/ACCESS.2024.3353289
Journal volume & issue
Vol. 12
pp. 10535 – 10547

Abstract

Read online

In this study, the effectiveness of encrypted control systems in detecting attacks is experimentally demonstrated using a networked control system testbed that allows for man-in-the-middle (MITM) attacks. The developed testbed is a networked position control system for an industrial-use linear stage. Generally, an attacker can reroute and modify packet data via a wireless router, harnessing the address-resolution-protocol-spoofing technique, which allows for the execution of MITM attacks, such as falsification and replay attacks. The deployed MITM-attack-detection method is grounded on a threshold-based method that monitors control inputs. The demonstration examines falsification- and replay-attack scenarios across unencrypted, static-key, and key-updatable encrypted control systems. The results confirm that encrypted control systems are both effective and apt in detecting attacks in real time. Furthermore, the potential for developing alternative attack-detection schemes based on variations in processing times is discussed.

Keywords