scispace - formally typeset
Search or ask a question
Topic

Replay attack

About: Replay attack is a research topic. Over the lifetime, 2578 publications have been published within this topic receiving 36270 citations. The topic is also known as: playback attack.


Papers
More filters
Posted Content
TL;DR: This paper proposes a mathematical framework for cyber-physical systems, attacks, and monitors, and describes fundamental monitoring limitations from system-theoretic and graph- theoretic perspectives and designs centralized and distributed attack detection and identification monitors.
Abstract: Cyber-physical systems integrate computation, communication, and physical capabilities to interact with the physical world and humans. Besides failures of components, cyber-physical systems are prone to malignant attacks, and specific analysis tools as well as monitoring mechanisms need to be developed to enforce system security and reliability. This paper proposes a unified framework to analyze the resilience of cyber-physical systems against attacks cast by an omniscient adversary. We model cyber-physical systems as linear descriptor systems, and attacks as exogenous unknown inputs. Despite its simplicity, our model captures various real-world cyber-physical systems, and it includes and generalizes many prototypical attacks, including stealth, (dynamic) false-data injection and replay attacks. First, we characterize fundamental limitations of static, dynamic, and active monitors for attack detection and identification. Second, we provide constructive algebraic conditions to cast undetectable and unidentifiable attacks. Third, by using the system interconnection structure, we describe graph-theoretic conditions for the existence of undetectable and unidentifiable attacks. Finally, we validate our findings through some illustrative examples with different cyber-physical systems, such as a municipal water supply network and two electrical power grids.

1,190 citations

Proceedings ArticleDOI
30 Sep 2009
TL;DR: This paper analyzes the effect of replay attacks on a control system and proposes a countermeasure that guarantees a desired probability of detection by trading off either detection delay or LQG performance, either by decreasing control accuracy or increasing control effort.
Abstract: This paper analyzes the effect of replay attacks on a control system. We assume an attacker wishes to disrupt the operation of a control system in steady state. In order to inject an exogenous control input without being detected the attacker will hijack the sensors, observe and record their readings for a certain amount of time and repeat them afterwards while carrying out his attack. This is a very common and natural attack (we have seen numerous times intruders recording and replaying security videos while performing their attack undisturbed) for an attacker who does not know the dynamics of the system but is aware of the fact that the system itself is expected to be in steady state for the duration of the attack. We assume the control system to be a discrete time linear time invariant gaussian system applying an infinite horizon Linear Quadratic Gaussian (LQG) controller. We also assume that the system is equipped with a χ2 failure detector. The main contributions of the paper, beyond the novelty of the problem formulation, consist in 1) providing conditions on the feasibility of the replay attack on the aforementioned system and 2) proposing a countermeasure that guarantees a desired probability of detection (with a fixed false alarm rate) by trading off either detection delay or LQG performance, either by decreasing control accuracy or increasing control effort.

827 citations

Journal ArticleDOI
Gavin Lowe1
TL;DR: An attack upon the Needham-Schroeder public-key authentication protocol is presented, which allows an intruder to impersonate another agent.

708 citations

Journal ArticleDOI
TL;DR: An overview of recent advances on security control and attack detection of industrial CPSs is presented, and robustness, security and resilience as well as stability are discussed to govern the capability of weakening various attacks.

663 citations

Proceedings ArticleDOI
14 Mar 2004
TL;DR: This work introduces a simple scheme relying on one way hash-functions that greatly enhances location privacy by changing traceable identifiers on every read getting by with only a single, unreliable message exchange.
Abstract: Radio-frequency identification devices (RFID) may emerge as one of the most pervasive computing technologies in history. On the one hand, with tags affixed to consumer items as well as letters, packets or vehicles costs in the supply chain can be greatly reduced and new applications introduced. On the other hand, unique means of identification in each tag like serial numbers enable effortless traceability of persons and goods. But data protection and privacy are worthwhile civil liberties. We introduce a simple scheme relying on one way hash-functions that greatly enhances location privacy by changing traceable identifiers on every read getting by with only a single, unreliable message exchange. Thereby the scheme is safe from many threats like eavesdropping, message interception, spoofing, and replay attacks.

568 citations


Network Information
Related Topics (5)
Wireless sensor network
142K papers, 2.4M citations
86% related
Encryption
98.3K papers, 1.4M citations
86% related
Key distribution in wireless sensor networks
59.2K papers, 1.2M citations
84% related
Wireless network
122.5K papers, 2.1M citations
84% related
Network packet
159.7K papers, 2.2M citations
83% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202354
2022168
2021188
2020235
2019261
2018213