Abstract

Critical Information Infrastructures (CII) encompass the fundamental computer systems that ensure the continuous delivery of essential services, including sectors such as energy, water, and infocomm. Safeguarding these systems against both physical and cyber threats is crucial to maintaining the continuity and resilience of the services they support. The growing interconnectivity of these systems has amplified security risks. Attackers possessing domain-specific knowledge are better equipped to carry out sophisticated, stealthy attacks that are difficult to detect using traditional detection mechanisms, potentially causing significant impact if successful. This underscores the urgent need for comprehensive and robust security countermeasures. In this thesis, we provide three main contributions by showcasing stealthy attack methods on realistic Industrial Control Systems (ICS) testbeds and a commercial 5G network. In response to these risks, we suggest countermeasures based on digital twin technology.

Our first contribution illustrates the impact of exploiting vulnerabilities in individual protocols and Programmable Logic Controller (PLC) on the realistic ICS test bed known as the Electric Power and Intelligent Control (EPIC) test bed. We propose several coordinated attack techniques to manipulate multiple protocols or PLCs, aiming for a more prolonged, stealthy, and significant adversarial impact on ICS.

As our second contribution, we introduce a stealthy denial-of-service (DoS) attack technique known as “5G-Muffler,” specifically designed to target the Open Fronthaul Interface of the O-RAN 5G Network. The 5G-Muffler disrupts the random access process, which is the initial step for user equipment (UE) to connect to the network. By preventing UEs from completing this critical step, the 5G-Muffler effectively renders the 5G network inaccessible. Furthermore, this attack remains undetected by anomaly detection mechanisms operating above the physical layer.

In our third contribution, we present countermeasures employing a digital-twin based attestation solution. For ICS, we introduce “DNAttest” a digital-twin-based non-intrusive attestation technology aimed at safeguarding PLCs. Given the transient uncertainties in the internal processing states of actual PLCs, DNAttest may produce incorrect comparison results. To mitigate this issue, we create multiple emulated PLCs by replicating input messages with varying timing profiles, enabling a comprehensive generation of plausible output values for comparison.

Speaker’s Profile

Wei Lin is a PhD candidate at the Information Systems Technology and Design (ISTD) pillar of the Singapore University of Technology and Design (SUTD). He holds a Bachelor of Engineering in Electrical and Electronic Engineering from Nanyang Technological University, Singapore. His research interests focus on cybersecurity for critical infrastructures and network security.