@article{b70597e08f6a429fb3ab6dc066a5c786,
title = "Modeling adversarial physical movement in a railway station: Classification and metrics",
abstract = "Many real-world attacks on cyber-physical systems involve physical intrusions that directly cause damage or facilitate cyber attacks. Hence, in this work, we investigate the security risk of organizations with respect to different adversarial models of physical movement behavior. We study the case in which an intrusion detection mechanism is in place to alert the system administrator when users deviate from their normal movement behavior.We then analyze how different user behaviors may present themselves as different levels of threats in terms of their normal movement behavior within a given building topology. To quantify the differences in movement behavior, we define a WeightTopo metric that takes into account the building topology in addition to themovement pattern.We demonstrate our approach on a railway system case study and showhowcertain user roles, when abused by attackers, are especially vulnerable in terms of the physical intrusion detection probability. We also evaluate quantitatively how the similarity between an attacker's movement behavior and a user's movement behavior affects the detection probability of the evaluated intrusion detection system. Certain individual users are found to pose a higher threat, implying the need for customized monitoring.",
keywords = "Adversary model, Physical movement, Railway transportation system",
author = "Carmen Cheh and Binbin Chen and Temple, {William G.} and Sanders, {William H.}",
note = "Funding Information: This material is based upon work supported by the Maryland Procurement Office under Contract No. H98230-18-D-0007, and in part by the National Research Foundation (NRF), Prime Minister{\textquoteright}s Office, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2014NCR-NCR001-31) and administered by the National Cybersecurity R&D Directorate, and supported in part by the research grant for the Human-Centered Cyber-physical Systems Programme at the Advanced Digital Sciences Center from Singapore{\textquoteright}s Agency for Science, Technology and Research (A*STAR). Authors{\textquoteright} addresses: C. Cheh, Department of Computer Science, University of Illinois at Urbana-Champaign, 201 N. Good-win Ave., Urbana, IL 61801; email: cheh2@illinois.edu; B. Chen, Singapore University of Technology and Design, 8 Somapah Road, Singapore 487372; email: binbin_chen@sutd.edu.sg; W. G. Temple, Advanced Digital Sciences Center, 1 Create Way #14-02, Singapore 138602; email: william.t@adsc.com.sg; W. H. Sanders, Department of Electrical and Computer Engineering, University of Illinois at Urbana-Champaign, 306 N. Wright St, Urbana, IL 61801; email: whs@illinois.edu. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org. {\textcopyright} 2019 Association for Computing Machinery. 2378-962X/2019/10-ART11 $15.00 https://doi.org/10.1145/3349584 Publisher Copyright: {\textcopyright} 2019 Association for Computing Machinery.",
year = "2019",
month = oct,
doi = "10.1145/3349584",
language = "English (US)",
volume = "4",
journal = "ACM Transactions on Cyber-Physical Systems",
issn = "2378-962X",
publisher = "Association for Computing Machinery (ACM)",
number = "1",
}