Using deception to facilitate intrusion detection in nuclear power plants

Julian Rushi, Roy Campbell

Research output: Contribution to conferencePaper

Abstract

In this paper we propose reactor mirage theory as a deception-based intrusion detection approach for digital I&C systems in nuclear power plants (NPPs). We draw from military deception techniques based on simulation of physical targets such as troops, radar-equipped air defense installations, tanks, bridges, airfields, etc. We propose the employment of genuine digital I&C systems to simulate physical components of a NPP via generation of Modbus protocol data units (PDUs) typical to the operation of these components. Communicating finite state machines are used to generate and recognize such deceptive PDUs. Artificially generated Modbus traffic is the reactor mirage theory counterpart of electromagnetic beam reflections, heat emitters, etc., commonly used as deceptive mechanisms by the military in warfare to indicate the existence of physical targets. These deceptive PDUs produce a drastic incrementation of the uncertainty which attackers may be subject to during the selection of target NPP components they plan to hit, hence increase by a high order of magnitude the probability of detection of attacks on NPP components.

Original languageEnglish (US)
Pages315-324
Number of pages10
StatePublished - Jan 1 2008
Event3rd International Conference on Information Warfare and Security, ICIW 2008 - Omaha, NE, United States
Duration: Apr 24 2008Apr 25 2008

Other

Other3rd International Conference on Information Warfare and Security, ICIW 2008
CountryUnited States
CityOmaha, NE
Period4/24/084/25/08

    Fingerprint

Keywords

  • Digital I&C systems
  • Intrusion detection
  • MILDEC
  • Nuclear power plants
  • Reactor mirage theory
  • Signal detection theory

ASJC Scopus subject areas

  • Information Systems
  • Safety, Risk, Reliability and Quality

Cite this

Rushi, J., & Campbell, R. (2008). Using deception to facilitate intrusion detection in nuclear power plants. 315-324. Paper presented at 3rd International Conference on Information Warfare and Security, ICIW 2008, Omaha, NE, United States.