DISASTER: Dedicated Intelligent Security Attacks on Sensor-Triggered Emergency Responses

Arsalan Mosenia, Susmita Sur-Kolay, Anand Raghunathan, Niraj K. Jha

Research output: Contribution to journalArticle

5 Scopus citations

Abstract

Rapid technological advances in microelectronics, networking, and computer science have resulted in an exponential increase in the number of cyber-physical systems (CPSs) that enable numerous services in various application domains, e.g., smart homes and smart grids. Moreover, the emergence of the Internet-of-Things (IoT) paradigm has led to the pervasive use of IoT-enabled CPSs in our everyday lives. Unfortunately, as a side effect, the number of potential threats and feasible security attacks against CPSs has grown significantly. In this paper, we introduce a new class of attacks against CPSs, called dedicated intelligent security attacks against sensor-triggered emergency responses (DISASTER). DISASTER targets safety mechanisms deployed in automation/monitoring CPSs and exploits design flaws and security weaknesses of such mechanisms to trigger emergency responses even in the absence of a real emergency. Launching DISASTER can lead to serious consequences for three main reasons. First, almost all CPSs offer specific emergency responses and, as a result, are potentially susceptible to such attacks. Second, DISASTER can be easily designed to target a large number of CPSs, e.g., the anti-theft systems of all buildings in a residential community. Third, the widespread deployment of insecure sensors in already-in-use safety mechanisms along with the endless variety of CPS-based applications magnifies the impact of launching DISASTER. In addition to introducing DISASTER, we describe the serious consequences of such attacks. We demonstrate the feasibility of launching DISASTER against the two most widely-used CPSs: residential and industrial automation/monitoring systems. Moreover, we suggest several countermeasures that can potentially prevent DISASTER and discuss their advantages and drawbacks.

Original languageEnglish (US)
Article number7959602
Pages (from-to)255-268
Number of pages14
JournalIEEE Transactions on Multi-Scale Computing Systems
Volume3
Issue number4
DOIs
StatePublished - Oct 1 2017

All Science Journal Classification (ASJC) codes

  • Control and Systems Engineering
  • Information Systems
  • Hardware and Architecture

Keywords

  • Automation system
  • Internet-of-Things
  • cyber-physical system
  • emergency response
  • safety
  • security attack
  • smart thing
  • wireless sensors

Fingerprint Dive into the research topics of 'DISASTER: Dedicated Intelligent Security Attacks on Sensor-Triggered Emergency Responses'. Together they form a unique fingerprint.

  • Cite this