DISASTER: Dedicated Intelligent Security Attacks on Sensor-Triggered Emergency Responses

Authors

Arsalan Mosenia, Princeton University
Susmita Sur-Kolay, Indian Statistical Institute, Kolkata
Anand Raghunathan, Purdue University
Niraj K. Jha, Princeton University

Article Type

Research Article

Publication Title

IEEE Transactions on Multi-Scale Computing Systems

Abstract

Rapid technological advances in microelectronics, networking, and computer science have resulted in an exponential increase in the number of cyber-physical systems (CPSs) that enable numerous services in various application domains, e.g., smart homes and smart grids. Moreover, the emergence of the Internet-of-Things (IoT) paradigm has led to the pervasive use of IoT-enabled CPSs in our everyday lives. Unfortunately, as a side effect, the number of potential threats and feasible security attacks against CPSs has grown significantly. In this paper, we introduce a new class of attacks against CPSs, called dedicated intelligent security attacks against sensor-triggered emergency responses (DISASTER). DISASTER targets safety mechanisms deployed in automation/monitoring CPSs and exploits design flaws and security weaknesses of such mechanisms to trigger emergency responses even in the absence of a real emergency. Launching DISASTER can lead to serious consequences for three main reasons. First, almost all CPSs offer specific emergency responses and, as a result, are potentially susceptible to such attacks. Second, DISASTER can be easily designed to target a large number of CPSs, e.g., the anti-theft systems of all buildings in a residential community. Third, the widespread deployment of insecure sensors in already-in-use safety mechanisms along with the endless variety of CPS-based applications magnifies the impact of launching DISASTER. In addition to introducing DISASTER, we describe the serious consequences of such attacks. We demonstrate the feasibility of launching DISASTER against the two most widely-used CPSs: residential and industrial automation/monitoring systems. Moreover, we suggest several countermeasures that can potentially prevent DISASTER and discuss their advantages and drawbacks.

First Page

255

Last Page

268

DOI

10.1109/TMSCS.2017.2720660

Publication Date

10-1-2017

Comments

Open Access, Bronze

Recommended Citation

Mosenia, Arsalan; Sur-Kolay, Susmita; Raghunathan, Anand; and Jha, Niraj K., "DISASTER: Dedicated Intelligent Security Attacks on Sensor-Triggered Emergency Responses" (2017). Journal Articles. 2394.
https://digitalcommons.isical.ac.in/journal-articles/2394