Virtualized Environments to Analyze Cyber-Physical Attacks and Defenses
Skip to main content
eScholarship
Open Access Publications from the University of California

UC Santa Cruz

UC Santa Cruz Electronic Theses and Dissertations bannerUC Santa Cruz

Virtualized Environments to Analyze Cyber-Physical Attacks and Defenses

Creative Commons 'BY' version 4.0 license
Abstract

The ever-increasing ubiquity of cyber-physical systems is creating an attractive target for developing malware and cyber attacks. From consumer-grade IoT devices like drones to specialized industrial equipment in critical infrastructure, many new and varied attacks and malware emerge to afflict these systems, impacting the physical environment and processes handled by the devices.A fundamental part of protecting a system against malware and cyber attacks involves understanding the nature of the attack to devise an effective countermeasure. However, due to the nature of some of these systems, a comprehensive analysis might be unfeasible or outright dangerous. To overcome this limitation, we propose using a virtualized scenario, emulating the system's behavior, more specifically the physical and networking behavior, to dynamically analyze cyber-attacks and malware without compromising the physical integrity of the systems and their environment. We first test the feasibility of this idea by simulating cyber-attacks against a virtual quadcopter drone before testing the attacks on its physical counterpart once the attacks are deemed "safe" for the user and the drone. Then, we emulate an industrial process using software-defined networks to evaluate the feasibility of implementing defense mechanisms against attacks with some features provided by software-defined networks. Finally, we combine the virtualization of cyber-physical systems and the use of software-defined networks to simulate a power grid system to dynamically analyze the behavior of an actual malware known as "Win32.Industroyer" by infecting a virtual machine in an isolated virtual environment. Our ultimate goal is to refine a framework to allow researchers to safely simulate cyber-physical systems to test attacks, defenses, and malware against a virtual avatar of the existing system.

Main Content
For improved accessibility of PDF content, download the file to your device.
Current View