design of secure cryptosystem under deception attacks - ijcsmr

International Journal of Computer Science and Management Research Vol 2 Issue 6 June 2013ISSN 2278-733XDESIGN OF SECURE CRYPTOSYSTEMUNDER DECEPTION ATTACKSPreetha S LII nd year ME CSECSE DepartmentAMS Engg. CollegeNamakkalpreethaaji@gmail.comAbstract- Information Technology security canbe described in terms of security objectives such asconfidentiality, integrity, authentication, availability,authorization, auditability, non-repudiability and thirdpartyprotection, of which the first four ones sufferingfrom deception attacks, the RNPC method based onround-trip time delays is proposed to compensate havehighest priority for the data transmitted I industrialnetworked control Systems(NCS). Secure NetworkedPredictive Control Systems mainly concerned withconfidentiality, integrity and authenticity of datasecurity service. SNPCS architecture integrates the dataData Encryption Standard Algorithm(DES), MessageDigest (MD5) algorithm, time stamp strategy andRecursive Networked Predictive Control(RNPC)method. To guarantee the control system performancewhen for the adverse effects introduced by thedeception attacks as well as the network communicationconstraints, such as time varying network delay, packetdisorder and packet dropout. Secure NetworkedPredictive Control System is designed for the dataencryption as well as the detection and compensation ofdeception attacks. Data Encryption is performed by theDES algorithm. Deception attacks are detected by theMessage Digest (MD5) algorithm and the timestampstrategy under the DES cryptosystem.Keywords- MD5, Recursive Networked Predictive Control,Secure Transmission Mechanism, DESI.INTRODUCTIONNetwork security consists of the provisionsand policies adopted by a network administrator toprevent and monitor unauthorized access, misuse,modification, or denial of a computer network andS.ThavamaniyanAssociate ProfessorCSE DepartmentAMS Engg. CollegeNamakkalthavamaniyan@gmail.comnetwork-accessible resources. Network securityinvolves the authorization of access to data in anetwork, which is controlled by the networkadministrator Security management for networks isdifferent for all kinds of situations. A home or smalloffice may only require basic security while largebusinesses may require high-maintenance andadvanced software and hardware to prevent maliciousattacks from hacking and spamming.The primary goal such as DataConfidentiality is the ability to conceal messagesfrom a passive attacker so that any messagecommunicated via the sensor network remainsconfidential. This is the most important issue innetwork security. Data authentication is achievedthrough symmetric or asymmetric mechanisms wheresending and receiving nodes share secret keys. Due tothe wireless nature of the media and the unattendednature of sensor networks, it is extremely challengingto ensure authentication. Data integrity in sensornetworks is needed to ensure the reliability of thedata and refers to the ability to confirm that amessage has not been tampered with, altered orchanged. Data Availability determines whether anode has the ability to use the resources and whetherthe network is available for the messages tocommunicate. However, failure of the base station orcluster leader’s availability will eventually threatenthe entire sensor network. Thus availability is ofprimary importance for maintaining an operationalnetwork.The secondary goals are as follows:-DataFreshness- Even if confidentiality and data integrityPreetha S L et.al.2838www.ijcsmr.org

International Journal of Computer Science and Management Research Vol 2 Issue 6 June 2013ISSN 2278-733Xare assured, there is a need to ensure the freshness ofeach message. Informally, data freshness suggeststhat the data is recent, and it ensures that no oldmessages have been replayed. To solve this problema nonce, or another time-related counter, can beadded into the packet to ensure data freshness. Self-Organization in which wireless sensor network is atypically an ad hoc network, which requires everysensor node be independent and flexible enough to beself-organizing and self-healing according todifferent situations.II. REVIEW OF LITERATUREZhong-Hua Pang and Guo-Ping Liu, (2012)has investigated on Secure Networked PredictiveControl System (SNPCS) is designed for the dataencryption as well as the detection and compensationof deception attacks (the attacks results in theviolation of data integrity and/or authenticity). DataEncryption is performed by the DES algorithm.Deception attacks are detected by the Message Digest(MD5) algorithm and the timestamp strategy underthe DES cryptosystem. In order to guarantee thesystem performance at a satisfactory level whenunder deception attacks RNPC method is proposedbased on the round-trip time (RTT) delay.Secure Networked Predictive ControlSystems mainly concerned with confidentiality,integrity and authenticity of data security service.SNPCS architecture integrates the data DataEncryption Standard Algorithm (DES), MessageDigest (MD5) algorithm, time stamp strategy andRecursive Networked Predictive Control (RNPC)method. The former three parts are used to form asecure transmission mechanism between thecontroller side the plant side, which is responsible forensuring the data confidentiality and checking thedata integrity and authenticity. To guarantee thecontrol system performance when suffering fromdeception attacks, the RNPC method based on roundtriptime delays is proposed to compensate for theadverse effects introduced by the deception attacks aswell as the network communication constraints, suchas time varying network delay, packet disorder andpacket dropout.W. S. Hu, G. P. Liu, and D. Rees, (2008) hasinvestigated on networked predictive control over theinternet using round-trip delay measurement with therapid development of network technology, thepotential use of networked real-time control andautomation is enormous and appealing. However,closed-loop control systems via the Internet are verydifficult to implement practically due to theirstochastic nature. The large and random time delayand data dropout caused by data transmission impactthe performance of the control system and even resultin system instability This paper describes a modelbasednetworked predictive control scheme based onround-trip time delay measurement rather thanseparate consideration of the feedback channel delay(between the sensor and controller) and the forwardchannel delay (between the controller and actuator),which successfully avoids the requirement ofsynchronization. The problems of the system with thecontroller and actuator sharing the same networkinterface were addressed in this paper. The issues forthe system with three parts (the controller, actuator,and sensor) will be investigated in future work. Thedisadvantages of this paper are hardwareimplementation is very difficult so that it is veryexpensive.V. C. Gungor and G. P. Hancke,(2009) hasinvestigated on industrial wireless sensor networksthat the increasing age of many industrial systemsand the dynamic industrial manufacturing market,intelligent and low-cost industrial automationsystems are required to improve the productivity andefficiency of such systems. In this paper, our aim isto provide a contemporary look at the current state ofthe art in IWSNs and discuss the still-open researchissues in this field and, hence, to make the decisionmakingprocess more effective and direct.. Otheropen issues include optimal sensor-node deployment,localization, security, and interoperability betweendifferent IWSN manufacturers. Finally, to cope withRF interference and dynamic/varying wirelesschannelconditions in industrial environments,porting a cognitive radio paradigm to a low-powerindustrial sensor node and developing controllingmechanisms for channel handoff is anotherchallenging area yet to be explored.W. S. Hu, G. P. Liu, and D. Rees, (2007) hasinvestigated on event driven networked predictivecontrol that in networked control systems, randomtransmission delay significantly degrades the controlperformance and can cause system instability. Toaddress this problem, the method of networkedpredictive control (NPC) has been proposed, whichtakes advantage of the feature of the network that apacket of data can be transferred simultaneously. Atthe controller side, future control sequences for everypossible time delay are generated, which are thenpacked into a single packet and transmitted to theplant side. The plant side receives the packet andchooses the proper control signal based on the timedelay measurement. The new method does not needany time delay measurement and can significantlyimprove the system performance in the presence ofmodel uncertainty. The stability of the system whenPreetha S L et.al.2839www.ijcsmr.org

International Journal of Computer Science and Management Research Vol 2 Issue 6 June 2013ISSN 2278-733Xthe method is used is analyzed. In this paper, a newNPC scheme was introduced. Relative to the previousNPC methods, the control signal applied to theactuator is selected based on the output rather than onthe time delay measured. The stability of the newscheme was also analyzed in this paper. When themodel is not accurate, the new NPC scheme canchoose the appropriate control signal and achieve animproved control performance. To test theperformance of the proposed scheme, simulations andpractical experiments were implemented for a servoplant. Both the simulation and the Internet-basedexperiments have successfully demonstrated thesuperior performance of the new NPC schemerelative to the previous implementation.S. H. Chai, G. P. Liu, D. Rees, (2008) hasinvestigated on design of internet-based predictivecontrol of a servo system that novel control strategycan compensate for the random network delay anddata dropout in an active way. In order to test theperformance of the proposed control scheme, theoffline simulation and practical implementation of anInternet-based servo control system are carried out.At the same time, the stability of the control schemeis also studied. In order to illustrate the performanceof the proposed scheme, both an offline simulationand a practical implementation for a networked servosystem controlled through Intranet/Internet has beencarried out. It has been demonstrated that thenetworked predictive controller is an active networkdelay compensation controller. Its ability tocompensate for the network delay has beendemonstrated by both offline simulations andexperimental tests.Andr´ e Teixeira, Henrik Sandberg, Karl H.Johansson, (2010) has investigated on networkedcontrol systems under cyber attacks with applicationsto power networks that networked control systemsunder certain cyber attacks are analyzed. Their workdeals with two types of attacks: attacks on thenetwork nodes and attacks on the communicationbetween the nodes. They proposed a distributedscheme to detect and isolate the attacks usingobservers. The results are applied to two classes ofnetworked control systems: a network running theconsensus protocol and a power network defined bythe linearized swing equation They propose methodsto detect and isolate these events in a distributedfashion using a bank of Unknown Input Observers(UIOs) at each node. A similar approach was used todetect attacks on the nodes in the discrete-timeconsensus problem. The disadvantage of this paper isimplementation is very complex.S. Y. Wu, W. B. Li, and X. Y. Hu, (2009)has investigated on study of digital signature withencryption based on combined symmetric key thatthe characteristics that the signing speed must bequick and the system must be simply deployed in thedigital signature system of office automation, amethod of digital signature with encryption based oncombined symmetric key, symmetric technology andhardware technology is proposed. The advantages ofthe proposed method is that the key is one-time andtime variant and the key update and maintenance isautomation so the key is maintenance-free;Compared with traditional Asymmetric digitalsignature algorithms, this method has the superiorityof fast deciphering and simple key management. Theadvantages of this method are avoiding the difficultproblem of the symmetric key management andspeed increasing drastically. This method can realizeproof of authorship and assure avoiding the illegalityaccess of important document. At the same time, thenegative effect on office efficiency is minimized isthis paper major disadvantage.Rachana A Gupta and Mo-YuenChow(2008) has investigated on performanceassessment and compensation for secure networkedcontrol systems that network-control-systems (NCS)have been gaining popularity due to their highpotential in widespread applications and becomingrealizable due to the rapid advancements inembedded systems, wireless communicationtechnologies. This paper addresses the issue of NCSinformation security as well its time-sensitiveperformance and their trade-off. Network securityalgorithms DES,3DES, and AES are integrated withthe application to secure the sensor as well ascontrol data flow on the network. Standard 2kfactorial experiment design is used to study andestimate the effect of each security algorithm. A 1-Dgain scheduler is then designed to compensate for theadverse effect due to security. Thoroughexperimental results, system factors includingnetwork security and system gain affecting theperformance are evaluated, analyzed, andcategorized.J. Daafouz, P. Riedinger, and C. Iung,(2002) has investigated on stability analysis andcontrol synthesis for switched systems that this paperaddresses the problem of stability analysis andcontrol synthesis of switched systems in the discretetime domain. The first one is classical while thesecond one is new and uses a slack variable whichmakes it useful for design problems. These twoconditions are proved to be equivalent for stabilityanalysis. Investigating the static output feedbackcontrol problem they show that the second conditionis in this case less conservative. The reduction of theconservatism is illustrated by a numerical evaluation.Even if this condition has been proved to beequivalent to a classical one, this condition is shownPreetha S L et.al.2840www.ijcsmr.org

International Journal of Computer Science and Management Research Vol 2 Issue 6 June 2013ISSN 2278-733Xto be less conservative when constrained controldesign problems are investigated. The difficultproblem related to switched static output feedbackdesign has been addressed to illustrate such aconservatism reduction.P. Belanovic, D. Valerio, A. Paier, T.Zemen, F. Ricciato, and C. F.Mecklenbrauker,(2010)has investigated on wireless links for vehicle-toinfrastructurecommunications future intelligenttransportation systems (ITS) will necessitate wirelessvehicle-to-infrastructure (V2I) communications.Adirect quantitative comparison of the presentedsystems is given to show their scaling behavior withthe number of users and the geographical coverage.III. EXISTING SYSTEMA secure cryptosystem focusing onconfidentiality, integrity and authenticity. Based onthe confidentiality aspect of network security,Swaminathan Et al described a secure field-busprotocol in which the Data Encryption Standard wasperformed for data protection. Gupta and Chowapplied encryption algorithms DES, 3DES andAdvance Encryption Standard (AES) to protect thedata transmitted in NCSs.The data encryption aloneis not sufficient to secure data flows over thenetwork. For example, data tampering attacks to thesensor and. or control data cannot prevented by thedata encryption, which can significantly impair thesystem performance or even lead to loss of control ofNCSs.To ensure the security of sensor and controlsignals transmitted over the network, theconfidentiality, integrity checking and authenticationwere implemented in hardware tools. Zhang et alintroduced a 3-tier signature signing and keyevolvingscheme to ensure that the exchangedinformation via mobile networks is authentic. Xu etal presented a secure architecture for thecollaborative control of distributed device networksin which the security problems of confidentiality,integrity, authenticity and execution safety wereaddressed. The aforementioned schemes are justdesigned from the viewpoint of general IT security,which mainly focus on information protection. Oncethe spurious data are detected , they are simplydiscarded or retransmitted which are not sufficient ornot suitable for industrial control systems. Apart fromattack prevention and detection measures, thecorresponding compensation strategies should beconsidered for the NCSs under attacks from theviewpoint of control.In SNPCS, the security issues ofdata transmitted in NCSs, especially confidentiality,integrity and authenticity are considered.As an integration of sensors, controllers,actuators and networks, networked control systems(NCSs) show many distinct advantages such asflexible architectures, low installation andmaintenance costs, and the fusion and sharing ofglobal resources. With strong opening-up property ofa shared network, especially the internet and wirelessnetworks, the sensor and control data exchange overnetworks in NCSs without security protection areconfronted with the network securityproblemInformation Technology security can bedescribed in terms of security objectives such asconfidentiality, integrity, authentication , availability, authorization, auditability, non-repudiability andthird-party protection.The data encryption alone is not sufficient tosecure data flows over the network. For example,data tampering attacks to the sensor and/or controldata cannot prevented by the data encryption, whichcan significantly impair the system performance oreven lead to loss of control of NCSs. The systemshould ensure the security of sensor and controlsignals transmitted over the network, theconfidentiality, integrity checking andauthentication.The disadvantages of existing methodis security objectives such as confidentiality,integrity, authentication, availability, authorization,auditability, and non-repudiability and third-partyprotection are not correctly implemented.IV. PROPOSED SYSTEMSecure Networked Predictive ControlSystems mainly concerned with confidentiality,integrity and authenticity of data security service.SNPCS architecture integrates the data DataEncryption Standard Algorithm(DES), MessageDigest (MD5) algorithm, time stamp strategy andRecursive Networked Predictive Control(RNPC)method. The former three parts are used to form asecure transmission mechanism between thecontroller side the plant side, which is responsible forensuring the data confidentiality and checking thedata integrity and authenticity. In the securearchitecture , the adverse effects caused by deceptionattacks and communication constraints are ultimatelytreated as the network RTT delay, which is dealt withthe by the RNPC.The advantages of proposed methodimproved data security and control of networkedsystems compared to existing security mechanismsand the other advantage is in the secure architectureadverse effects caused by deception attacks andcommunication constraints are ultimately treated.V. SYSTEM IMPLEMENTATIONPreetha S L et.al.2841www.ijcsmr.org

International Journal of Computer Science and Management Research Vol 2 Issue 6 June 2013ISSN 2278-733Xthe register, including the timestamp and message.The output of the receiver is the authentic messageM r .VI. FUTURE ENHANCEMENTSecure Networked Predictive ControlSystems mainly concerned with confidentiality,integrity and authenticity of data security service.SNPCS architecture integrates the data DataEncryption Standard Algorithm(DES), MessageDigest (MD5) algorithm, time stamp strategy andRecursive Networked Predictive Control(RNPC)method.. To guarantee the control systemperformance when suffering from deception attacks,the RNPC method based on round-trip time delays isproposed to compensate for the adverse effectsintroduced by the deception attacks as well as thenetwork communication constraints, such as timevarying network delay, packet disorder and packetdropout. Secure Networked Predictive ControlSystem (SNPCS) is designed for the data encryptionas well as the detection and compensation ofdeception attacks (the attacks results in the violationof data integrity and/or authenticity). Data Encryptionis performed by the DES algorithm. Deceptionattacks are detected by the Message Digest (MD5)algorithm and the timestamp strategy under the DEScryptosystem. In order to guarantee the systemperformance at a satisfactory level when underdeception attacks RNPC method is proposed basedon the round-trip time (RTT) delay.REFERENCES1.A.A.Cardenas ,S.Amin, and S.S.Sastry,(2008)”Research challenges for the security ofcontrol systems’” presented at the 3 rd USENIXWorkshop Hot Topics in Security,Jul,USENIX,Art.6.2.A.A.Cardenas,S.Amin, and S.S.Sastry,”SecureControl:Towards survivablecyber-physical systems”inProc.28 th Int.Conf.Distrib.Comput.Syst.Wprkshops,2008,pp.495-5003.A.Teixeira,H.Sandberg, and K.H.Johansson,(2010)”NetworkedControl Systems under cyberattacks with applications to powernetworks,”inProc.Amer.Control Conf., pp. 3690-3696.4.B.Schneier,”AppliedCryptography:Protocols,Algorithms,and source code in C,2 nd Edn,”NewYork:Wiley,1996.communicationsystems”,Proc.IEE,vol.93,no.6,pp.1152-1177,Jun.2005.6.H.Yang,F.Ricciato,S.Lu,andL.Zhang,”Security inwireless World”,Proc.IEEE,vol.94,no.2,pp.442-454,Feb.2006.7.J.Arata,H.Takahashi,P.Vitakwatchara,S.Warisawa,K.Tanoue,K.Konishi,S.Leiri,S.Shimizu,N.Nakashima,K.Okamura,Y.Fujino,Y.Ueda,P.Chotiwan,M.Mitushini, and M.Hashizume,”A Remote surgeryexperiment between Japan and Thailand overInternet using a low latency CODEC system,” inProc.IEEE Int. Conf. Rob.Autom.,2007, pp.953-959.8.J.Smit and G.PHanche,”The design andimplementationof ageneral-purpose, secure,measurement and control network incorporatingInternet-based access,”in Proc.20 th IEEE Instrum.Meas.Technol.Conf.,2003 vol.2,pp.1643-1647.9. J.P.Hespanha,P.Naghshtabrizi, and Y.Xu, “Asurvey of recent results in networked controlsystems” Proc. IEEE,vol.95,no.1,pp.183-162,JN.2007.10.P.Belanovic, D.Valerio, A.Paier, T.Zemen,F.Ricciato, and C.F.Mecklenbrauker,”On wirelesslinks for vehicle-to-infrastructure communications”,IEEE Trans, Veh. Technol., vol.59,no.1,pp.269-282,Jan 2010.11. T.Samad,J.S.Bay, and D.Godbole,”NetworkCentric Systems for militaryoperations in urban terrain:The role of UAVs,”Proc.IEEE,vol.95,no. 1,pp.92-107,Jan.2007.12.V.CGungor and G.P.Hancke,”Industrial wirelesssensor Networks:challenges, design principles anddesignapproaches,”IEEETrans.Ind.Electron.,vol.56,no.10,pp.4258-4265,Oct.2009.13.Y.Xu,R.Song,L.Korba, L.H.Wang, W.M.Shen,andS.Lang,”Distributed device networks withsecurityconstrints,”IEEETrans.Ind.Inf.,vol.1,no.4,pp.217-225,Nov.2005.14.R.C. Luo, K.L.Su, S.H.Shen, andK.H.Tsai,”Networked Intelligent robotsthrough the internet:Issues andopportunities,”Proc.IEEE,vol.91,no.3,pp371-382,Mar.2003.5.D.Dzung,M.naedele,T.P.Von Hoff, andM.Crevatin,” Security for industrialPreetha S L et.al.2843www.ijcsmr.org