INTRUSION RESPONSE FOR CYBER-PHYSICAL SYSTEMS: A MODEL-FREE DEEP REINFORCEMENT LEARNING APPROACH

Abstract

Cyberattacks on Cyber-Physical Systems (CPSs) are on the rise due to CPS increased networked connectivity, which may cause costly environmental hazards as well as human and financial loss. Although the connectivity of CPSs has significantly improved production, it introduced new vulnerabilities, which necessitate designing and implementing proper automatic cybersecurity defensive mechanisms to protect CPSs from cyberattacks. This thesis presents the design, implementation, and evaluation of a dynamic Intrusion Response System (IRS) to automatically respond to false data injection attacks against a model-based CPS testbed. The proposed IRS was designed using two approaches: an optimization approach with Genetic algorithm and a model-free Deep Reinforcement Learning-based (DRL) approach using Double Deep Q Networks (DDQN) algorithm. The proposed solutions are evaluated on an online Continuous Stirred Tank Reactor (CSTR) testbed that mimics a real-world CPS. Experimental results demonstrate the effectiveness of the proposed approaches in responding to false data injection attacks and minimize the impact on the system. Finally, the thesis highlights open research questions and sketches directions for future work.