A Model Inversion Based Watermark for Replay Attack Detection with Output Tracking

Abstract

This article proposes a new approach for replay attack detection using a model inversion based physical watermark. We consider a defender who tracks a constant reference at the output. This leaves a system vulnerable to replay attacks, where an adversary replaces the true outputs of a system with a recorded sequence. In steady state a defender can not distinguish between normal and replayed outputs, allowing an undetected attack. This paper argues that a controller using model inversion can achieve simultaneous tracking and security performance. Specifically, this approach computes a feedforward input using a technique called pseudo-inversion, which is then added to a constant reference signal. Beyond considering physical watermarking in a new setting of output tracking, the main advantage of this approach is the performance guarantees of the associated controller. Unlike classical physical watermarking which introduces stochastic inputs that can lead to potentially undesirable behavior, model inversion watermarking allows a defender to carefully utilize several degrees of freedom to achieve predictable control performance during normal operation and detect malicious behavior while under replay attack. In this paper, we focus on a practical scheme, which uses time resets. Moreover, we demonstrate our solution can be applied to nonminimum phase systems.