Learning-based attacks in cyber-physical systems

Mohammad Javad Khojasteh*, Anatoly Khina, Massimo Franceschetti, Tara Javidi

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

14 Scopus citations


We introduce the problem of learning-based attacks in a simple abstraction of cyber-physical systems - the case of a discrete-time, linear, time-invariant plant that may be subject to an attack that overrides sensor readings and controller actions. The attacker attempts to learn the dynamics of the plant and subsequently overrides the controller's actuation signal to destroy the plant without being detected. The attacker can feed fictitious sensor readings to the controller using its estimate of the plant dynamics and mimic the legitimate plant operation. The controller, in contrast, is constantly on the lookout for an attack; once the controller detects an attack, it immediately shuts the plant off. In the case of scalar plants, we derive an upper bound on the attacker's deception probability for any measurable control policy when the attacker uses an arbitrary learning algorithm to estimate the system dynamics. We then derive lower bounds for the attacker's deception probability for both scalar and vector plants by assuming an authentication test that inspects the empirical variance of the system disturbance. We also show how the controller can improve the security of the system by superimposing a carefully crafted privacy-enhancing signal on top of the 'nominal control policy.' Finally, for nonlinear scalar dynamics that belong to the reproducing kernel Hilbert space, we investigate the performance of attacks based on nonlinear Gaussian process learning algorithms.

Original languageEnglish
Article number9210155
Pages (from-to)437-449
Number of pages13
JournalIEEE Transactions on Control of Network Systems
Issue number1
StatePublished - Mar 2021


FundersFunder number
Marie Skłodowska-Curie708932
National Science FoundationCNS-1446891, ECCS-1917177
Horizon 2020 Framework Programme


    • Cyber-physical system security
    • learning for dynamics and control
    • man-in-the-middle attack
    • physical layer authentication
    • secure control
    • system identification


    Dive into the research topics of 'Learning-based attacks in cyber-physical systems'. Together they form a unique fingerprint.

    Cite this