Next Article in Journal
Adaptive Microwave Staring Correlated Imaging for Targets Appearing in Discrete Clusters
Next Article in Special Issue
Enhancing Time Synchronization Support in Wireless Sensor Networks
Previous Article in Journal
Investigation of Temperature Sensitivity of a Polymer-Overlaid Microfiber Mach-Zehnder Interferometer
Article Menu
Issue 10 (October) cover image

Export Article

Open AccessArticle
Sensors 2017, 17(10), 2408;

Command Disaggregation Attack and Mitigation in Industrial Internet of Things

Department of Electronic Information and Electrical Engineering, Changsha University, Changsha 410022, China
College of Computer, National University of Defense Technology, Changsha 410073, China
Department of Informatics, University of Oslo, Oslo 0316, Norway
Author to whom correspondence should be addressed.
Received: 5 September 2017 / Revised: 2 October 2017 / Accepted: 18 October 2017 / Published: 21 October 2017
(This article belongs to the Special Issue Internet of Things and Ubiquitous Sensing)
Full-Text   |   PDF [1851 KB, uploaded 26 October 2017]   |  


A cyber-physical attack in the industrial Internet of Things can cause severe damage to physical system. In this paper, we focus on the command disaggregation attack, wherein attackers modify disaggregated commands by intruding command aggregators like programmable logic controllers, and then maliciously manipulate the physical process. It is necessary to investigate these attacks, analyze their impact on the physical process, and seek effective detection mechanisms. We depict two different types of command disaggregation attack modes: (1) the command sequence is disordered and (2) disaggregated sub-commands are allocated to wrong actuators. We describe three attack models to implement these modes with going undetected by existing detection methods. A novel and effective framework is provided to detect command disaggregation attacks. The framework utilizes the correlations among two-tier command sequences, including commands from the output of central controller and sub-commands from the input of actuators, to detect attacks before disruptions occur. We have designed components of the framework and explain how to mine and use these correlations to detect attacks. We present two case studies to validate different levels of impact from various attack models and the effectiveness of the detection framework. Finally, we discuss how to enhance the detection framework. View Full-Text
Keywords: cyber-physical attack; industrial Internet of Things; command disaggregation; command correlation; attack detection cyber-physical attack; industrial Internet of Things; command disaggregation; command correlation; attack detection

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).

Share & Cite This Article

MDPI and ACS Style

Xun, P.; Zhu, P.-D.; Hu, Y.-F.; Cui, P.-S.; Zhang, Y. Command Disaggregation Attack and Mitigation in Industrial Internet of Things. Sensors 2017, 17, 2408.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics



[Return to top]
Sensors EISSN 1424-8220 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top