{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T16:02:12Z","timestamp":1774540932986,"version":"3.50.1"},"reference-count":79,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2020,9,28]],"date-time":"2020-09-28T00:00:00Z","timestamp":1601251200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2021,2,28]]},"abstract":"<jats:p>\n            Fingerprinting of various physical and logical devices has been proposed for uniquely identifying users or devices of mainstream IT systems such as PCs, laptops, and smart phones. However, the application of such techniques in Industrial Control Systems (ICS) is less explored for reasons such as a lack of direct access to such systems and the cost of faithfully reproducing realistic threat scenarios. This work addresses the feasibility of using fingerprinting techniques in the context of realistic ICS related to water treatment and distribution systems. A model-free sensor fingerprinting scheme (\n            <jats:italic>NoiSense<\/jats:italic>\n            ) and a model-based sensor fingerprinting scheme (\n            <jats:italic>NoisePrint<\/jats:italic>\n            ) are proposed. Using extensive experimentation with sensors, it is shown that noise patterns due to microscopic imperfections in hardware manufacturing can uniquely identify sensors with accuracy as high as 97%. The proposed technique can be used to detect physical attacks, such as the replacement of legitimate sensors by faulty or manipulated sensors. For\n            <jats:italic>NoisePrint<\/jats:italic>\n            , a combined fingerprint for sensor and process noise is created. The difference (called residual), between expected and observed values, i.e., noise, is used to derive a model of the system. It was found that in steady state the residual vector is a function of process and sensor noise. Data from experiments reveals that a multitude of sensors can be uniquely identified with a minimum accuracy of 90% based on\n            <jats:italic>NoisePrint<\/jats:italic>\n            . Also proposed is a novel challenge-response protocol that exposes more powerful cyber-attacks, including replay attacks.\n          <\/jats:p>","DOI":"10.1145\/3410447","type":"journal-article","created":{"date-parts":[[2020,9,28]],"date-time":"2020-09-28T11:02:35Z","timestamp":1601290955000},"page":"1-35","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":24,"title":["<i>NoiSense Print<\/i>"],"prefix":"10.1145","volume":"24","author":[{"given":"Chuadhry Mujeeb","family":"Ahmed","sequence":"first","affiliation":[{"name":"Singapore University of Technology and Design"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Aditya P.","family":"Mathur","sequence":"additional","affiliation":[{"name":"Singapore University of Technology and Design"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mart\u00edn","family":"Ochoa","sequence":"additional","affiliation":[{"name":"Singapore University of Technology and Design and AppGate Inc."}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,9,28]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Proceedings of the IEEE 40th Annual Computer Software and Applications Conference (COMPSAC\u201916)","volume":"1","author":"Adepu S.","year":"2016"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/SCSPW.2016.7509557"},{"key":"e_1_2_1_3_1","volume-title":"Proceedings of the IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C\u201917)","author":"Ahmed C. M.","year":"2017"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053011"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196532"},{"key":"e_1_2_1_6_1","volume-title":"Proceedings of the 3rd International Workshop on Cyber-Physical Systems for Smart Water Networks (CySWATER\u201917)","author":"Ahmed Chuadhry Mujeeb"},{"key":"e_1_2_1_7_1","volume-title":"Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC\u201918)","author":"Ahmed Chuadhry Mujeeb"},{"key":"e_1_2_1_8_1","volume-title":"Principles of Cyber-physical Systems","author":"Alur Rajeev"},{"key":"e_1_2_1_9_1","volume-title":"I: Analysis and experimentation of stealthy deception attacks","author":"Amin S.","year":"2013"},{"key":"e_1_2_1_10_1","volume-title":"II: Attack detection using enhanced hydrodynamic models","author":"Amin S.","year":"2013"},{"key":"e_1_2_1_11_1","volume-title":"Proceedings of the 2nd Conference on Proceedings of the 2nd USENIX Workshop on Electronic Commerce (WOEC\u201996)","author":"Anderson Ross","year":"1996"},{"key":"e_1_2_1_12_1","unstructured":"Arduino. 2016. Arduino. Retrieved from http:\/\/www.arduino.org\/.  Arduino. 2016. Arduino. Retrieved from http:\/\/www.arduino.org\/."},{"key":"e_1_2_1_13_1","volume-title":"Astr\u00f6m and Bj\u00f6rn Wittenmark","author":"Karl","year":"1997"},{"key":"e_1_2_1_14_1","unstructured":"H. Bojinov D. Boneh Y. Michalevsky and G. Nakibly. 2016. Mobile device identification via sensor fingerprinting. Retrieved from http:\/\/arxiv.org\/abs\/1408.1416.  H. Bojinov D. Boneh Y. Michalevsky and G. Nakibly. 2016. Mobile device identification via sensor fingerprinting. Retrieved from http:\/\/arxiv.org\/abs\/1408.1416."},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1409944.1409959"},{"key":"e_1_2_1_16_1","unstructured":"D. Buchla and W. McLachlan. 1992. Applied Electronic Instrumentation and Measurement. Merrill. Retrieved from https:\/\/books.google.com.sg\/books?id=7h9TAAAAMAAJ.  D. Buchla and W. McLachlan. 1992. Applied Electronic Instrumentation and Measurement. Merrill. Retrieved from https:\/\/books.google.com.sg\/books?id=7h9TAAAAMAAJ."},{"key":"e_1_2_1_17_1","volume-title":"Proceedings of the Workshop on Future Directions in Cyber-physical Systems Security. 5.","author":"Cardenas Alvaro","year":"2009"},{"key":"e_1_2_1_18_1","unstructured":"ICS SANS. 2016. Analysis of the Cyber Attack on the Ukrainian Power Grid. Retrieved from https:\/\/ics.sans.org\/media\/E-ISAC_SANS_Ukraine_DUC_5.pdf.  ICS SANS. 2016. Analysis of the Cyber Attack on the Ukrainian Power Grid. Retrieved from https:\/\/ics.sans.org\/media\/E-ISAC_SANS_Ukraine_DUC_5.pdf."},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1961189.1961199"},{"key":"e_1_2_1_20_1","unstructured":"CNN. 2007. Staged cyber attack reveals vulnerability in power grid. Retrieved from http:\/\/edition.cnn.com\/2007\/US\/09\/26\/power.at.risk\/index.html.  CNN. 2007. Staged cyber attack reveals vulnerability in power grid. Retrieved from http:\/\/edition.cnn.com\/2007\/US\/09\/26\/power.at.risk\/index.html."},{"key":"e_1_2_1_21_1","volume-title":"Proceedings of the IEEE Ultrasonics Symposium","volume":"3","author":"Coutard F."},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/SMARTGRID.2010.5622046"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855768.1855781"},{"key":"e_1_2_1_24_1","volume-title":"Proceedings of the IEEE Security and Privacy Symposium.","author":"Das A."},{"key":"e_1_2_1_25_1","unstructured":"Anupam Das Nikita Borisov and Matthew Caesar. 2015. Exploring ways to mitigate sensor-based smartphone fingerprinting. Retrieved from http:\/\/arxiv.org\/abs\/1503.01874.  Anupam Das Nikita Borisov and Matthew Caesar. 2015. Exploring ways to mitigate sensor-based smartphone fingerprinting. Retrieved from http:\/\/arxiv.org\/abs\/1503.01874."},{"key":"e_1_2_1_26_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS\u201914)","author":"Dey S."},{"key":"e_1_2_1_27_1","unstructured":"N. Falliere L. O. Murchu and E. Chien. 2011. W32 Stuxnet Dossier. Symantec version 1.4. Retrieved from https:\/\/www.symantec.com\/content\/en\/us\/enterprise\/media\/security_response\/whitepapers\/w32_stuxnet_dossier.pdf.  N. Falliere L. O. Murchu and E. Chien. 2011. W32 Stuxnet Dossier. Symantec version 1.4. Retrieved from https:\/\/www.symantec.com\/content\/en\/us\/enterprise\/media\/security_response\/whitepapers\/w32_stuxnet_dossier.pdf."},{"key":"e_1_2_1_28_1","volume-title":"Proceedings of the 5th ACM Workshop on Wireless Security (WiSe\u201906)","author":"Daniel"},{"key":"e_1_2_1_29_1","unstructured":"Flotech. 2016. Electromagnetic Flowmeter. Retrieved from http:\/\/www.unhas.ac.id\/rhiza\/arsip\/iwormee2009\/old-archieve\/Spec%20FIT.pdf.  Flotech. 2016. Electromagnetic Flowmeter. Retrieved from http:\/\/www.unhas.ac.id\/rhiza\/arsip\/iwormee2009\/old-archieve\/Spec%20FIT.pdf."},{"key":"e_1_2_1_30_1","unstructured":"Flotech. 2016. RD700 2-Wire RADAR Level Transmitter. Retrieved from http:\/\/www.flotech.com.sg\/downloads\/rd700-radar-level-transmitter.pdf.  Flotech. 2016. RD700 2-Wire RADAR Level Transmitter. Retrieved from http:\/\/www.flotech.com.sg\/downloads\/rd700-radar-level-transmitter.pdf."},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23142"},{"key":"e_1_2_1_32_1","volume-title":"Proceedings of the 24th Annual Network and Distributed System Security Symposium (NDSS\u201917)","author":"Garcia Luis"},{"key":"e_1_2_1_33_1","volume-title":"Proceedings of the Annual Network and Distributed System Security Symposium (NDSS\u201917)","author":"Gerdes Ryan M."},{"key":"e_1_2_1_34_1","volume-title":"Cyber-Physical Systems Security","author":"Gollmann Dieter"},{"key":"e_1_2_1_35_1","doi-asserted-by":"crossref","unstructured":"Naman Govil Anand Agrawal and Nils Ole Tippenhauer. 2017. On ladder logic bombs in industrial control systems. Retrieved from http:\/\/arxiv.org\/abs\/1702.05241.  Naman Govil Anand Agrawal and Nils Ole Tippenhauer. 2017. On ladder logic bombs in industrial control systems. Retrieved from http:\/\/arxiv.org\/abs\/1702.05241.","DOI":"10.1007\/978-3-319-72817-9_8"},{"key":"e_1_2_1_36_1","volume-title":"Proceedings of the Conference on Defendable and Secure Computing.","author":"Hall J."},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2017.2703172"},{"key":"e_1_2_1_38_1","unstructured":"Indumart. 2012. Accuracy of the RADAR measurements. Retrieved from http:\/\/www.indumart.com\/Level-measurement-3.pdf.  Indumart. 2012. Accuracy of the RADAR measurements. Retrieved from http:\/\/www.indumart.com\/Level-measurement-3.pdf."},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2005.26"},{"key":"e_1_2_1_40_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy. 145--159","author":"Kune D. F.","year":"2013"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISORC.2008.25"},{"key":"e_1_2_1_43_1","volume-title":"Instrument Engineer\u2019s Handbook (4 ed.)","author":"Liptak Bela G."},{"key":"e_1_2_1_44_1","article-title":"Digital camera identification from sensor pattern noise","volume":"1","author":"Lukas J.","year":"2006","journal-title":"IEEE Trans. Info. Forens. Secur."},{"key":"e_1_2_1_45_1","volume-title":"Proceedings of the International Workshop on Cyber-physical Systems for Smart Water Networks (CySWater\u201916)","author":"Mathur A. P.","year":"2016"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2015.2512235"},{"key":"e_1_2_1_47_1","doi-asserted-by":"crossref","volume-title":"Energy Theft in the Advanced Metering Infrastructure","author":"McLaughlin Stephen","DOI":"10.1007\/978-3-642-14379-3_15"},{"key":"e_1_2_1_48_1","volume-title":"Article 55 (Mar.","author":"Mitchell Robert","year":"2014"},{"key":"e_1_2_1_49_1","volume-title":"Proceedings of the 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton\u201909)","author":"Mo Y.","year":"2009"},{"key":"e_1_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/2185505.2185514"},{"key":"e_1_2_1_51_1","first-page":"1","article-title":"Physical authentication of control systems: Designing watermarked control inputs to detect counterfeit sensor outputs","volume":"35","author":"Mo Y.","year":"2015","journal-title":"IEEE Control Syst."},{"key":"e_1_2_1_52_1","volume-title":"Proceedings of the 18th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM\u201999)","volume":"1","author":"Moon S. B.","year":"1999"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-15-2545-2"},{"key":"e_1_2_1_54_1","unstructured":"C. Mujeeb Ahmed A. Mathur and M. Ochoa. 2017. NoiSense: Detecting data integrity attacks on sensor measurements using hardware-based fingerprints. ArXiv e-prints (Dec. 2017). arXiv:cs.CR\/1712.01598  C. Mujeeb Ahmed A. Mathur and M. Ochoa. 2017. NoiSense: Detecting data integrity attacks on sensor measurements using hardware-based fingerprints. ArXiv e-prints (Dec. 2017). arXiv:cs.CR\/1712.01598"},{"key":"e_1_2_1_55_1","volume-title":"Proceedings of the IEEE 55th Conference on Decision and Control (CDC\u201916)","author":"Murguia C.","year":"2016"},{"key":"e_1_2_1_56_1","volume-title":"Proceedings of the 10th IEEE Computer Vision and Pattern Recognition Workshops. 78--84","author":"Nick B."},{"key":"e_1_2_1_57_1","unstructured":"NIST. 2014. Cyber-Physical Systems. Retrieved from https:\/\/www.nist.gov\/el\/cyber-physical-systems.  NIST. 2014. Cyber-Physical Systems. Retrieved from https:\/\/www.nist.gov\/el\/cyber-physical-systems."},{"key":"e_1_2_1_58_1","doi-asserted-by":"crossref","volume-title":"Implementation, Applications","author":"Van Overschee P.","DOI":"10.1007\/978-1-4613-0465-4_6"},{"key":"e_1_2_1_59_1","volume-title":"Chuadhry Mujeeb Ahmed, and Aditya Mathur.","author":"Palleti Venkata Reddy","year":"2020"},{"key":"e_1_2_1_60_1","volume-title":"Proceedings of the 10th USENIX Workshop on Offensive Technologies (WOOT\u201916)","author":"Park Youngseok","year":"2016"},{"key":"e_1_2_1_61_1","volume-title":"Proceedings of the 13th Annual ACM International Conference on Mobile Computing and Networking (MobiCom\u201907)","author":"Patwari Neal"},{"key":"e_1_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/277851.277865"},{"key":"e_1_2_1_63_1","volume-title":"Radio Engineering","volume":"20","author":"Petr S."},{"key":"e_1_2_1_64_1","volume-title":"Proceedings of the IEEE 18th International Symposium on High Assurance Systems Engineering (HASE\u201917)","author":"Prakash J.","year":"2017"},{"key":"e_1_2_1_65_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (SP\u201917)","author":"Quarta D.","year":"2017"},{"key":"e_1_2_1_66_1","volume-title":"Proceedings of the CyberICPS Workshop in Conjunction with ESORICS.","author":"Qadeer Rizwan","year":"2017"},{"key":"e_1_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2014.2369033"},{"key":"e_1_2_1_68_1","volume-title":"Proceedings of the 5th IEEE International Symposium on Signal Processing and Information Technology. 484--488","author":"Remley K. A.","year":"2005"},{"key":"e_1_2_1_69_1","volume-title":"CPDY: Extending the dolev-yao attacker with physical-layer interactions.","author":"Rocchetto Marco","year":"2016"},{"key":"e_1_2_1_70_1","volume-title":"Proceedings of the 10th USENIX Conference on Offensive Technologies (WOOT\u201916)","author":"Shin Hocheol","year":"2016"},{"key":"e_1_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813679"},{"key":"e_1_2_1_73_1","doi-asserted-by":"crossref","unstructured":"J. Slay and M. Miller. 2008. Lessons Learned from the Maroochy Water Breach. Springer Boston MA 73--82.  J. Slay and M. Miller. 2008. Lessons Learned from the Maroochy Water Breach. Springer Boston MA 73--82.","DOI":"10.1007\/978-0-387-75462-8_6"},{"key":"e_1_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.5555\/2831143.2831199"},{"key":"e_1_2_1_75_1","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2011.2165269"},{"key":"e_1_2_1_76_1","unstructured":"T. Jenny T. Edin N. Romesh and A. Muhammad. 2013. Ultrasonic Fluid Quantity Measurement in Dynamic Vehicular Applications: A Support Vector Machine Approach. Springer.  T. Jenny T. Edin N. Romesh and A. Muhammad. 2013. Ultrasonic Fluid Quantity Measurement in Dynamic Vehicular Applications: A Support Vector Machine Approach. Springer."},{"key":"e_1_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978388"},{"key":"e_1_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1109\/URSIGASS.2014.6929024"},{"key":"e_1_2_1_79_1","doi-asserted-by":"publisher","DOI":"10.1109\/TAU.1967.1161901"},{"key":"e_1_2_1_80_1","unstructured":"Wired. 2015. A Cyberattack Has Caused Confirmed Physical Damage for the Second Time Ever. Retrieved from https:\/\/www.wired.com\/2015\/01\/german-steel-mill-hack-destruction\/.  Wired. 2015. A Cyberattack Has Caused Confirmed Physical Damage for the Second Time Ever. Retrieved from https:\/\/www.wired.com\/2015\/01\/german-steel-mill-hack-destruction\/."},{"key":"e_1_2_1_81_1","first-page":"55","article-title":"Non-invasive spoofing attacks for anti-lock braking systems. In Proceedings of the Conference on Cryptographic Hardware and Embedded Systems (CHES\u201913)","volume":"8086","author":"Yasser S.","year":"2013","journal-title":"Springer Link"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3410447","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3410447","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T21:31:51Z","timestamp":1750195911000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3410447"}},"subtitle":["Detecting Data Integrity Attacks on Sensor Measurements Using Hardware-based Fingerprints"],"short-title":[],"issued":{"date-parts":[[2020,9,28]]},"references-count":79,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2021,2,28]]}},"alternative-id":["10.1145\/3410447"],"URL":"https:\/\/doi.org\/10.1145\/3410447","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"value":"2471-2566","type":"print"},{"value":"2471-2574","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,9,28]]},"assertion":[{"value":"2018-08-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-07-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-09-28","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}