Keywords

Security, Building Automation, BACnet, KNX, Machine Learning, Man-in-the-Middle, Automation

Abstract

Building automation systems (BAS) have become more commonplace in personal and commercial environments in recent years. They provide many functions for comfort and ease of use, from automating room temperature and shading, to monitoring equipment data and status. Even though their convenience is beneficial, their security has become an increased concerned in recent years. This research shows an extensive study on building automation systems and identifies vulnerabilities in some of the most common building communication protocols, BACnet and KNX. First, we explore the BACnet protocol, exploring its Standard BACnet objects and properties. An automation tool is designed and implemented to identify BACnet devices using their IP addresses and enumerate both standard and vendor-defined BACnet objects as well as their standard properties. This tool is applied to a testbed real-world BAS system on a university campus and successfully validates the tool's effectiveness. We present a false data injection attack on a KNX system using a man-in-the-middle (MITM) attack. A BAS is modeled to analyze the impact of false data injections to a system in terms of energy cost. A machine learning (ML) based detection strategy is designed to detect the false data injection attack using a novel feature based on the Jensen Shannon Divergence (JSD), measuring the similarity of the KNX telegram's interarrival time distributions with attack and with no attack. Real-world experiments are performed to validate the presented false data injection attack and the ML detection strategy. Our results show an increase in overall energy cost during a false data injection attack. Of the examined ML models, the Support Vector Machine (SVM) classifier achieved the best results with 100% detection rate using our proposed JSD similarity feature vector compared to more traditional features. Lastly, we introduce a simplified real-world BAS system, consisting of both BACnet and KNX equipment, and spanning over multiple building environments. We analyze the vulnerabilities of the BAS system at each level and component, introducing several attack scenarios which may occur and affect the system.

Completion Date

2024

Semester

Spring

Committee Chair

Fu, Xinwen

Degree

Doctor of Philosophy (Ph.D.)

College

College of Engineering and Computer Science

Department

Computer Science

Degree Program

Computer Science

Format

application/pdf

Identifier

DP0028291

URL

https://purls.library.ucf.edu/go/DP0028291

Language

English

Rights

In copyright

Release Date

May 2024

Length of Campus-only Access

None

Access Status

Doctoral Dissertation (Open Access)

Campus Location

Orlando (Main) Campus

Accessibility Status

Meets minimum standards for ETDs/HUTs

Download

Share

COinS