Cyber resilience meta-modelling: The railway communication case study

Recent times have demonstrated how much the modern critical infrastructures (e.g., energy, essential services, people and goods transportation) depend from the global communication networks. However, in the current Cyber-Physical World convergence, sophisticated attacks to the cyber layer can provoke severe damages to both physical structures and the operations of infrastructure affecting not only its functionality and safety, but also triggering cascade effects in other systems because of the tight interdependence of the systems that characterises the modern society. Hence, critical infrastructure must integrate the current cyber-security approach based on risk avoidance with a broader perspective provided by the emerging cyber-resilience paradigm. Cyber resilience is aimed as a way absorb the consequences of these attacks and to recover the functionality quickly and safely through adaptation. Several high-level frameworks and conceptualisations have been proposed but a formal definition capable of translating cyber resilience into an operational tool for decision makers considering all aspects of such a multifaceted concept is still missing. To this end, the present paper aims at providing an operational formalisation for cyber resilience starting from the Cyber Resilience Ontology presented in a previous work using model-driven principles. A domain model is defined to cope with the different aspects and “resilience-assurance” processes that it can be valid in various application domains. In this respect, an application case based on critical transportation communications systems, namely the railway communication system, is provided to prove the feasibility of the proposed approach and to identify future improvements

Smart city pilot projects using LoRa and IEEE802.15.4 technologies

Information and Communication Technologies (ICTs), through wireless communications and the Internet of Things (IoT) paradigm, are the enabling keys for transforming traditional cities into smart cities, since they provide the core infrastructure behind public utilities and services. However, to be effective, IoT-based services could require different technologies and network topologies, even when addressing the same urban scenario. In this paper, we highlight this aspect and present two smart city testbeds developed in Italy. The first one concerns a smart infrastructure for public lighting and relies on a heterogeneous network using the IEEE 802.15.4 short-range communication technology, whereas the second one addresses smart-building applications and is based on the LoRa low-rate, long-range communication technology. The smart lighting scenario is discussed providing the technical details and the economic benefits of a large-scale (around 3000 light poles) flexible and modular implementation of a public lighting infrastructure, while the smart-building testbed is investigated, through measurement campaigns and simulations, assessing the coverage and the performance of the LoRa technology in a real urban scenario. Results show that a proper parameter setting is needed to cover large urban areas while maintaining the airtime sufficiently low to keep packet losses at satisfactory levels

Reliable Bidirectional Data Transfer Approach for the Internet of Secured Medical Things Using ZigBee Wireless Network

[EN] Nowadays, the Internet of Things (IoT) performs robust services for real-time applications in monitoring communication systems and generating meaningful information. The ZigBee devices offer low latency and manageable costs for wireless communication and support the process of physical data collection. Some biosensing systems comprise IoT-based ZigBee devices to monitor patient healthcare attributes and alert healthcare professionals for needed action. However, most of them still face unstable and frequent data interruption issues due to transmission service intrusions. Moreover, the medical data is publicly available using cloud services, and communicated through the smart devices to specialists for evaluation and disease diagnosis. Therefore, the applicable security analysis is another key factor for any medical system. This work proposed an approach for reliable network supervision with the internet of secured medical things using ZigBee networks for a smart healthcare system (RNM-SC). It aims to improve data systems with manageable congestion through load-balanced devices. Moreover, it also increases security performance in the presence of anomalies and offers data routing using the bidirectional heuristics technique. In addition, it deals with more realistic algorithm to associate only authorized devices and avoid the chances of compromising data. In the end, the communication between cloud and network applications is also protected from hostile actions, and only certified end-users can access the data. The proposed approach was tested and analyzed in Network Simulator (NS-3), and, compared to existing solutions, demonstrated significant and reliable performance improvements in terms of network throughput by 12%, energy consumption by 17%, packet drop ratio by 37%, end-to-end delay by 18%, routing complexity by 37%, and tampered packets by 37%.This research is supported by Artificial Intelligence & Data Analytics Lab (AIDA) CCIS Prince Sultan University, Riyadh, Saudi Arabia. Authors are thankful for the support.Rehman, A.; Haseeb, K.; Fati, SM.; Lloret, J.; Peñalver Herrero, ML. (2021). Reliable Bidirectional Data Transfer Approach for the Internet of Secured Medical Things Using ZigBee Wireless Network. Applied Sciences. 11(21):1-16. https://doi.org/10.3390/app11219947S116112

Network Resilience Architecture and Analysis for Smart Homes

The Internet of Things (IoT) is evolving rapidly to every aspect of human life including, healthcare, homes, cities, and driverless vehicles that makes humans more dependent on the Internet and related infrastructure. While many researchers have studied the structure of the Internet that is resilient as a whole, new studies are required to investigate the resilience of the edge networks in which people and “things” connect to the Internet. Since the range of service requirements varies at the edge of the network, a wide variety of technologies with different topologies are involved. Though the heterogeneity of the technologies at the edge networks can improve the robustness through the diversity of mechanisms, other issues such as connectivity among the utilized technologies and cascade of failures would not have the same effect as a simple network. Therefore, regardless of the size of networks at the edge, the structure of these networks is complicated and requires appropriate study. In this dissertation, we propose an abstract model for smart homes, as part of one of the fast-growing networks at the edge, to illustrate the heterogeneity and complexity of the network structure. As the next step, we make two instances of the abstract smart home model and perform a graph-theoretic analysis to recognize the fundamental behavior of the network to improve its robustness. During the process, we introduce a formal multilayer graph model to highlight the structures, topologies, and connectivity of various technologies at the edge networks and their connections to the Internet core. Furthermore, we propose another graph model, technology interdependence graph, to represent the connectivity of technologies. This representation shows the degree of connectivity among technologies and illustrates which technologies are more vulnerable to link and node failures. Moreover, the dominant topologies at the edge change the node and link vulnerability, which can be used to apply worst-case scenario attacks. Restructuring of the network by adding new links associated with various protocols to maximize the robustness of a given network can have distinctive outcomes for different robustness metrics. However, typical centrality metrics usually fail to identify important nodes in multi-technology networks such as smart homes. We propose four new centrality metrics to improve the process of identifying important nodes in multi-technology networks and recognize vulnerable nodes. We perform the process of improvement through modifying topology, adding extra nodes, and links when necessary. The improvement process would be verified by calculation of the proper graph metrics and introducing new metrics when it is appropriate. Finally, we study over 1000 different smart home topologies to examine the resilience of the networks with typical and the proposed centrality metrics

Network Threat Detection Using Machine/Deep Learning in SDN-Based Platforms: A Comprehensive Analysis of State-of-the-Art Solutions, Discussion, Challenges, and Future Research Direction

A revolution in network technology has been ushered in by software defined networking (SDN), which makes it possible to control the network from a central location and provides an overview of the network’s security. Despite this, SDN has a single point of failure that increases the risk of potential threats. Network intrusion detection systems (NIDS) prevent intrusions into a network and preserve the network’s integrity, availability, and confidentiality. Much work has been done on NIDS but there are still improvements needed in reducing false alarms and increasing threat detection accuracy. Recently advanced approaches such as deep learning (DL) and machine learning (ML) have been implemented in SDN-based NIDS to overcome the security issues within a network. In the first part of this survey paper, we offer an introduction to the NIDS theory, as well as recent research that has been conducted on the topic. After that, we conduct a thorough analysis of the most recent ML- and DL-based NIDS approaches to ensure reliable identification of potential security risks. Finally, we focus on the opportunities and difficulties that lie ahead for future research on SDN-based ML and DL for NIDS.publishedVersio