15,584 research outputs found
SCADA System Testbed for Cybersecurity Research Using Machine Learning Approach
This paper presents the development of a Supervisory Control and Data
Acquisition (SCADA) system testbed used for cybersecurity research. The testbed
consists of a water storage tank's control system, which is a stage in the
process of water treatment and distribution. Sophisticated cyber-attacks were
conducted against the testbed. During the attacks, the network traffic was
captured, and features were extracted from the traffic to build a dataset for
training and testing different machine learning algorithms. Five traditional
machine learning algorithms were trained to detect the attacks: Random Forest,
Decision Tree, Logistic Regression, Naive Bayes and KNN. Then, the trained
machine learning models were built and deployed in the network, where new tests
were made using online network traffic. The performance obtained during the
training and testing of the machine learning models was compared to the
performance obtained during the online deployment of these models in the
network. The results show the efficiency of the machine learning models in
detecting the attacks in real time. The testbed provides a good understanding
of the effects and consequences of attacks on real SCADA environmentsComment: E-Preprin
Recommended from our members
A Testbed for Developing and Evaluating GNSS Signal Authentication Techniques
An experimental testbed has been created for developing
and evaluating Global Navigation Satellite System (GNSS)
signal authentication techniques. The testbed advances the state
of the art in GNSS signal authentication by subjecting candidate
techniques to the strongest publicly-acknowledged GNSS spoofing
attacks. The testbed consists of a real-time phase-coherent GNSS
signal simulator that acts as spoofer, a real-time softwaredefined
GNSS receiver that plays the role of defender, and
post-processing versions of both the spoofer and defender. Two
recently-proposed authentication techniques are analytically and
experimentally evaluated: (1) a defense based on anomalous
received power in a GNSS band, and (2) a cryptographic
defense against estimation-and-replay-type spoofing attacks. The
evaluation reveals weaknesses in both techniques; nonetheless,
both significantly complicate a successful GNSS spoofing attackAerospace Engineering and Engineering Mechanic
Description of the control system design for the SSF PMAD DC testbed
The Power Management and Distribution (PMAD) DC Testbed Control System for Space Station Freedom was developed using a top down approach based on classical control system and conventional terrestrial power utilities design techniques. The design methodology includes the development of a testbed operating concept. This operating concept describes the operation of the testbed under all possible scenarios. A unique set of operating states was identified and a description of each state, along with state transitions, was generated. Each state is represented by a unique set of attributes and constraints, and its description reflects the degree of system security within which the power system is operating. Using the testbed operating states description, a functional design for the control system was developed. This functional design consists of a functional outline, a text description, and a logical flowchart for all the major control system functions. Described here are the control system design techniques, various control system functions, and the status of the design and implementation
Position Estimation of Robotic Mobile Nodes in Wireless Testbed using GENI
We present a low complexity experimental RF-based indoor localization system
based on the collection and processing of WiFi RSSI signals and processing
using a RSS-based multi-lateration algorithm to determine a robotic mobile
node's location. We use a real indoor wireless testbed called w-iLab.t that is
deployed in Zwijnaarde, Ghent, Belgium. One of the unique attributes of this
testbed is that it provides tools and interfaces using Global Environment for
Network Innovations (GENI) project to easily create reproducible wireless
network experiments in a controlled environment. We provide a low complexity
algorithm to estimate the location of the mobile robots in the indoor
environment. In addition, we provide a comparison between some of our collected
measurements with their corresponding location estimation and the actual robot
location. The comparison shows an accuracy between 0.65 and 5 meters.Comment: (c) 2016 IEEE. Personal use of this material is permitted. Permission
from IEEE must be obtained for all other uses, in any current or future
media, including reprinting/republishing this material for advertising or
promotional purposes, creating new collective works, for resale or
redistribution to servers or lists, or reuse of any copyrighted component of
this work in other work
Software Defined Networks based Smart Grid Communication: A Comprehensive Survey
The current power grid is no longer a feasible solution due to
ever-increasing user demand of electricity, old infrastructure, and reliability
issues and thus require transformation to a better grid a.k.a., smart grid
(SG). The key features that distinguish SG from the conventional electrical
power grid are its capability to perform two-way communication, demand side
management, and real time pricing. Despite all these advantages that SG will
bring, there are certain issues which are specific to SG communication system.
For instance, network management of current SG systems is complex, time
consuming, and done manually. Moreover, SG communication (SGC) system is built
on different vendor specific devices and protocols. Therefore, the current SG
systems are not protocol independent, thus leading to interoperability issue.
Software defined network (SDN) has been proposed to monitor and manage the
communication networks globally. This article serves as a comprehensive survey
on SDN-based SGC. In this article, we first discuss taxonomy of advantages of
SDNbased SGC.We then discuss SDN-based SGC architectures, along with case
studies. Our article provides an in-depth discussion on routing schemes for
SDN-based SGC. We also provide detailed survey of security and privacy schemes
applied to SDN-based SGC. We furthermore present challenges, open issues, and
future research directions related to SDN-based SGC.Comment: Accepte
Efficient Passive ICS Device Discovery and Identification by MAC Address Correlation
Owing to a growing number of attacks, the assessment of Industrial Control
Systems (ICSs) has gained in importance. An integral part of an assessment is
the creation of a detailed inventory of all connected devices, enabling
vulnerability evaluations. For this purpose, scans of networks are crucial.
Active scanning, which generates irregular traffic, is a method to get an
overview of connected and active devices. Since such additional traffic may
lead to an unexpected behavior of devices, active scanning methods should be
avoided in critical infrastructure networks. In such cases, passive network
monitoring offers an alternative, which is often used in conjunction with
complex deep-packet inspection techniques. There are very few publications on
lightweight passive scanning methodologies for industrial networks. In this
paper, we propose a lightweight passive network monitoring technique using an
efficient Media Access Control (MAC) address-based identification of industrial
devices. Based on an incomplete set of known MAC address to device
associations, the presented method can guess correct device and vendor
information. Proving the feasibility of the method, an implementation is also
introduced and evaluated regarding its efficiency. The feasibility of
predicting a specific device/vendor combination is demonstrated by having
similar devices in the database. In our ICS testbed, we reached a host
discovery rate of 100% at an identification rate of more than 66%,
outperforming the results of existing tools.Comment: http://dx.doi.org/10.14236/ewic/ICS2018.
- …