316 research outputs found

    Risk and threat mitigation techniques in internet of things (IoT) environments: a survey

    Get PDF
    Security in the Internet of Things (IoT) remains a predominant area of concern. Although several other surveys have been published on this topic in recent years, the broad spectrum that this area aims to cover, the rapid developments and the variety of concerns make it impossible to cover the topic adequately. This survey updates the state of the art covered in previous surveys and focuses on defences and mitigations against threats rather than on the threats alone, an area that is less extensively covered by other surveys. This survey has collated current research considering the dynamicity of the IoT environment, a topic missed in other surveys and warrants particular attention. To consider the IoT mobility, a life-cycle approach is adopted to the study of dynamic and mobile IoT environments and means of deploying defences against malicious actors aiming to compromise an IoT network and to evolve their attack laterally within it and from it. This survey takes a more comprehensive and detailed step by analysing a broad variety of methods for accomplishing each of the mitigation steps, presenting these uniquely by introducing a “defence-in-depth” approach that could significantly slow down the progress of an attack in the dynamic IoT environment. This survey sheds a light on leveraging redundancy as an inherent nature of multi-sensor IoT applications, to improve integrity and recovery. This study highlights the challenges of each mitigation step, emphasises novel perspectives, and reconnects the discussed mitigation steps to the ground principles they seek to implement

    A Firewall Optimization for Threat-Resilient Micro-Segmentation in Power System Networks

    Full text link
    Electric power delivery relies on a communications backbone that must be secure. SCADA systems are essential to critical grid functions and include industrial control systems (ICS) protocols such as the Distributed Network Protocol-3 (DNP3). These protocols are vulnerable to cyber threats that power systems, as cyber-physical critical infrastructure, must be protected against. For this reason, the NERC Critical Infrastructure Protection standard CIP-005-5 specifies that an electronic system perimeter is needed, accomplished with firewalls. This paper presents how these electronic system perimeters can be optimally found and generated using a proposed meta-heuristic approach for optimal security zone formation for large-scale power systems. Then, to implement the optimal firewall rules in a large scale power system model, this work presents a prototype software tool that takes the optimization results and auto-configures the firewall nodes for different utilities in a cyber-physical testbed. Using this tool, firewall policies are configured for all the utilities and their substations within a synthetic 2000-bus model, assuming two different network topologies. Results generate the optimal electronic security perimeters to protect a power system's data flows and compare the number of firewalls, monetary cost, and risk alerts from path analysis.Comment: 12 pages, 22 figure

    Next-Generation Industrial Control System (ICS) Security:Towards ICS Honeypots for Defence-in-Depth Security

    Get PDF
    The advent of Industry 4.0 and smart manufacturing has led to an increased convergence of traditional manufacturing and production technologies with IP communications. Legacy Industrial Control System (ICS) devices are now exposed to a wide range of previously unconsidered threats, which must be considered to ensure the safe operation of industrial processes. Especially as cyberspace is presenting itself as a popular domain for nation-state operations, including against critical infrastructure. Honeypots are a well-known concept within traditional IT security, and they can enable a more proactive approach to security, unlike traditional systems. More work needs to be done to understand their usefulness within OT and critical infrastructure. This thesis advances beyond current honeypot implementations and furthers the current state-of-the-art by delivering novel ways of deploying ICS honeypots and delivering concrete answers to key research questions within the area. This is done by answering the question previously raised from a multitude of perspectives. We discuss relevant legislation, such as the UK Cyber Assessment Framework, the US NIST Framework for Improving Critical Infrastructure Cybersecurity, and associated industry-based standards and guidelines supporting operator compliance. Standards and guidance are used to frame a discussion on our survey of existing ICS honeypot implementations in the literature and their role in supporting regulatory objectives. However, these deployments are not always correctly configured and might differ from a real ICS. Based on these insights, we propose a novel framework towards the classification and implementation of ICS honeypots. This is underpinned by a study into the passive identification of ICS honeypots using Internet scanner data to identify honeypot characteristics. We also present how honeypots can be leveraged to identify when bespoke ICS vulnerabilities are exploited within the organisational network—further strengthening the case for honeypot usage within critical infrastructure environments. Additionally, we demonstrate a fundamentally different approach to the deployment of honeypots. By deploying it as a deterrent, to reduce the likelihood that an adversary interacts with a real system. This is important as skilled attackers are now adept at fingerprinting and avoiding honeypots. The results presented in this thesis demonstrate that honeypots can provide several benefits to the cyber security of and alignment to regulations within the critical infrastructure environment

    Driving Manufacturing Systems for the Fourth Industrial Revolution

    Get PDF
    It has been a long way since the aroused of the Industry 4.0 and the companies' reality is not already align with this new concept. Industry 4.0 is ongoing slowly as it was expected that its maturity level should be higher. The companies´ managers should have a different approach to the adoption of the industry 4.0 enabling technologies on their manufacturing systems to create smart nets along all production process with the connection of elements on the manu-facturing system such as machines, employees, and systems. These smart nets can control and make autonomous decisions efficiently. Moreover, in the industry 4.0 environment, companies can predict problems and failures along all production process and react sooner regarding maintenance or production changes for instance. The industry 4.0 environment is a challenging area because changes the relation between humans and machines. In this way, the scope of this thesis is to contribute to companies adopting the industry 4.0 enabling technologies in their manufacturing systems to improve their competitiveness to face the incoming future. For this purpose, this thesis integrates a research line oriented to i) the understanding of the industry 4.0 concepts, and its enabling technologies to perform the vision of the smart factory, ii) the analysis of the industry 4.0 maturity level on a regional industrial sector and to understand how companies are facing the digital transformation challenges and its barriers, iii) to analyze in deep the industry 4.0 adoption in a company and understand how this company can reach higher maturity levels, and iv) the development of strategic scenarios to help companies on the digital transition, proposing risk mitigations plans and a methodology to develop stra-tegic scenarios. This thesis highlights several barriers to industry 4.0 adoption and also brings new ones to academic and practitioner discussion. The companies' perception related to these barriers Is also discussed in this thesis. The findings of this thesis are of significant interest to companies and managers as they can position themselves along this research line and take advantage of it using all phases of this thesis to perform a better knowledge of this industrial revolution, how to perform better industry 4.0 maturity levels and they can position themselves in the proposed strategic scenarios to take the necessary actions to better face this industrial revolution. In this way, it is proposed this research line for companies to accelerate their digital transformation.Já existe um longo percurso desde o aparecimento da indústria 4.0 e a realidade das empresas ainda não está alinhada com este novo conceito. A indústria 4.0 está em andamento lento, pois era esperado que o seu nível de maturidade fosse maior. Os gestores das empresas devem ter uma abordagem diferente na adoção das tecnologias facilitadoras da indústria 4.0 nos seus sistemas produtivos para criar redes inteligentes ao longo de todo o processo produtivo com a conexão de elementos do sistema produtivo como máquinas, operários e sistemas. Estas redes inteligentes podem controlar e tomar decisões autónomas com eficiência. Além disso, no ambiente da indústria 4.0, as empresas podem prever problemas e falhas ao longo de todo o processo produtivo e reagir mais cedo em relação a manutenções ou mudanças de produção, por exemplo. O ambiente da indústria 4.0 é uma área desafiadora devido às mudanças na relação entre humanos e máquinas. Desta forma, o objetivo desta tese é contribuir para que as empresas adotem as tecnologias facilitadoras das indústria 4.0 nos seus sistemas produtivos por forma a melhorar sua competitividade para enfrentar o futuro que se aproxima. Para isso, esta tese integra uma linha de investigação orientada para i) a compreensão dos conceitos da indústria 4.0, e suas tecnologias facilitadores para realizar a visão da fábrica inteligente, ii) a análise do nível de maturidade da indústria 4.0 num setor industrial regional e entender como as empresas estão enfrentando os desafios da transformação digital e suas barreiras, iii) analisar a fundo a adoção da indústria 4.0 numa empresa e entender como essa empresa pode atingir níveis mais elevados de maturidade, e iv) o desenvolvimento de cenários estratégicos para ajudar as empresas na transição digital, propondo planos de mitigação de riscos e uma metodologia para desenvolver cenários estratégicos. Esta tese destaca várias barreiras à adoção da indústria 4.0 e também traz novas barreiras para a discussão acadêmica e profissional. A perceção das empresas em relação a essas barreiras também é discutida nesta tese. As descobertas nesta tese são de grande interesse para empresas e gestores, pois podem-se posicionar ao longo desta linha de investigação e aproveitá-la utilizando todas as fases desta tese para obter um melhor conhecimento desta revolução industrial, como obter melhores níveis de maturidade da indústria 4.0 e possam posicionar-se nos cenários estratégicos propostos por forma a tomar as ações necessárias para melhorar o envolvimento nesta revolução industrial. Desta forma, propõe-se esta linha de investigação para que as empresas acelerem a sua transformação digital

    Resilient and Scalable Forwarding for Software-Defined Networks with P4-Programmable Switches

    Get PDF
    Traditional networking devices support only fixed features and limited configurability. Network softwarization leverages programmable software and hardware platforms to remove those limitations. In this context the concept of programmable data planes allows directly to program the packet processing pipeline of networking devices and create custom control plane algorithms. This flexibility enables the design of novel networking mechanisms where the status quo struggles to meet high demands of next-generation networks like 5G, Internet of Things, cloud computing, and industry 4.0. P4 is the most popular technology to implement programmable data planes. However, programmable data planes, and in particular, the P4 technology, emerged only recently. Thus, P4 support for some well-established networking concepts is still lacking and several issues remain unsolved due to the different characteristics of programmable data planes in comparison to traditional networking. The research of this thesis focuses on two open issues of programmable data planes. First, it develops resilient and efficient forwarding mechanisms for the P4 data plane as there are no satisfying state of the art best practices yet. Second, it enables BIER in high-performance P4 data planes. BIER is a novel, scalable, and efficient transport mechanism for IP multicast traffic which has only very limited support of high-performance forwarding platforms yet. The main results of this thesis are published as 8 peer-reviewed and one post-publication peer-reviewed publication. The results cover the development of suitable resilience mechanisms for P4 data planes, the development and implementation of resilient BIER forwarding in P4, and the extensive evaluations of all developed and implemented mechanisms. Furthermore, the results contain a comprehensive P4 literature study. Two more peer-reviewed papers contain additional content that is not directly related to the main results. They implement congestion avoidance mechanisms in P4 and develop a scheduling concept to find cost-optimized load schedules based on day-ahead forecasts

    Jornadas Nacionales de Investigación en Ciberseguridad: actas de las VIII Jornadas Nacionales de Investigación en ciberseguridad: Vigo, 21 a 23 de junio de 2023

    Get PDF
    Jornadas Nacionales de Investigación en Ciberseguridad (8ª. 2023. Vigo)atlanTTicAMTEGA: Axencia para a modernización tecnolóxica de GaliciaINCIBE: Instituto Nacional de Cibersegurida

    CYBEREDUCATION-BY-DESIGN™: DEVELOPING A FRAMEWORK FOR CYBERSECURITY EDUCATION AT SECONDARY EDUCATION INSTITUTIONS IN ARIZONA

    Get PDF
    Most survey results agree that there is a current and ongoing shortage of skilled cybersecurity workers that places our privacy, infrastructure, and nation at risk. Estimates for the global Cybersecurity Workforce Gap range from 2.72 million (ISC2, 2021) to 3.5 million (Cyber Academy, 2021) for 2021 and the United States estimates range from 465,000 (Brooks, 2021) to over 769,000 (Cyber Seek, 2022) open jobs as of November 2022. The most optimistic estimates still demonstrate a critical issue. As cybersecurity threats continue to grow in sophistication, scope, and scale, the ability to secure the United States from these threats lies in the ability to develop cybersecurity professionals with the knowledge, skills, and abilities (KSAs) to accomplish the tasks associated with their cyber roles. The ability to supply qualified cybersecurity professionals is outpaced by the growing demand as previously outlined. This study proposes that conducting a case study of existing cybersecurity programs at secondary education institutions can identify the critical elements of these programs. These elements can be codified into program profiles and further refined into a comprehensive cybersecurity education framework for secondary education institutions. This framework can be used by school districts throughout Arizona to develop cybersecurity programs and ultimately develop qualified and competent cybersecurity professionals to overcome the cybersecurity workforce gap
    corecore