Improving Security for SCADA Sensor Networks with Reputation Systems and Self-Organizing Maps

The reliable operation of modern infrastructures depends on computerized systems and Supervisory Control and Data Acquisition (SCADA) systems, which are also based on the data obtained from sensor networks. The inherent limitations of the sensor devices make them extremely vulnerable to cyberwarfare/cyberterrorism attacks. In this paper, we propose a reputation system enhanced with distributed agents, based on unsupervised learning algorithms (self-organizing maps), in order to achieve fault tolerance and enhanced resistance to previously unknown attacks. This approach has been extensively simulated and compared with previous proposals

Bio-inspired enhancement of reputation systems for intelligent environments

Providing security to the emerging field of ambient intelligence will be difficult if we rely only on existing techniques, given their dynamic and heterogeneous nature. Moreover, security demands of these systems are expected to grow, as many applications will require accurate context modeling. In this work we propose an enhancement to the reputation systems traditionally deployed for securing these systems. Different anomaly detectors are combined using the immunological paradigm to optimize reputation system performance in response to evolving security requirements. As an example, the experiments show how a combination of detectors based on unsupervised techniques (self-organizing maps and genetic algorithms) can help to significantly reduce the global response time of the reputation system. The proposed solution offers many benefits: scalability, fast response to adversarial activities, ability to detect unknown attacks, high adaptability, and high ability in detecting and confining attacks. For these reasons, we believe that our solution is capable of coping with the dynamism of ambient intelligence systems and the growing requirements of security demands

Detecting false testimonies in reputation systems using self-organizing maps

It has been demonstrated that rating trust and reputation of individual nodes is an effective approach in distributed environments in order to improve security, support decision-making and promote node collaboration. Nevertheless, these systems are vulnerable to deliberate false or unfair testimonies. In one scenario, the attackers collude to give negative feedback on the victim in order to lower or destroy its reputation. This attack is known as bad mouthing attack. In another scenario, a number of entities agree to give positive feedback on an entity (often with adversarial intentions). This attack is known as ballot stuffing. Both attack types can significantly deteriorate the performances of the network. The existing solutions for coping with these attacks are mainly concentrated on prevention techniques. In this work, we propose a solution that detects and isolates the abovementioned attackers, impeding them in this way to further spread their malicious activity. The approach is based on detecting outliers using clustering, in this case self-organizing maps. An important advantage of this approach is that we have no restrictions on training data, and thus there is no need for any data pre-processing. Testing results demonstrate the capability of the approach in detecting both bad mouthing and ballot stuffing attack in various scenarios

Self-organizing maps versus growing neural Gas in detecting anomalies in data centers

Reliability is one of the key performance factors in data centres. The out-of-scale energy costs of these facilities lead data centre operators to increase the ambient temperature of the data room to decrease cooling costs. However, increasing ambient temperature reduces the safety margins and can result in a higher number of anomalous events. Anomalies in the data centre need to be detected as soon as possible to optimize cooling efficiency and mitigate the harmful effects over servers. This article proposes the usage of clustering-based outlier detection techniques coupled with a trust and reputation system engine to detect anomalies in data centres. We show how self-organizing maps or growing neural gas can be applied to detect cooling and workload anomalies, respectively, in a real data centre scenario with very good detection and isolation rates, in a way that is robust to the malfunction of the sensors that gather server and environmental information

A New SCADA Dataset for Intrusion Detection System Research

Supervisory Control and Data Acquisition (SCADA) systems monitor and control industrial control systems in many industrials and economic sectors which are considered critical infrastructure. In the past, most SCADA systems were isolated from all other networks, but recently connections to corporate enterprise networks and the Internet have increased. Security concerns have risen from this new found connectivity. This thesis makes one primary contribution to researchers and industry. Two datasets have been introduced to support intrusion detection system research for SCADA systems. The datasets include network traffic captured on a gas pipeline SCADA system in Mississippi State University’s SCADA lab. IDS researchers lack a common framework to train and test proposed algorithms. This leads to an inability to properly compare IDS presented in literature and limits research progress. The datasets created for this thesis are available to be used to aid researchers in assessing the performance of SCADA IDS systems

Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

ASESMEN KERENTANAN KEAMANAN INFORMASI SISTEM SCADA DENGAN METODE OCTAVE ALLEGRO

System SCADA (Supervisory Control And Data Acquisition) merupakan sebuah system yang dibuat untuk pengambilan data, menyimpannya, analisa dan juga untuk mengendalikan suatu plant/system yang umumnya dilakukan secara jarak jauh. Untuk meningkatkan efisiensi, saat ini, system SCADA telah dipakai secara luas dalam berbagai bidang industry, seperti manufaktur, pembangkit listrik, oil & gas, telekomunikasi dan transportasi. Dalam perkembangannya, system ini tidak hanya terkoneksi secara intern saja, bahkan terkoneksi dengan internet untuk komunikasi antar komponennya maupun pengambilan informasi data sebagai bagian dari pendukung keputusan. Dengan terkoneksinya dengan system ekstern dalam hal ini internet, maka keamanan informasi system SCADA ini akan menjadi sangat rentan. Oleh karena itu, identifikasi terhadap resiko keamanan yang mungkin saja terjadi untuk memperoleh gambaran yang lengkap status keamanan system ini menjadi sangat diperlukan. Paper ini pengaplikasikan metode operationally critical threat, asset and vulnerability evaluation (OCTAVE) allegro untuk meng-asses resiko keamanan dari system SCADA. Metode ini focus pada asset informasi dan membandingkan wadah informasi yang berbeda-beda seperti database, kertas fisik dan manusia. Tujuan studi ini adalah untuk menyoroti berbagai kerentanan, resiko serta mengusulkan pendekatan mitigasi resiko yang teridentifikasi dari  keamanan system SCADA. Penelitian ini diharapkan bisa digunakan sebagai dasar untuk meningkatkan keamanan system SCADA.   Kata Kunci      SCADA, OCTAVE Allegro, Informasi, Resiko Keamanan

The role of communication systems in smart grids: Architectures, technical solutions and research challenges

The purpose of this survey is to present a critical overview of smart grid concepts, with a special focus on the role that communication, networking and middleware technologies will have in the transformation of existing electric power systems into smart grids. First of all we elaborate on the key technological, economical and societal drivers for the development of smart grids. By adopting a data-centric perspective we present a conceptual model of communication systems for smart grids, and we identify functional components, technologies, network topologies and communication services that are needed to support smart grid communications. Then, we introduce the fundamental research challenges in this field including communication reliability and timeliness, QoS support, data management services, and autonomic behaviors. Finally, we discuss the main solutions proposed in the literature for each of them, and we identify possible future research directions

eXplainable data processing

Seminario realizado en U & P U Patel Department of Computer Engineering, Chandubhai S. Patel Institute of Technology, Charotar University of Science And Technology (CHARUSAT), Changa-388421, Gujarat, India 2021[EN]Deep Learning y has created many new opportunities, it has unfortunately also become a means for achieving ill-intentioned goals. Fake news, disinformation campaigns, and manipulated images and videos have plagued the internet which has had serious consequences on our society. The myriad of information available online means that it may be difficult to distinguish between true and fake news, leading many users to unknowingly share fake news, contributing to the spread of misinformation. The use of Deep Learning to create fake images and videos has become known as deepfake. This means that there are ever more effective and realistic forms of deception on the internet, making it more difficult for internet users to distinguish reality from fictio