A Cognitive Framework to Secure Smart Cities

The advancement in technology has transformed Cyber Physical Systems and their interface with IoT into a more sophisticated and challenging paradigm. As a result, vulnerabilities and potential attacks manifest themselves considerably more than before, forcing researchers to rethink the conventional strategies that are currently in place to secure such physical systems. This manuscript studies the complex interweaving of sensor networks and physical systems and suggests a foundational innovation in the field. In sharp contrast with the existing IDS and IPS solutions, in this paper, a preventive and proactive method is employed to stay ahead of attacks by constantly monitoring network data patterns and identifying threats that are imminent. Here, by capitalizing on the significant progress in processing power (e.g. petascale computing) and storage capacity of computer systems, we propose a deep learning approach to predict and identify various security breaches that are about to occur. The learning process takes place by collecting a large number of files of different types and running tests on them to classify them as benign or malicious. The prediction model obtained as such can then be used to identify attacks. Our project articulates a new framework for interactions between physical systems and sensor networks, where malicious packets are repeatedly learned over time while the system continually operates with respect to imperfect security mechanisms

Moving target defense for securing smart grid communications: Architectural design, implementation and evaluation

Supervisory Control And Data Acquisition (SCADA) communications are often subjected to various kinds of sophisticated cyber-attacks which can have a serious impact on the Critical Infrastructure such as the power grid. Most of the time, the success of the attack is based on the static characteristics of the system, thereby enabling an easier profiling of the target system(s) by the adversary and consequently exploiting their limited resources. In this thesis, a novel approach to mitigate such static vulnerabilities is proposed by implementing a Moving Target Defense (MTD) strategy in a power grid SCADA environment, which leverages the existing communication network with an end-to-end IP Hopping technique among the trusted peer devices. This offers a proactive L3 layer network defense, minimizing IP-specific threats and thwarting worm propagation, APTs, etc., which utilize the cyber kill chain for attacking the system through the SCADA network. The main contribution of this thesis is to show how MTD concepts provide proactive defense against targeted cyber-attacks, and a dynamic attack surface to adversaries without compromising the availability of a SCADA system. Specifically, the thesis presents a brief overview of the different type of MTD designs, the proposed MTD architecture and its implementation with IP hopping technique over a Control Center–Substation network link along with a 3-way handshake protocol for synchronization on the Iowa State’s Power Cyber testbed. The thesis further investigates the delay and throughput characteristics of the entire system with and without the MTD to choose the best hopping rate for the given link. It also includes additional contributions for making the testbed scenarios more realistic to real world scenarios with multi-hop, multi-path WAN. Using that and studying a specific attack model, the thesis analyses the best ranges of IP address for different hopping rate and different number of interfaces. Finally, the thesis describes two case studies to explore and identify potential weaknesses of the proposed mechanism, and also experimentally validate the proposed mitigation alterations to resolve the discovered vulnerabilities. As part of future work, we plan to extend this work by optimizing the MTD algorithm to be more resilient by incorporating other techniques like network port mutation to further increase the attack complexity and cost

Deep Learning-Based Intrusion Detection System for Advanced Metering Infrastructure

Smart grid is an alternative solution of the conventional power grid which harnesses the power of the information technology to save the energy and meet today's environment requirements. Due to the inherent vulnerabilities in the information technology, the smart grid is exposed to a wide variety of threats that could be translated into cyber-attacks. In this paper, we develop a deep learning-based intrusion detection system to defend against cyber-attacks in the advanced metering infrastructure network. The proposed machine learning approach is trained and tested extensively on an empirical industrial dataset which is composed of several attack categories including the scanning, buffer overflow, and denial of service attacks. Then, an experimental comparison in terms of detection accuracy is conducted to evaluate the performance of the proposed approach with Naive Bayes, Support Vector Machine, and Random Forest. The obtained results suggest that the proposed approaches produce optimal results comparing to the other algorithms. Finally, we propose a network architecture to deploy the proposed anomaly-based intrusion detection system across the Advanced Metering Infrastructure network. In addition, we propose a network security architecture composed of two types of Intrusion detection system types, Host and Network-based, deployed across the Advanced Metering Infrastructure network to inspect the traffic and detect the malicious one at all the levels.Comment: 7 pages, 6 figures. 2019 NISS19: Proceedings of the 2nd International Conference on Networking, Information Systems & Securit

One-Class Classification: Taxonomy of Study and Review of Techniques

One-class classification (OCC) algorithms aim to build classification models when the negative class is either absent, poorly sampled or not well defined. This unique situation constrains the learning of efficient classifiers by defining class boundary just with the knowledge of positive class. The OCC problem has been considered and applied under many research themes, such as outlier/novelty detection and concept learning. In this paper we present a unified view of the general problem of OCC by presenting a taxonomy of study for OCC problems, which is based on the availability of training data, algorithms used and the application domains applied. We further delve into each of the categories of the proposed taxonomy and present a comprehensive literature review of the OCC algorithms, techniques and methodologies with a focus on their significance, limitations and applications. We conclude our paper by discussing some open research problems in the field of OCC and present our vision for future research.Comment: 24 pages + 11 pages of references, 8 figure

Process-Aware Defenses for Cyber-Physical Systems

The increasing connectivity is exposing safety-critical systems to cyberattacks that can cause real physical damage and jeopardize human lives. With billions of IoT devices added to the Internet every year, the cybersecurity landscape is drastically shifting from IT systems and networks to systems that comprise both cyber and physical components, commonly referred to as cyber-physical systems (CPS). The difficulty of applying classical IT security solutions in CPS environments has given rise to new security techniques known as process-aware defense mechanisms, which are designed to monitor and protect industrial processes supervised and controlled by cyber elements from sabotage attempts via cyberattacks. In this thesis, we critically examine the emerging CPS-driven cybersecurity landscape and investigate how process-aware defenses can contribute to the sustainability of highly connected cyber-physical systems by making them less susceptible to crippling cyberattacks. We introduce a novel data-driven model-free methodology for real-time monitoring of physical processes to detect and report suspicious behaviour before damage occurs. We show how our model-free approach is very lightweight, does not require detailed specifications, and is applicable in various CPS environments including IoT systems and networks. We further design, implement, evaluate, and deploy process-aware techniques, study their efficacy and applicability in real-world settings, and address their deployment challenges

Security Analysis for Distributed IoT-Based Industrial Automation

Internet of Things (IoT) technologies enable development of reconfigurable manufacturing systems--a new generation of modularized industrial equipment suitable for highly customized manufacturing. Sequential control in these systems is largely based on discrete events, whereas their formal execution semantics is specified as control interpreted Petri nets (CIPN). Despite industry-wide use of programming languages based on the CIPN formalism, formal verification of such control applications in the presence of adversarial activity is not supported. Consequently, in this article, we introduce security-aware modeling and verification techniques for CIPN-based sequential control applications. Specifically, we show how CIPN models of networked industrial IoT controllers can be transformed into time Petri net (TPN)-based models and composed with plant and security-aware channel models in order to enable system-level verification of safety properties in the presence of network-based attacks. Additionally, we introduce realistic channel-specific attack models that capture adversarial behavior using nondeterminism. Moreover, we show how verification results can be utilized to introduce security patches and facilitate design of attack detectors that improve system resiliency and enable satisfaction of critical safety properties. Finally, we evaluate our framework on an industrial case study

Dynamic Stability with Artificial Intelligence in Smart Grids

Environmental concerns are among the main drives of the energy transition in power systems. Smart grids are the natural evolution of power systems to become more efficient and sustainable. This modernization coincides with the vast and wide integration of energy generation and storage systems dependent on power electronics. At the same time, the low inertia power electronics, introduce new challenges in power system dynamics. In fact, the synchronisation capabilities of power systems are threatened by the emergence of new oscillations and the displacement of conventional solutions for ensuring the stability of power systems. This necessitates an equal modernization of the methods to maintain the rotor angle stability in the future smart grids. The applications of artificial intelligence in power systems are constantly increasing. The thesis reviews the most relevant works for monitoring, predicting, and controlling the rotor angle stability of power systems and presents a novel controller for power oscillation damping

Dynamic stability with artificial intelligence in smart grids

Environmental concerns are among the main drives of the energy transition in power systems. Smart grids are the natural evolution of power systems to become more efficient and sustainable. This modernization coincides with the vast and wide integration of energy generation and storage systems dependent on power electronics. At the same time, the low inertia power electronics, introduce new challenges in power system dynamics. In fact, the synchronisation capabilities of power systems are threatened by the emergence of new oscillations and the displacement of conventional solutions for ensuring the stability of power systems. This necessitates an equal modernization of the methods to maintain the rotor angle stability in the future smart grids. The applications of artificial intelligence in power systems are constantly increasing. The thesis reviews the most relevant works for monitoring, predicting, and controlling the rotor angle stability of power systems and presents a novel controller for power oscillation damping

Harnessing Artificial Intelligence Capabilities to Improve Cybersecurity

Cybersecurity is a fast-evolving discipline that is always in the news over the last decade, as the number of threats rises and cybercriminals constantly endeavor to stay a step ahead of law enforcement. Over the years, although the original motives for carrying out cyberattacks largely remain unchanged, cybercriminals have become increasingly sophisticated with their techniques. Traditional cybersecurity solutions are becoming inadequate at detecting and mitigating emerging cyberattacks. Advances in cryptographic and Artificial Intelligence (AI) techniques (in particular, machine learning and deep learning) show promise in enabling cybersecurity experts to counter the ever-evolving threat posed by adversaries. Here, we explore AI\u27s potential in improving cybersecurity solutions, by identifying both its strengths and weaknesses. We also discuss future research opportunities associated with the development of AI techniques in the cybersecurity field across a range of application domains