Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

Security in Wireless Sensor Networks: Issues and Challenges

Wireless Sensor Network (WSN) is an emerging technology that shows great promise for various futuristic applications both for mass public and military. The sensing technology combined with processing power and wireless communication makes it lucrative for being exploited in abundance in future. The inclusion of wireless communication technology also incurs various types of security threats. The intent of this paper is to investigate the security related issues and challenges in wireless sensor networks. We identify the security threats, review proposed security mechanisms for wireless sensor networks. We also discuss the holistic view of security for ensuring layered and robust security in wireless sensor networks.Comment: 6 page

Survivability Strategies for Emerging Wireless Networks With Data Mining Techniques: a Case Study With NetLogo and RapidMiner

[EN] Emerging wireless networks have brought Internet and communications to more users and areas. Some of the most relevant emerging wireless technologies are Worldwide Interoperability for Microwave Access, Long-Term Evolution Advanced, and ad hoc and mesh networks. An open challenge is to ensure the reliability and robustness of these networks when individual components fail. The survivability and performance of these networks can be especially relevant when emergencies arise in rural areas, for example supporting communications during a medical emergency. This can be done by anticipating failures and finding alternative solutions. This paper proposes using big data analytics techniques, such as decision trees for detecting nodes that are likely to fail, and so avoid them when routing traffic. This can improve the survivability and performance of networks. The current approach is illustrated with an agent based simulator of wireless networks developed with NetLogo and data mining processes designed with RapidMiner. According to the simulated experimentation, the current approach reduced the communication failures by 51.6% when incorporating rule induction for predicting the most reliable routes.This work was supported in part by the research project Construccion de un framework para agilizar el desarrollo de aplicaciones moviles en el a mbito de la salud through the University of Zaragoza and Foundation Ibercaja under Grant JIUZ-2017-TEC-03, in part by the Universidad de Zaragoza, in part by the Fundacion Bancaria Ibercaja, in part by the Fundacion CAI in the Programa Ibercaja-CAI de Estancias de Investigacion under Grant IT1/18, in part by the program Estancias de movilidad en el extranjero Jose Castillejo para jovenes doctores through the Spanish Ministry of Education, Culture and Sport under Grant CAS17/00005, in part by the Desarrollo Colaborativo de Soluciones AAL through the Spanish Ministry of Economy and Competitiveness under Grant TIN2014-57028-R, in part by the Organismo Autonomo Programas Educativos Europeos under Grant 2013-1-CZ1-GRU06-14277, and in part by the Ministerio de Economia y Competitividad in the Programa Estatal de Fomento de la Investigacion Cientifica y Tecnica de Excelencia, Subprograma Estatal de Generacion de Conocimiento within the project under Grant TIN2017-84802-C2-1-P.García-Magariño, I.; Gray, G.; Lacuesta Gilabert, R.; Lloret, J. (2018). Survivability Strategies for Emerging Wireless Networks With Data Mining Techniques: a Case Study With NetLogo and RapidMiner. IEEE Access. 6:27958-27970. https://doi.org/10.1109/ACCESS.2018.2825954S2795827970

Intrusion Detection Systems for Community Wireless Mesh Networks

Wireless mesh networks are being increasingly used to provide affordable network connectivity to communities where wired deployment strategies are either not possible or are prohibitively expensive. Unfortunately, computer networks (including mesh networks) are frequently being exploited by increasingly profit-driven and insidious attackers, which can affect their utility for legitimate use. In response to this, a number of countermeasures have been developed, including intrusion detection systems that aim to detect anomalous behaviour caused by attacks. We present a set of socio-technical challenges associated with developing an intrusion detection system for a community wireless mesh network. The attack space on a mesh network is particularly large; we motivate the need for and describe the challenges of adopting an asset-driven approach to managing this space. Finally, we present an initial design of a modular architecture for intrusion detection, highlighting how it addresses the identified challenges

An Integrated Approach in Risk Management Process for Identifying Information Security Threats using Medical Research Design

In this paper, we attempt to introduce a new method for performing risk analysis studies by effectively adopting and adapting medical research design namely a prospective cohort study based survival analysis approach into risk management process framework. Under survival analysis approach, a method which is known as Cox Proportional Hazards (PH) Model will be applied in order to identify potential information security threats. The risk management process in this research will be based on Australian/New Zealand Standard for Risk Management (AS/NZS ISO 31000:2009). AS/NZS ISO 31000:2009 provides a sequencing of the core part of the risk management process namely establishing the context, risk identification, risk analysis, risk evaluation and risk treatment. Moreover, it seems that the integration of risk management process with medical approach indeed brings very useful new insights. Thus, the contribution of the paper will be introducing a new method for performing a risk analysis studies in information security domain

Adaptive and survivable trust management for Internet of Things systems

Abstract The Internet of Things (IoT) is characterized by the seamless integration of heterogeneous devices into information networks to enable collaborative environments, specifically those concerning the collection of data and exchange of information and services. Security and trustworthiness are among the critical requirements for the effective deployment of IoT systems. However, trust management in IoT is extremely challenging due to its open environment, where the quality of information is often unknown because entities may misbehave. A hybrid context‐aware trust and reputation management protocol is presented for fog‐based IoT that addresses adaptivity, survivability, and scalability requirements. Through simulation, the effectiveness of the proposed protocol is demonstrated