MECInOT: a multi-access edge computing and industrial internet of things emulator for the modelling and study of cybersecurity threats

In recent years, the Industrial Internet of Things (IIoT) has grown rapidly, a fact that has led to an increase in the number of cyberattacks that target this environment and the technologies that it brings together. Unfortunately, when it comes to using tools for stopping such attacks, it can be noticed that there are inherent weaknesses in this paradigm, such as limitations in computational capacity, memory and network bandwidth. Under these circumstances, the solutions used until now in conventional scenarios cannot be directly adopted by the IIoT, and so it is necessary to develop and design new ones that can effectively tackle this problem. Furthermore, these new solutions must be tested in order to verify their performance and viability, which requires testing architectures that are compatible with newly introduced IIoT topologies. With the aim of addressing these issues, this work proposes MECInOT, which is an architecture based on openLEON and capable of generating test scenarios for the IIoT environment. The performance of this architecture is validated by creating an intelligent threat detector based on tree-based algorithms, such as decision tree, random forest and other machine learning techniques. Which allows us to generate an intelligent and to demonstrate, we could generate an intelligent threat detector and demonstrate the suitability of our architecture for testing solutions in IIoT environments. In addition, by using MECInOT, we compare the performance of the different machine learning algorithms in an IIoT network. Firstly, we present the benefits of our proposal, and secondly, we describe the emulation of an IIoT environment while ensuring the repeatability of the experiments

A MEC-IIoT intelligent threat detector based on machine learning boosted tree algorithms

In recent years, new management methods have appeared that mark the beginning of a new industrial revolution called Industry 4.0 or the Industrial Internet of Things (IIoT). IIoT brings together new emerging technologies, such as the Internet of Things (IoT), Deep Learning (DL) and Machine Learning (ML), that contribute to new applications, industrial processes and efficiency management in factories. This combination of new technologies and contexts is paired with Multi-access Edge Computing (MEC) to reduce costs through the virtualisation of networks and services. As these new paradigms increase in growth, so does the number of threats and vulnerabilities, making IIoT a very desirable target for cybercriminals. In addition, IIoT devices have certain intrinsic limitations, especially due to their limited resources, and this makes it impossible, in many cases, to detect attacks by using solutions designed for other paradigms. So it is necessary to design, implement and evaluate new solutions or adapt existing ones. Therefore, this paper proposes an intelligent threat detector based on boosted tree algorithms. Such detectors have been implemented and evaluated in an environment specifically designed to test IIoT deployments. In this way, we can learn how these algorithms, which have been successful in multiple contexts, behave in a paradigm with known constraints. The results obtained in the study show that our intelligent threat detector achieves a mean efficiency of between 95%–99% in the F1 Score metric, indicating that it is a good option for implementation in these scenarios

Evaluación del impacto de un plan de cuidados de enfermería de pacientes con EPOC con diagnóstico enfermero “Manejo inefectivo del régimen terapéutico”, en términos de mejora del criterio de resultado de enfermería (NOC) “Conocimiento del régimen terapeut

Purpose: To determine the impact on the "Knowledge of the therapeutic regimen," in patients with a care plan on "ineffective management of therapeutic regimen." Methods: Quasi-experimental study in two General Hospitals University (June 2007 - December 2008) COPD patients. Group intervention: care plan developed by taxonomies; Control group: usual hospital care.Findings: 143 patients were Recruited (Intervention group = 56, control group = 87). NOC improvement at 2 weeks (69.2% vs 10.7% intervention control; p <.008); NOC improvement at 24 weeks (68.7% vs.10.1%; p <.001). Indicators "description regimen justification"; "Prescribed activity"; "Treatment benefit" better with p <.001. Conclusions: The implementation of a discharged plan care direct to increase the nursing outcome classification  improves management of therapeutic regimen. Implications for nursing practice: The implementation of taxonomies in care planning discharged are a tool that allow to evaluate outcomes of nursing interventions and its evolution.Objetivo: Conocer el impacto en el “Conocimiento del régimen terapéutico”, en pacientes con un plan de cuidados sobre “Manejo inefectivo del régimen terapéutico”. Método: Estudio cuasiexperimental, en dos Hospitales Generales Universitarios (junio 2007 - diciembre 2008) pacientes con EPOC. Grupo intervención: plan de cuidados desarrollado mediante taxonomías; grupo control: asistencia hospitalaria habitual. Resultados: 143 pacientes incluidos en el estudio (grupo intervención=56; grupo control =87). Mejora NOC a las 2 semanas (69.2% intervención vs. 10,7% control; p<,008); mejora NOC a las 24 semanas (68.7% vs.10.1%,  p<,001). Indicadores “descripción justificación régimen terapéutico”; “actividad prescrita”; “beneficios del tratamiento” mejoran con p< ,001. Conclusiones: La implementación de un plan de cuidados dirigido al alta orientado al incremento del NOC mejora el manejo del régimen terapéutico.Implicaciones para la práctica: La implementación de taxonomías en planificación de cuidados orientados al alta constituyen una herramienta para evaluar resultados de las intervenciones enfermeras y su evolució

Al-Bustān. Las fincas aristocráticas y la construcción de los paisajes periurbanos de al-Ándalus y Sicilia

Navarro Palazón, Julio, editorLa presente publicación se enmarca en el Proyecto I+D+i «Almunias medievales en el Mediterráneo: Historia y conservación de los paisajes culturales periurbanos» (PID2019-111508GB-I00, dirigido por Julio Navarro Palazón), del Ministerio de Ciencia e Innovación. Agencia Estatal de Investigación. Proyectos de I+D+i, de los Programas Estatales de Generación de Conocimiento y fortalecimiento Científico y Tecnológico del Sistema de I+D+i y de I+D+i Orientada a los Retos de la Sociedad, del Plan Estatal de Investigación Científica y Técnica y de Innovación 2017-2020. Esta obra es también un fruto destacado del trabajo realizado en el marco de la Unidad Asociada de I+D+i Patrimonio Cultural Árabe e Islámico, Consejo Superior de Investigaciones Científicas-Universidad de Granada, a través de la Escuela de Estudios Árabes de Granad

Security Analysis of the MQTT-SN Protocol for the Internet of Things

The expansion of the Internet of Things (IoT) paradigm has brought with it the challenge of promptly detecting and evaluating attacks against the systems coexisting in it. One of the most recurrent methods used by cybercriminals is to exploit the vulnerabilities found in communication protocols, which can lead to them accessing, altering, and making data inaccessible and even bringing down a device or whole infrastructure. In the case of the IoT, the Message Queuing Telemetry Transport (MQTT) protocol is one of the most-used ones due to its lightness, allowing resource-constrained devices to communicate with each other. Improving its effectiveness, a lighter version of this protocol, namely MQTT for Sensor Networks (MQTT-SN), was especially designed for embedded devices on non-TCP/IP networks. Taking into account the importance of these protocols, together with the significance that security has when it comes to protecting the high-sensitivity data exchanged in IoT networks, this paper presents an exhaustive assessment of the MQTT-SN protocol and describes its shortcomings. In order to do so, seven different highly heterogeneous attacks were designed and tested, evaluating the different security impacts that they can have on a real MQTT-SN network and its performance. Each one of them was compared with a non-attacked implemented reference scenario, which allowed the comparison of an attacked system with that of a system without attacks. Finally, using the knowledge extracted from this evaluation, a threat detector is proposed that can be deployed in an IoT environment and detect previously unmodeled attacks

24 Integrando el Edge Computing en el Desarrollo de una Metodología Forense Dedicada a Entornos IoT

La aplicación del Internet de las Cosas (IoT) en los múltiples ámbitos de nuestra sociedad no solo ha supuesto buenas noticias para los usuarios, que han conseguido llevar la tecnología a lugares que no hacían uso de ella, sino que, lamentablemente, los cibercriminales también se han visto beneficiados con este cambio de paradigma. La fragilidad de los dispositivos IoT en términos de seguridad, unido a la sensibilidad de los datos que manejan, ha causado que el IoT sea un lugar idóneo en el que llevar a cabo sus ataques. En consecuencia, se necesitan de técnicas forenses que permitan esclarecer cómo se debe proceder a la hora de examinar estos nuevos dispositivos, puesto que tienen características muy distintas a los convencionales. Por ello, en este artículo, además de realizar una evaluación del estado del análisis forense en el entorno IoT y sus requisitos, se propone una metodología forense centrada en este nuevo entorno que hace uso de la tecnología edge computing

An automatic complex event processing rules generation system for the recognition of real-time IoT attack patterns

The Internet of Things (IoT) has grown rapidly to become the core of many areas of application, leading to the integration of sensors, with IoT devices. However, the number of attacks against these types of devices has grown as fast as the paradigm itself. Certain inherent characteristics of the paradigm, as well as the limited computational capabilities of the devices involved, make it difficult to deploy security measures. This is why it is necessary to design, implement and study new solutions in the field of cybersecurity. In this paper, we propose an architecture that is capable of generating Complex Event Processing (CEP) rules automatically by integrating them with machine learning technologies. While the former is used to automatically detect attack patterns in real time, the latter, through the use of the Principal Component Analysis (PCA) algorithm, allows the characterization of events and the recognition of anomalies. This combination makes it possible to achieve efficient CEP rules at the computational level, with the results showing that the CEP rules obtained using our approach substantially improve upon the performance of the standard CEP rules, which are rules that are not generated by our proposal but can be defined independently by an expert in the field. Our proposal has achieved an F1-score of 0.98 on average, a 76 percent improvement in throughput over standard CEP rules, and a reduction in the network overhead of 86 percent over standard simple events, which are the simple events that are generated when our proposal is not used.16 página