Biblio

The intense incursion of the Internet of Things (IoT) into all areas of modern life has led to a need for a more detailed study of these technologies and their mechanisms of work. It is necessary to study mechanisms in order to improve QoS, security, identifying shortest routes, mobility, etc. This paper proposes an enhanced simulation framework that implements an improved mechanism for prioritising traffic on 6LoWPAN networks and the realisation of micro-mobility.

Recently, the security of state estimation has been attracting significant research attention due to the need for trustworthy situation awareness in emerging (e.g., industrial) cyber-physical systems. In this paper, we investigate secure estimation based on Kalman filtering (SEKF) using partially homomorphically encrypted data. The encryption will enhance the confidentiality not only of data transmitted in the communication network, but also key system information required by the estimator. We use a multiplicative homomorphic encryption scheme, but with a modified decryption algorithm. SEKF is able to conceal comprehensive information (i.e., system parameters, measurements, and state estimates) aggregated at the sink node of the estimator, while retaining the effectiveness of normal Kalman filtering. Therefore, even if an attacker has gained unauthorized access to the estimator and associated communication channels, he will not be able to obtain sufficient knowledge of the system state to guide the attack, e.g., ensure its stealthiness. We present an implementation structure of the SEKF to reduce the communication overhead compared with traditional secure multiparty computation (SMC) methods. Finally, we demonstrate the effectiveness of the SEKF on an IEEE 9-bus power system.

In mobile wireless sensor networks (MWSN), data imprecision is a common problem. Decision making in real time applications may be greatly affected by a minor error. Even though there are many existing techniques that take advantage of the spatio-temporal characteristics exhibited in mobile environments, few measure the trustworthiness of sensor data accuracy. We propose a unique online context-aware data cleaning method that measures trustworthiness by employing an initial candidate reduction through the analysis of trust parameters used in financial markets theory. Sensors with similar trajectory behaviors are assigned trust scores estimated through the calculation of “betas” for finding the most accurate data to trust. Instead of devoting all the trust into a single candidate sensor's data to perform the cleaning, a Diversified Trust Portfolio (DTP) is generated based on the selected set of spatially autocorrelated candidate sensors. Our results show that samples cleaned by the proposed method exhibit lower percent error when compared to two well-known and effective data cleaning algorithms in tested outdoor and indoor scenarios.

With the improvement in technology and with the increase in the use of wireless devices there is deficiency of radio spectrum. Cognitive radio is considered as the solution for this problem. Cognitive radio is capable to detect which communication channels are in use and which are free, and immediately move into free channels while avoiding the used ones. This increases the usage of radio frequency spectrum. Any wireless system is prone to attack. Likewise, the main two attacks in the physical layer of cognitive radio are Primary User Emulation Attack (PUEA) and replay attack. This paper focusses on mitigating these two attacks with the aid of authentication tag and distance calculation. Mitigation of these attacks results in error free transmission which in turn fallouts in efficient dynamic spectrum access.

The primary objective of Cognitive Radio Networks (CRN) is to opportunistically utilize the available spectrum for efficient and seamless communication. Like all other radio networks, Cognitive Radio Network also suffers from a number of security attacks and Primary User Emulation Attack (PUEA) is vital among them. Primary user Emulation Attack not only degrades the performance of the Cognitive Radio Networks but also dissolve the objective of Cognitive Radio Network. Efficient and secure authentication of Primary Users (PU) is an only solution to mitigate Primary User Emulation Attack but most of the mechanisms designed for this are either complex or make changes to the spectrum. Here, we proposed a mechanism to authenticate Primary Users in Cognitive Radio Network which is neither complex nor make any changes to spectrum. The proposed mechanism is secure and also has improved the performance of the Cognitive Radio Network substantially.

Primary user emulation (PUE) attack causes security issues in a cognitive radio network (CRN) while sensing the unused spectrum. In PUE attack, malicious users transmit an emulated primary signal in spectrum sensing interval to secondary users (SUs) to forestall them from accessing the primary user (PU) spectrum bands. In the present paper, the defense against such attack by Neyman-Pearson criterion is shown in terms of total error probability. Impact of several parameters such as attacker strength, attacker's presence probability, and signal-to-noise ratio on SU is shown. Result shows proposed method protect the harmful effects of PUE attack in spectrum sensing.

Cognitive radio technology addresses the spectrum scarcity challenges by allowing unlicensed cognitive devices to opportunistically utilize spectrum band allocated to licensed devices. However, the openness of the technology has introduced several attacks to cognitive radios, one which is the spectrum sensing data falsification attack. In spectrum sensing data falsification attack, malicious devices share incorrect spectrum observations to other cognitive radios. This paper investigates the spectrum sensing data falsification attack in cognitive radio networks. We use the modified Z-test to isolate extreme outliers in the network. The q-out-of-m rule scheme is implemented to mitigate the spectrum sensing data falsification attack, where a random number m is selected from the sensing results and q is the final decision from m. The scheme does not require the services of a fusion Centre for decision making. This paper presents the theoretical analysis of the proposed scheme.

The ever-increasing number of wireless network systems brought a problem of spectrum congestion leading to slow data communications. All of the radio spectrums are allocated to different users, services and applications. Hence studies have shown that some of those spectrum bands are underutilized while others are congested. Cognitive radio concept has evolved to solve the problem of spectrum congestion by allowing cognitive users to opportunistically utilize the underutilized spectrum while minimizing interference with other users. Byzantine attack is one of the security issues which threaten the successful deployment of this technology. Byzantine attack is compromised cognitive radios which relay falsified data about the availability of the spectrum to other legitimate cognitive radios in the network leading interference. In this paper we are proposing a security measure to thwart the effect caused by these attacks and compared it to Attack-Proof Cooperative Spectrum Sensing.

Utilization of Wireless sensor network is growing with the development in modern technologies. On other side electromagnetic spectrum is limited resources. Application of wireless communication is expanding day by day which directly threaten electromagnetic spectrum band to become congested. Cognitive Radio solves this issue by implementation of unused frequency bands as "White Space". There is another important factor that gets attention in cognitive model i.e: Wireless Security. One of the famous causes of security threat is malicious node in cognitive radio wireless sensor networks (CRWSN). The goal of this paper is to focus on security issues which are related to CRWSN as Fusion techniques, Co-operative Spectrum sensing along with two dangerous attacks in CR: Primary User Emulation (PUE) and Spectrum Sensing Data Falsification (SSDF).

Industrial Internet of Things (IIoT) is a trend of the smart industry. By collecting field data from sensors, the industry can make decisions dynamically in time for better performance. In most cases, IIoT is built on private networks and cannot be reached from the Internet. Currently, data transmission in most of IIoT network protocols is in plaintext without encryption protection. Once an attacker breaks into the field, the attacker can intercept data and injects malicious commands to field agents. In this paper, we propose a compound approach for defending command injection attacks in IIOT. First, we leverage the power of Software Defined Networking (SDN) to detect the injection attack. When the injection attack event is detected, the system owner is alarmed that someone tries to pretend a controller or a field agent to deceive the other entity. Second, we develop a lightweight authentication scheme to ensure the identity of the command sender. Command receiver can verify commands first before processing commands.

We propose a novel cross-stack sensor framework for realizing lightweight, context-aware, high-interaction network and endpoint deceptions for attacker disinformation, misdirection, monitoring, and analysis. In contrast to perimeter-based honeypots, the proposed method arms production workloads with deceptive attack-response capabilities via injection of booby-traps at the network, endpoint, operating system, and application layers. This provides defenders with new, potent tools for more effectively harvesting rich cyber-threat data from the myriad of attacks launched by adversaries whose identities and methodologies can be better discerned through direct engagement rather than purely passive observations of probe attempts. Our research provides new tactical deception capabilities for cyber operations, including new visibility into both enterprise and national interest networks, while equipping applications and endpoints with attack awareness and active mitigation capabilities.

The healthcare sector is exploring the incorporation of digital solutions in order to improve access, reduce costs, increase quality and enhance their capacity in reaching a higher number of citizens. However, this opens healthcare organisations' systems to external elements used within or beyond their premises, new risks and vulnerabilities in what regards cyber threats and incidents. We propose the creation of a Security Assessment as a Service (SAaaS) crosslayered system that is able to identify vulnerabilities and proactively assess and mitigate threats in an IT healthcare ecosystem exposed to external devices and interfaces, considering that most users are not experts (even technologically illiterate") in cyber security and, thus, unaware of security tactics or policies whatsoever. The SAaaS can be integrated in an IT healthcare environment allowing the monitoring of existing and new devices, the limitation of connectivity and privileges to new devices, assess a device's cybersecurity risk and - based on the device's behaviour - the assignment and revoking of privileges. The SAaaS brings a controlled cyber aware environment that assures security, confidentiality and trust, even in the presence of non-trusted devices and environments.

In Vehicle-to-Vehicle (V2V) communications, malicious actors may spread false information to undermine the safety and efficiency of the vehicular traffic stream. Thus, vehicles must determine how to respond to the contents of messages which maybe false even though they are authenticated in the sense that receivers can verify contents were not tampered with and originated from a verifiable transmitter. Existing solutions to find appropriate actions are inadequate since they separately address trust and decision, require the honest majority (more honest ones than malicious), and do not incorporate driver preferences in the decision-making process. In this work, we propose a novel trust-aware decision-making framework without requiring an honest majority. It securely determines the likelihood of reported road events despite the presence of false data, and consequently provides the optimal decision for the vehicles. The basic idea of our framework is to leverage the implied effect of the road event to verify the consistency between each vehicle's reported data and actual behavior, and determine the data trustworthiness and event belief by integrating the Bayes' rule and Dempster Shafer Theory. The resulting belief serves as inputs to a utility maximization framework focusing on both safety and efficiency. This framework considers the two basic necessities of the Intelligent Transportation System and also incorporates drivers' preferences to decide the optimal action. Simulation results show the robustness of our framework under the multiple-vehicle attack, and different balances between safety and efficiency can be achieved via selecting appropriate human preference factors based on the driver's risk-taking willingness.

Networked control systems improve the efficiency of cyber-physical plants both functionally, by the availability of data generated even in far-flung locations, and operationally, by the adoption of standard protocols. A side-effect, however, is that now the safety and stability of a local process and, in turn, of the entire plant are more vulnerable to malicious agents. Leveraging the communication infrastructure, the authors here present the design of networked control systems with built-in resilience. Specifically, the paper addresses attacks known as false data injections that originate within compromised sensors. In the proposed framework for closed-loop control, the feedback signal is constructed by weighted consensus of estimates of the process state gathered from other interconnected processes. Observers are introduced to generate the state estimates from the local data. Side-channel monitors are attached to each primary sensor in order to assess proper code execution. These monitors provide estimates of the trust assigned to each observer output and, more importantly, independent of it; these estimates serve as weights in the consensus algorithm. The authors tested the concept on a multi-sensor networked physical experiment with six primary sensors. The weighted consensus was demonstrated to yield a feedback signal within specified accuracy even if four of the six primary sensors were injecting false data.

In the present paper, the problem of networked control system (NCS) cyber security is considered. The geometric approach is used to evaluate the security and vulnerability level of the controlled system. The proposed results are about the so-called false data injection attacks and show how imperfectly known disturbances can be used to perform undetectable, or at least stealthy, attacks that can make the NCS vulnerable to attacks from malicious outsiders. A numerical example is given to illustrate the approach.

Ever-driven by technological innovation, the Internet of Things (IoT) is continuing its exceptional evolution and growth into the common consumer space. In the wake of these developments, this paper proposes a framework for an IoT home security system that is secure, expandable, and accessible. Congruent with the ideals of the IoT, we are proposing a system utilizing an ultra-low-power wireless sensor network which would interface with a central hub via Bluetooth 4, commonly referred to as Bluetooth Low Energy (BLE), to monitor the home. Additionally, the system would interface with an Amazon Echo to accept user voice commands. The aforementioned central hub would also act as a web server and host an internet accessible configuration page from which users could monitor and customize their system. An internet-connected system would carry the capability to notify the users of system alarms via SMS or email. Finally, this proof of concept is intended to demonstrate expandability into other areas of home automation or building monitoring functions in general.

Critical infrastructures have suffered from different kind of cyber attacks over the years. Many of these attacks are performed using malwares by exploiting the vulnerabilities of these resources. Smart power grid is one of the major victim which suffered from these attacks and its SCADA system are frequently targeted. In this paper we describe our proposed framework to analyze smart power grid, while its SCADA system is under attack by malware. Malware propagation and its effects on SCADA system is the focal point of our analysis. OMNeT++ simulator and openDSS is used for developing and analyzing the simulated smart power grid environment.

Security is a key concern in Internet of Things (IoT) designs. In a heterogeneous and complex environment, service providers and service requesters must trust each other. On-off attack is a sophisticated trust threat in which a malicious device can perform good and bad services randomly to avoid being rated as a low trust node. Some countermeasures demands prior level of trust knowing and time to classify a node behavior. In this paper, we introduce a Smart Middleware that automatically assesses the IoT resources trust, evaluating service providers attributes to protect against On-off attacks.

The Internet of Things (IoT) is one of the emerging technologies that has seized the attention of researchers, the reason behind that was the IoT expected to be applied in our daily life in the near future and human will be wholly dependent on this technology for comfort and easy life style. Internet of things is the interconnection of internet enabled things or devices to connect with each other and to humans in order to achieve some goals or the ability of everyday objects to connect to the Internet and to send and receive data. However, the Internet of Things (IoT) raises significant challenges that could stand in the way of realizing its potential benefits. This paper discusses access control area as one of the most crucial aspect of security and privacy in IoT and proposing a new way of access control that would decide who is allowed to access what and who is not to the IoT subjects and sensors.

The paper is devoted to analysis of condition of executing devices and sensors of Industrial Control Systems information security. The work contains structures of industrial control systems divided into groups depending on system's layer. The article contains the analysis of analog interfaces work and work features of data transmission protocols in industrial control system field layer. Questions about relevance of industrial control systems information security, both from the point of view of the information security occurring incidents, and from the point of view of regulators' reaction in the form of normative legal acts, are described. During the analysis of the information security systems of industrial control systems a possibility of leakage through technical channels of information leakage at the field layer was found. Potential vectors of the attacks on devices of field layer and data transmission network of an industrial control system are outlined in the article. The relevance analysis of the threats connected with the attacks at the field layer of an industrial control system is carried out, feature of this layer and attractiveness of this kind of attacks is observed.

The authors have proposed the Fallback Control System (FCS) as a countermeasure after cyber-attacks happen in Industrial Control Systems (ICSs). For increased robustness against cyber-attacks, introducing multiple countermeasures is desirable. Then, an appropriate collaboration is essential. This paper introduces two FCSs in ICS: field network signal is driven FCS and analog signal driven FCS. This paper also implements a collaborative FCS by a collaboration function of the two FCSs. The collaboration function is that the analog signal driven FCS estimates the state of the other FCS. The collaborative FCS decides the countermeasure based on the result of the estimation after cyber-attacks happen. Finally, we show practical experiment results to analyze the effectiveness of the proposed method.

Cloud computing is an innovative mechanism to optimize computing and storage resource utilization. Due to its cost-saving, high-efficiency advantage, the technology receives wide adoption from IT industries. However, the frequent emergences of security events become the heaviest obstacle for its advancement. The multi-layer and distributive characteristics of cloud computing make IT admins compulsively collect all necessary situational information at cloud runtime if they want to grasp the panoramic secure state, hereby practice configuration management and emergency response methods when necessary. On the other hand, technologies such as elastic resource pooling, dynamic load balancing and virtual machine real-time migration complicate the difficulty of data gathering, where secure information may come from virtual machine hypervisor, network accounting or host monitor proxies. How to classify, arrange, standardize and visualize these data turns into the most crucial issue for cloud computing security situation awareness and presentation. This dissertation borrows traditional fashion of data visualization to integrate into cloud computing features, proposes a new method for aggregating and displaying secure information which IT admins concern, and expects that by method realization cloud security monitor/management capabilities could be notably enhanced.

Machine-to-Machine (M2M) networks being connected to the internet at large, inherit all the cyber-vulnerabilities of the standard Information Technology (IT) systems. Since perfect cyber-security and robustness is an idealistic construct, it is worthwhile to design intrusion detection schemes to quickly detect and mitigate the harmful consequences of cyber-attacks. Volumetric anomaly detection have been popularized due to their low-complexity, but they cannot detect low-volume sophisticated attacks and also suffer from high false-alarm rate. To overcome these limitations, feature-based detection schemes have been studied for IT networks. However these schemes cannot be easily adapted to M2M systems due to the fundamental architectural and functional differences between the M2M and IT systems. In this paper, we propose novel feature-based detection schemes for a general M2M uplink to detect Distributed Denial-of-Service (DDoS) attacks, emergency scenarios and terminal device failures. The detection for DDoS attack and emergency scenarios involves building up a database of legitimate M2M connections during a training phase and then flagging the new M2M connections as anomalies during the evaluation phase. To distinguish between DDoS attack and emergency scenarios that yield similar signatures for anomaly detection schemes, we propose a modified Canberra distance metric. It basically measures the similarity or differences in the characteristics of inter-arrival time epochs for any two anomalous streams. We detect device failures by inspecting for the decrease in active M2M connections over a reasonably large time interval. Lastly using Monte-Carlo simulations, we show that the proposed anomaly detection schemes have high detection performance and low-false alarm rate.

Nowadays, electricity companies have started applying smart grid in their systems rather than the conventional electrical grid (manual grid). Smart grid produces an efficient and effective energy management and control, reduces the cost of production, saves energy and it is more reliable compared to the conventional grid. As an advanced energy meter, smart meters can measure the power consumption as well as monitor and control electrical devices. Smart meters have been adopted in many countries since the 2000s as they provide economic, social and environmental benefits for multiple stakeholders. The design of smart meter can be customized depending on the customer and the utility company needs. There are different sensors and devices supported by dedicated communication infrastructure which can be utilized to implement smart meters. This paper presents a study of the challenges associated with smart meters, smart homes and smart grids as an effort to highlight opportunities for emerging research and industrial solutions.

Today's emerging Industrial Internet of Things (IIoT) scenarios are characterized by the exchange of data between services across enterprises. Traditional access and usage control mechanisms are only able to determine if data may be used by a subject, but lack an understanding of how it may be used. The ability to control the way how data is processed is however crucial for enterprises to guarantee (and provide evidence of) compliant processing of critical data, as well as for users who need to control if their private data may be analyzed or linked with additional information - a major concern in IoT applications processing personal information. In this paper, we introduce LUCON, a data-centric security policy framework for distributed systems that considers data flows by controlling how messages may be routed across services and how they are combined and processed. LUCON policies prevent information leaks, bind data usage to obligations, and enforce data flows across services. Policy enforcement is based on a dynamic taint analysis at runtime and an upfront static verification of message routes against policies. We discuss the semantics of these two complementing enforcement models and illustrate how LUCON policies are compiled from a simple policy language into a first-order logic representation. We demonstrate the practical application of LUCON in a real-world IoT middleware and discuss its integration into Apache Camel. Finally, we evaluate the runtime impact of LUCON and discuss performance and scalability aspects.