Advertisement

Network Security and Privacy Evaluation Scheme for Cyber Physical Systems (CPS)

  • Mridula SharmaEmail author
  • Haytham Elmiligi
  • Fayez Gebali
Chapter
  • 47 Downloads

Abstract

With the burgeoning growth of Cyber-Physical Systems (CPSs) and Internet of Things (IoT) in every sphere of life, researchers face new challenges in sensor network security. Most of the research in this area only deals with vulnerabilities, attacks and countermeasures. However, considering security of WSN as a comprehensive unit in the practical deployment of CPS is still missing. The need for the system engineers is to be able to assess the performance of a WSN against attacks and failures so that they may design reliable and stable networks. In this chapter, we are explaining our proposed novel multi-level Network Security & Privacy Evaluation Scheme (NSES) to represent different security levels. The main objective of this evaluation scheme is to help system engineers and security experts to be able to assess the security needs of their networks and maintain the required protection level of the network at early design phases. Through five different case studies, we have demonstrated the application of this scheme. This chapter explain the way this scheme may be used to evaluate and assess the security in different scenarios. These case studies also help in endorsing the usability of the proposed scheme across different application domains.

References

  1. 1.
    Y. Ashibani, Q.H. Mahmoud, Cyber physical systems security: analysis, challenges and solutions. Comput. Secur. 68, 81–97 (2017)CrossRefGoogle Scholar
  2. 2.
    Z. Zhang, J. Porter, E. Eyisi, G. Karsai, X. Koutsoukos, J. Sztipanovits, Co-simulation framework for design of time-triggered cyber physical systems, in Proceedings of the ACM/IEEE 4th International Conference on Cyber-Physical Systems, Ser. ICCPS ’13 (ACM, New York, 2013), pp. 119–128. Available: http://doi.acm.org.ezproxy.library.uvic.ca/10.1145/2502524.2502541
  3. 3.
    B. Berry, Do you know these key SCADA concepts SCADA tutorial: a quick, easy, comprehensive guide(white paper), DPS Telecom, Technical Report (2011)Google Scholar
  4. 4.
    A. Humayed, J. Lin, F. Li, B. Luo, Cyber-physical systems security—A survey, CoRR (2017). Available: http://arxiv.org/abs/1701.04525
  5. 5.
    S. Ali, T. Al Balushi, Z. Nadir, O.K. Hussain, ICS/SCADA System Security for CPS ( Springer, Cham, 2018), pp. 89–113. Available: https://doi.org/10.1007/978-3-319-75880-05
  6. 6.
    M. Sharma, F. Gebali, H. Elmiligi, M. Rahman, Network security evaluation scheme(NSES) for WSN in cyber-physical systems, in 2018 IEEE 9th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), (2018), pp. 1145–1151Google Scholar
  7. 7.
    J. Fruhlinger, What is stuxnet, who created it and how does it work? CSO, Technical Report, August 22, 2017. Available: https://www.csoonline.com/article/3218104/
  8. 8.
    B. Bencsáth, G. Pék, L. Buttyán, M. Félegyházi, The cousins of stuxnet: Duqu, flame, and gauss. Future Internet 4(4), 971–1003 (2012). Available: https://www.mdpi.com/1999-5903/4/4/971 CrossRefGoogle Scholar
  9. 9.
    M.B. Farrell, J. Detsch, Hard lessons for Energy Department, power sector after Ukraine hack (2016). Available: http://link.galegroup.com/apps/doc/A452362153/CPI?u=uvictoria{&}sid=CPI{\&}xid=02ff6650Google Scholar
  10. 10.
    Botnets, Mirai, in NJ Cybersecurity & Communications Integration Cell(NJCCIC) (2016). Available: https://www.cyber.nj.gov/threat-profiles/botnet-variants/mirai-botnet
  11. 11.
    J. Slay, M. Miller, Lessons learned from the maroochy water breach, in International Federation for Information Processing Digital Library; Critical Infrastructure Protection, vol. 253, (Springer, Boston,2007), pp. 73–82Google Scholar
  12. 12.
    M.D. Abrams, Malicious control system cyber security attack case study: Maroochy water services, australia, Technical Papers, August 2008. Available: https://www.mitre.org/publications/technical-papers/malicious-control-system-cyber-security-attack-case-study-maroochy-water-services-australia Google Scholar
  13. 13.
    E. Colbert, Security of cyber-physical systems, J. Cyber Sect. Inf. Syst. 5(1), 41–47 (2017)Google Scholar
  14. 14.
    J. LaPiedra, The information security process: Prevention, detection and response, GIAC Directory of Certified Professionals, (SANS Institute, Bethesda, 2000–2002)Google Scholar
  15. 15.
    M.S. Hossain, V. Raghunathan, Aegis: a lightweight firewall for wireless sensor networks, in Distributed Computing in Sensor Systems, ed. by R. Rajaraman, T. Moscibroda, A. Dunkels, A. Scaglione (Springer, Berlin, 2010), pp. 258–272CrossRefGoogle Scholar
  16. 16.
    M. Wilhelm, I. Martinovic, J. Schmitt, V. Lenders, Wifire: a firewall for wireless networks, in Proceedings of the ACM SIGCOMM 2011 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, Toronto, August 15–19, 2011, (2011), pp. 456–457Google Scholar
  17. 17.
    Y. Zhou, Y. Zhang, Y. Fang, Access control in wireless sensor networks, in Ad Hoc Networks. Security Issues in Sensor and Ad Hoc Networks, vol. 5, No. 1, (Elsevier, Amsterdam, 2007), pp. 3–13. Available: http://www.sciencedirect.com/science/article/pii/S1570870506000497
  18. 18.
    S. Kumaran, N. Kailasanathan, S. Mohan, Review of asymmetric key cryptography in wireless sensor networks, Int. J. Eng. Tech. 8, 859–862, (2016)Google Scholar
  19. 19.
    S. Kumaran, P. Ilango, Evolution of key management and variations of random pre key distribution in wireless sensor network: survey. Int. J. Appl. Eng. Res. 9, 11 681–11 688, (2014)Google Scholar
  20. 20.
    S. Mohammadi, H. Mirvaziri, M. Ghazizadeh-Ahsaee, H. Karimipour, Cyber intrusion detection by combined feature selection algorithm, J. Inf. Sect. Appl. 44, 80–88 (2019). Available: http://www.sciencedirect.com/science/article/pii/S2214212618304617 Google Scholar
  21. 21.
    S. Mohammadi, V. Desai, H. Karimipour, Multivariate mutual information-based feature selection for cyber intrusion detection, in 2018 IEEE Electrical Power and Energy Conference (EPEC) (IEEE, Piscataway, 2018), pp. 1–6Google Scholar
  22. 22.
    E. Modiri Dovom, A. Azmoodeh, A. Dehghantanha, D. Ellis Newton, R. Parizi, H. Karimipour, Fuzzy pattern tree for edge malware detection and categorization in IoT. J. Sys. Architect. 97, 1–7, (2019)CrossRefGoogle Scholar
  23. 23.
    I. Tomić, J.A. McCann, A survey of potential security issues in existing wireless sensor network protocols, IEEE Internet Things J. 4(6), 1910–1923 (2017)CrossRefGoogle Scholar
  24. 24.
    H. Karimipour, S. Geris, A. Dehghantanha, H. Leung, Intelligent anomaly detection for large-scale smart grids, in IEEE Canadian Conference on Electrical and Computer Engineering (CCECE), Edmonton (2019)Google Scholar
  25. 25.
    H.J. Liao, C.H.R. Lin, Y.C. Lin, K.Y. Tung, Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16–24 (2013). Available: http://www.sciencedirect.com/science/article/pii/S1084804512001944 CrossRefGoogle Scholar
  26. 26.
    S. Duhan, P. Khandnor, Intrusion detection system in wireless sensor networks: a comprehensive review, in 2016 International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT) (2016), pp. 2707–2713Google Scholar
  27. 27.
    N.A. Alrajeh, S. Khan, B. Shams, Intrusion detection systems in wireless sensor networks: a review. Int. J. Distrib. Sens. Netw. 9(5), 167575 (2013)Google Scholar
  28. 28.
    H.H. Pajouh, R. Javidan, R. Khayami, A. Dehghantanha, K.R. Choo, A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in iot backbone networks. IEEE Trans. Emerg. Top. Comput. 7(2), 314–323 (2019)CrossRefGoogle Scholar
  29. 29.
    H. Karimipour, A. Dehghantanha, R. Parizi, R. Choo, H. Leung, A deep and scalable unsupervised machine learning system for cyber-attack detection in large-scale smart grids, in IEEE Access ( IEEE, Piscataway, 2019)Google Scholar
  30. 30.
    S. Geris, H. Karimipour, A feature selection-based approach for joint cyber-attack detection and state estimation, in IEEE International Conference on Smart Energy Grid Engineering (SEGE), Oshawa (2019)Google Scholar
  31. 31.
    M.R. Begli, F. Derakhshan, H. Karimipour, A layered intrusion detection system for critical infrastructure using machine learning, in IEEE International Conference on Smart Energy Grid Engineering (SEGE), Oshawa (2019)Google Scholar
  32. 32.
    J. Sakhnini, A. Dehghantanha, H. Karimipour, Smart grid cyber attacks detection using supervised learning and heuristic feature selection, in IEEE International Conference on Smart Energy Grid Engineering (SEGE) (2019)Google Scholar
  33. 33.
    C. Paquet, Implementing Cisco IOS Network Security (IINS): (CCNA Security Exam 640-553) (Authorized Self-Study Guide), ch. Network Security Using Cisco IOS IPS (Cisco Press, Indianapolis, 2009)Google Scholar
  34. 34.
    C.C. Portal, Common Criteria for Information Technology Security Evaluation (2012 ). www.commoncriteriaportal.org/files/ccfiles/CCPART3V3.1R4.pdf Google Scholar
  35. 35.
    K. Caplan, J.L. Sanders, Building an international security standard. IT Prof. 1(2), 29–34 (1999)CrossRefGoogle Scholar
  36. 36.
    Common Criteria (2018) . Available: www.commoncriteriaportal.org
  37. 37.
    U.S. Department of Commerce, Security Requirements For Cryptographic Modules (National Institute of Standards and Technology, Gaithersburg, 2001). Available: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf
  38. 38.
    ETSI, CYBER; Cyber Security for Consumer Internet of Things, (2019). Available: https://www.etsi.org Google Scholar
  39. 39.
    A.A. Cardenas, T. Roosta, S. Sastry, Rethinking security properties, threat models, and the design space in sensor networks: a case study in SCADA systems. Ad Hoc Netw. 7(8), 1434–1447 (2009)CrossRefGoogle Scholar
  40. 40.
    H. Orojloom M.A. Azgomi, A method for modeling and evaluation of the security of cyber-physical systems, in 2014 11th International ISC Conference on Information Security and Cryptology (2014), pp. 131–136Google Scholar
  41. 41.
    A. Ashok, A. Hahn, M. Govindarasu, Cyber-physical security of wide-area monitoring, protection and control in a smart grid environmen. J. Adv. Res. 5(4), 481–489 (2014). Cyber SecurityGoogle Scholar
  42. 42.
    A. Ramos, R.H. Filho, Sensor data security level estimation scheme for wireless sensor networks. Sensors 15, 2104–2137 (2015)CrossRefGoogle Scholar
  43. 43.
    X. Wu, J. Li, W. Yao, A network security evaluation model based on common criteria, in 2008 International Conference on Apperceiving Computing and Intelligence Analysis (2008), pp. 416–420Google Scholar
  44. 44.
    Z. Han, X. Li, R. Feng, J. Hu, G. Xu, Z. Feng, A three-dimensional model for software security evaluation, in 2014 Theoretical Aspects of Software Engineering Conference (2014), pp. 34–41Google Scholar
  45. 45.
    M. Burmester, E. Magkos, V. Chrissikopoulos, Modeling security in cyber physical systems. Int. J. Crit. Infrastruct. Prot. 5(3), 118–126 (2012)CrossRefGoogle Scholar
  46. 46.
    H. Fouchal, J. Blesa, E. Romero, A. Araujo, O. Nieto Taladrez, A security scheme for wireless sensor networks, in 2016 IEEE Global Communications Conference (GLOBECOM) (2016), pp. 1–5Google Scholar
  47. 47.
    Y. Ping, J. Xinghao, W. Yue, L. Ning, Distributed intrusion detection for mobile ad hoc networks. J. Syst. Eng. Electron. 19(4), 851–859 (2008)CrossRefGoogle Scholar
  48. 48.
    M.F. Othman, K. Shazali, Wireless sensor network applications: a study in environment monitoring system. Procedia Eng. 41, 1204–1210 (2012); International Symposium on Robotics and Intelligent Sensors 2012 (IRIS 2012)Google Scholar
  49. 49.
    J. Wang, H. Abid, S. Lee, F. Xia, Secured health care application architecture for cyber-physical systems (2012). ArXiv e-printsGoogle Scholar
  50. 50.
    O. Kocabas, T. Soyata, M.K. Aktas, Emerging security mechanisms for medical cyber physical systems. IEEE/ACM Trans. Comput. Biol. Bioinforma. 13(3), 401–416 (2016)CrossRefGoogle Scholar
  51. 51.
    S. Pathania, N. Bilandi, Security issues in wireless body area network. Int. J. Comput. Sci. Mob. Comput. 3(4), 1171–1178 (2014)Google Scholar
  52. 52.
    S. Al-Janabi, I. Al-Shourbaji, M. Shojafar, S. Shamshirband, Survey of main challenges (security and privacy) in wireless body area networks for healthcare applications. Egypt. Inf. J. 18(2), 113–122 (2017)Google Scholar
  53. 53.
    M.A. Jan, P. Nanda, X. He, R.P. Liu, A sybil attack detection scheme for a forest wildfire monitoring application. Futur. Gener. Comput. Syst. 80, 613–626 (2018)CrossRefGoogle Scholar
  54. 54.
    V. Sivaraman, D. Chan, D. Earl, R. Boreli, Smart-phones attacking smart-homes, in Proceedings of the 9th ACM Conference on Security; Privacy in Wireless and Mobile Networks, Ser. WiSec ’16 (ACM, New York, 2016), pp. 195–200Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Mridula Sharma
    • 1
    Email author
  • Haytham Elmiligi
    • 2
  • Fayez Gebali
    • 1
  1. 1.Electrical and Computer EngineeringUniversity of VictoriaVictoriaCanada
  2. 2.Department of Computing SciencesThompson Rivers UniversityKamloopsCanada

Personalised recommendations