Skip to main content
SpringerLink
Log in

A Model for Auditing Smart Intrusion Detection Systems (IDSs) and Log Analyzers in Cyber-Physical Systems (CPSs)

  • Chapter
  • First Online:
Security in Cyber-Physical Systems

Part of the book series: Studies in Systems, Decision and Control ((SSDC,volume 339))

Abstract

Suitable models that auditors can adopt to conduct concurrent audit of smart Intrusion Detection Systems (IDSs) and log analyzers in Cyber-Physical Systems that are also founded on sound emperical claims are scarce. Recently, post-intrusion studies on the resilience of the above mechanisms and prevalence of intrusions in the above domains have shown that certain intrusions that can reduce the performance of smart IDSs can equally overwhelm log analyzers such that both mechanisms can gradually dwindle and suddenly stop working. Studies have also shown that several components of Cyber-Physical Systems have unusual vulnerabilities. These key issues often increase cyber threats on data security and privacy of resources that many users can receive over Internet of a Thing (IoT). Dreadful intrusions on physical and computational components of Cyber-Physical Systems can cause systemic reduction in global economy, quality of digital services and continue usage of smart toolkits that should support risk assessments and identification of strategies of intruders. Unfortunately, pragmatic studies on how to reduce the above problems are grossly inadequate. This chapter uses alerts from Snort and C++ programming language to practically explore the above issues and further proposes a feasible model for operators and researchers to lessen the problems. Evaluation with real and synthetic datasets demonstrates that the capabilities and resilience of smart Intrusion Detection Systems (IDSs) to safeguard Cyber-Physical Systems (CPSs) can be improved given a framework to facilitate audit of smart IDSs and log analyzers in Cyberspaces and knowledge of the variability in lengths and components of alerts warned by Smart Intrusion Detection Systems (IDSs).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 139.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 179.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 179.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Colombo, A.W., Bangemann, T., Karnouskos, S., Delsing, J., Stluka, P., Harrison, R., Jammes, F., Lastra, J.: Towards the next generation of industrial cyber-physical systems In: Industrial Cloud-Based Cyber-Physical Systems: The IMC-AESOP Approach, pp. 1–22 (2014). ISBN 9783319056234

    Google Scholar 

  2. George, L.: Cyber-Physical Attacks: A growing invisible threat. Oxford, UK. Elsevier Science (2015). ISBN 9780128012901

    Google Scholar 

  3. Phatak, T., Isal, P., Kadale, O., Nalage, A., Bhongle, S.: Smart intrusion detection system. Int. Res. J. Eng. Technol. 4(04) (2017)

    Google Scholar 

  4. Wu, D., Rosen, D.W., Wang, L., Schaefer, D.: Cloud-based design and manufacturing: a new paradigm in digital manufacturing and design innovation. Comput. Aided Des. 59, 1–14 (2014)

    Article  Google Scholar 

  5. Ciprian-Radu, R., Olimpiu, H., Ioana-Alexandra, T., Gheorghe, O.: Smart monitoring of potato crop: a cyber-physical system architecture model in the field of precision agriculture. Agric. Agric. Sci. Procedia 6, 73–79 (2015)

    Google Scholar 

  6. Stallings, W.: Network Security Essentials: Applications and Standards, 4th edn. Prentice Hall (2011)

    Google Scholar 

  7. Murray, W.H.: Data security management: principles and applications of key management. Auerbach publication (1999)

    Google Scholar 

  8. Rehman, R.U.: Intrusion detection systems with snort: advanced IDS techniques using snort, apache, MySQL, PHP, and ACID. Library of Congress, New York (2003)

    Google Scholar 

  9. Buchanan, W.: The Handbook of Data and Networks Security, 1st edn. Springer-Verlag New York, Inc. Secaucus, NJ, USA (2007)

    Google Scholar 

  10. Alder, R., Baker, A.R., Carter, E.F., Esler, J., Foster, J.C., Jonkman, M., Keefer, C., Marty, R., Seagren, E.S.: Snort: IDS and IPS Toolkit. Syngress publishing, Burlington, Canada (2007)

    Google Scholar 

  11. Kumar. T.S., Radivojac, P.: Introduction to data mining:- lecture notes (2017)

    Google Scholar 

  12. Epstein, J.: Security lessons learned from société générale. IEEE Secur. Priv. 6(3) (2008)

    Google Scholar 

  13. Rainer, R.K., Cegielski, C.G., Splettstoesser-Hogeterp, I., Sanchez-Rodriguez, C.: Introduction to Information Systems: Supporting and Transforming Business, 3rd Canadian edn. (2013). ISBN: 9781118476994

    Google Scholar 

  14. The National Science Foundation-US: Cyber-Physical Systems (CPS) (2020)

    Google Scholar 

  15. Snort Users Manual 2.9.11:The Snort Project; Cisco and/or its affiliates (2017)

    Google Scholar 

  16. Adams, D., Maier, A.: Confidentiality Review & Audit of GoldBug-Encrypting E-Mail-Client & Secure Instant Messenger (2016)

    Google Scholar 

  17. ISACA: Information Systems Auditing: Tools and Techniques Creating Audit Programs (2016)

    Google Scholar 

  18. Julish, K., Suter, C., Woitalla, T., Zimmermann, O.: Compliance by design−bridging the chasm between auditors and IT architects. Computers & Security, vol. 30 (6–7). Elsevier (2011)

    Google Scholar 

  19. Bitterli, P.R., Brun, J., Bucher, T., Christ, B., Hamberger, B., Huissoud, M., Küng, D., Toggwhyler, A., Wyniger, A.: Guide to the Audit of IT Applications. ISACA (2009)

    Google Scholar 

  20. Gubb, P., Takang, A.: Software Maintenance. World scientific Publishing, New Jersy, USA (2003)

    Google Scholar 

  21. Fitzgerald, J., Larsen, P.G., Verhoef, M. (eds.): Collaborative Design for Embedded Systems: Co-modelling and Co-simulation. Springer Verlag (2014). ISBN 9783642541186

    Google Scholar 

  22. The Global Information Assurance Certification (2003) Snort Intrusion Detection System Audit: An Auditor’s pers-pective, GSNA practical version 2.1 (2007)

    Google Scholar 

  23. Nehinbe, J.O.: Methods for reducing workload during investigations of Intrusion Logs, PhD Thesis, University of Essex, Colchester, London (2011)

    Google Scholar 

  24. Nehinbe, J.O.: Automated Technique for Debugging Intrusion Detection Systems, 1st International Conference on Intelligent Systems, Modelling and Simulations (ISMS2010), proceedings of IEEE Computer Society’s Conference Publishing Services (CPS), London (2010)

    Google Scholar 

  25. Baker, W.H., Hutton, A., Hylender, C.D., Novak, C., Porter, C., Sartin, B., Tippett, P.: Data Breach Investigations Report, Verizon Business (2009)

    Google Scholar 

  26. Robert, D.E.: IT auditing: an adaptive process. Mission Viejo: Pleier Corporation (2005)

    Google Scholar 

  27. Cascarino, R.E.: Auditor’s Guide to Information Systems Auditing. John Wiley & Sons publication (2007)

    Google Scholar 

  28. Senft, S., Gallegos, F.: Information Technology Control and Audit. Auerbach Publications (2009)

    Google Scholar 

  29. IANA: Internet Control Message Protocol (ICMP) Parameters. https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml

Download references

Author information

Authors and Affiliations

  1. ICT Security Consultant, Lagos, Nigeria

    Joshua Ojo Nehinbe

Authors
  1. Joshua Ojo Nehinbe
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Joshua Ojo Nehinbe .

Editor information

Editors and Affiliations

  1. Department of Computer Science, Electrical and Space Engineering, Luleå University of Technology, Luleå, Sweden

    Ali Ismail Awad

  2. School of Computer Science, University of Nottingham, Nottingham, UK

    Steven Furnell

  3. Systems Research Institute, Polish Academy of Sciences, Warszawa, Poland

    Marcin Paprzycki

  4. Institute of Information Technology and Management, New Delhi, India

    Sudhir Kumar Sharma

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Nehinbe, J.O. (2021). A Model for Auditing Smart Intrusion Detection Systems (IDSs) and Log Analyzers in Cyber-Physical Systems (CPSs). In: Awad, A.I., Furnell, S., Paprzycki, M., Sharma, S.K. (eds) Security in Cyber-Physical Systems. Studies in Systems, Decision and Control, vol 339. Springer, Cham. https://doi.org/10.1007/978-3-030-67361-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-67361-1_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-67360-4

  • Online ISBN: 978-3-030-67361-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation