Ming Wan,Minglei Hao,Yang Li,Jianming Zhao,Ying Li

DOI: https://doi.org/10.1145/3586102.3586127

2022-01-01

Abstract:Due to the rapid development of industrial automation, ICSs (Industrial Control Systems) gradually expose their potential security vulnerabilities, and are facing more and more serious security risks. Although different industrial security technologies have been developed to strengthen industrial security protection, they always struggle for their own because of their standalone and non-related functions, and their actual defense effects are not encouraging. This paper first summarizes some intrinsic security vulnerabilities in ICSs, and analyzes the main causes to generate each class of vulnerabilities. Furthermore, five popular security technologies which have been successfully applied in today's ICSs are introduced, and their advantages and shortages are also compared by explaining each working mechanism. In order to take full advantage of various industrial security technologies, this paper proposes one novel cooperative defense model based P2DR (Policy, Protection, Detection and Response), which establishes the dynamical defense process to integrate five different industrial security technologies. Under the guidance of security policies, this model can comprehensively utilize the resources of various industrial security technologies to learn and judge current security status of the whole system, and effectively adjust the optimum deployment to provide the strongest protection with the lowest risk. Finally, one applicable case based on the proposed model is designed to verify the feasibility of cooperative defense in ICSs.

lei xue,yangyang liu,tianqi li,kaifa zhao,jianfeng li,le yu,xiapu luo,yajin zhou,guofei gu

2022-01-01

Abstract:Modern vehicles are equipped with many ECUs (Electronic Control Unit) that are connected to the IVN (In-Vehicle Network) for controlling the vehicles. Meanwhile, various interfaces of vehicles, such as OBD-II port, T-Box, sensors, and telematics, implement the interaction between the IVN and external environment. Although rich value-added functionalities can be provided through these interfaces, such as diagnostics and OTA (Over The Air) updates, the adversary may also inject malicious data into IVN, thus causing severe safety issues. Even worse, existing defense approaches mainly focus on detecting the injection attacks launched from IVN, such as malicious/compromised ECUs, by analyzing CAN frames, and cannot defend against the higher layer MIAs (Message Injection Attacks) that can cause abnormal vehicle dynamics. In this paper, we propose a new state-aware abnormal message injection attack defense approach, named SAID. It detects the abnormal data to be injected into IVN by considering the data semantics and the vehicle dynamics and prevents the MIAs launched from devices connected to the vehicles, such as the compromised diagnostic tools and T-boxes. We develop a prototype of SAID for defending against MIAs and evaluate it using both real road data and simulation data. The experimental results show that SAID can defend against more than 99% of the network and service layer attack traffic and all state layer MIAs, effectively enforcing the safety of vehicles.

Xiaoyu Jiang,Zhiqiang Ge

DOI: https://doi.org/10.1109/tai.2022.3145335

2022-01-01

IEEE Transactions on Artificial Intelligence

Abstract:With the rapid development of information technology, intelligent upgrading of the manufacturing industry has broken the closed environment of traditional industrial control systems (ICS); thus, the information security of ICS has been seriously threatened. As part of ICS, the process monitoring system (PMS) is heavily subject to external risks. Data-driven PMSs have been widely used as initial lines of defense to ensure ICS safety. Once the PMS is under attack, the consequences on the whole ICS will be unimaginable. Unfortunately, the safety issues of the PMS have received inadequate attention. This article reveals PMS’s vulnerabilities through effective attacks. A novel method called subspace transfer network (STN) is proposed to conduct adversarial and poisoning attacks on the PMS simultaneously. Then the attack task flow is defined and explained to make online adversarial attacks and data poisoning on PMS. Meanwhile, aiming at two poisoning goals, targeted and untargeted attacks of STN are designed, respectively. Finally, the PMS’s fragility is verified in two industrial benchmarks.

Xingmao Shao,Lun Xie,Chiqin Li,Zhiliang Wang,Li, Chiqin

DOI: https://doi.org/10.1007/s10846-023-01984-2

2023-11-04

Journal of Intelligent and Robotic Systems: Theory and Applications

Abstract:The recent integration and collaboration of robots with networks expose new challenges and problems in terms of security. However, to the best of our knowledge, there has not been any comprehensive review of the vulnerabilities and attack surfaces of networked industrial robotic (NIR) systems under the framework of industrial control systems (ICS). Therefore, this paper provides an overview and further analysis of this field. We discuss the structure of the NIR systems in a modern factory, considering physical dynamics, control systems, and manufacturing networks, and then explore the vulnerabilities and the attack surface of this paradigm. Moreover, a new effort is that typical data integrity (DI) attacks that may cause serious robot equipment failures are elaborated in detail, which mainly achieves intrusion by tampering with the data of sensors or controllers through known or potential attack paths. In particular, the covert nature of several DI attacks is revealed. We analyze the existing anomaly detection strategies of the robot system and present numerical examples using dynamics-based control law to illustrate how adversaries achieve stealth to traditional detectors and the impact of the undermined robot system. Conclusively, a security framework integrating protective, detective, and responsive actions is proposed as a compensatory countermeasure for traditional methods against DI attacks. We believe that understanding these attacks and associated defense mechanisms will help accelerate the implementation of robot-based smart manufacturing technology.

Alex Zhu,Wei Qi Yan

DOI: https://doi.org/10.4018/ijdcf.2017100106

2017-01-01

International Journal of Digital Crime and Forensics

Abstract:SQLIA is adopted to attack websites with and without confidential information. Hackers utilized the compromised website as intermediate proxy to attack others for avoiding being committed of cyber-criminal and also enlarging the scale of Distributed Denial of Service Attack DDoS. The DDoS is that hackers maliciously turn down a website and make network resources unavailable to web users. It is extremely difficult to effectively detect and prevent SQLIA because hackers adopt various evading SQLIA Intrusion Detection System techniques. Victims may not be even aware of that their confidential data has been compromised for a long time. In this paper, our contribution is that we evaluate several most popular open source SQLIA tools and SQLIA prevention tools with both qualitative and quantitative assessments.

Kecheng Li,Genyuan Yang,Shanling Dong,Meiqin Liu

DOI: https://doi.org/10.23919/ccc63176.2024.10661728

2024-01-01

Abstract:The increasing integration of smart grid technologies in multiregional power systems improves efficiency but also exposes them to cyber security threats, especially false data injection attacks. In this paper, we address this challenge by proposing a distributed detection framework tailored for multi-regional power systems. Traditional centralized approaches are insufficient to cope with the dynamic and decentralized nature of these systems. The framework aims to simultaneously monitor and analyze multiple regions in real-time, enhancing the system’s ability to withstand false data injection attacks. This study outlines the proposed framework and provides simulation results for validation, emphasizing the need for proactive defense mechanisms in safeguarding the data integrity of power systems.

Niansheng Cheng,Yisheng Zhang

DOI: https://doi.org/10.1109/wgec.2008.91

2008-01-01

Abstract:In modern manufacturing grid, different security mechanisms of systems bring usage complexities and security risks. Single sign-on (SSO) can enhance the enterprise applications security and improve the overall efficiency. A security infrastructure is proposed by the token based authentication protocol in intranet. It is designed and developed on the technology of Java GSS-API, JAAS, Kerberos and SPNEGO. The key technologies such as analyzing SPNEGO token and integrating with application server are specially discussed. The application in a blanking processing factory verifies the practicability of the security service.

Sandeep Nair Narayanan,Alwyn Roshan Pais,Radhesh Mohandas

DOI: https://doi.org/10.1007/978-3-642-22786-8_13

2011-01-01

Abstract:SQL injection vulnerability is a kind of injection vulnerability in which the database server is forced to execute some illicit operations by crafting specific inputs to the web server. Even though this vulnerability has had it’s presence for several years now, most of its popular mitigation techniques are based on safe coding practices, which are neither applicable to the existing applications, nor are application independent. Here we propose a new application logic independent solution to prevent SQL injection attacks which can be applicable to any dynamic web technology. The new solution detects SQL injection by considering the semantic variance between the queries generated by the query function with safe inputs and injection inputs. We have implemented the complete solution in ASP.NET with C# web applications using a custom written tool, SIAP, which patches the SQL Injection vulnerabilities in an existing web application by instrumenting the binaries.

Jingxuan Wang,Lucas C. K. Hui,S. M. Yiu,Gang Zhou,Ruoqing Zhang

DOI: https://doi.org/10.1155/2017/9602357

IF: 1.968

2017-01-01

Security and Communication Networks

Abstract:Data injection attacks in a cyber-physical system aim at manipulating a number of measurements to alter the estimated real-time system states. Many researchers recently focus on how to detect such attacks. However, most of the detection methods do not work well for the nonlinear systems. In this paper, we present a compressive sampling methodology to identify the attack, which allows determining how many and which measurement signals are launched. The sparsity feature is used. Generally, our methodology can be applied to both linear and nonlinear systems. The experimental testing, which includes realistic load patterns from NYISO with various attack scenarios in the IEEE 14-bus system, confirms that our detector performs remarkably well.

Zhang Wenyu,Yin Jianwei,Cai Ming,Wu Jian,Lin Lanfen

DOI: https://doi.org/10.1109/mie.2012.2193293

IF: 8.36

2012-01-01

IEEE Industrial Electronics Magazine

Abstract:Since the wide adoption of database and Web service technologies in cross-enterprise manufacturing collaboration, leveraging deep Web contents through service discovery has become one of the most advanced trends in the manufacturing field. However, the effective service discovery and knowledge retrieval from manufacturing deep Web services is still a critical issue because of the underlying intricate structures of deep Web pages. This motivates us to seek a different way to manage manufacturing deep Web services by semantically annotating them to reflect their hidden, dynamic, and heterogeneous contents. In this article, a novel ontology-based approach that uses semantic Web paradigm is proposed, and its implementation in real applications is validated.

Beibei Li,Rongxing Lu,Wei Wang,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1016/j.jpdc.2016.12.012

IF: 4.542

2017-05-01

Journal of Parallel and Distributed Computing

Abstract:False data injection (FDI) attacks are crucial security threats to smart grid cyber-physical system (CPS), and could result in cataclysmic consequences to the entire power system. However, due to the high dependence on open information networking, countering FDI attacks is challenging in smart grid CPS. Most existing solutions are based on state estimation (SE) at the highly centralized control center; thus, computationally expensive. In addition, these solutions generally do not provide a high level of security assurance, as evidenced by recent work that smart FDI attackers with knowledge of system configurations can easily circumvent conventional SE-based false data detection mechanisms. In this paper, in order to address these challenges, a novel distributed host-based collaborative detection method is proposed. Specifically, in our approach, we use a conjunctive rule based majority voting algorithm to collaboratively detect false measurement data inserted by compromised phasor measurement units (PMUs). In addition, an innovative reputation system with an adaptive reputation updating algorithm is also designed to evaluate the overall running status of PMUs, by which FDI attacks can be distinctly observed. Extensive simulation experiments are conducted with real-time measurement data obtained from the PowerWorld simulator, and the numerical results fully demonstrate the effectiveness of our proposal.

computer science, theory & methods

W. Y. Zhang,M. Cai,J. Qiu,J. W. Yin

DOI: https://doi.org/10.1080/00207540802311114

IF: 9.018

2009-01-01

International Journal of Production Research

Abstract:The development and maintenance of semantic web (SW) means that collaborative manufacturing systems are faced with increasing challenges caused by the growing difficulty in managing distributed manufacturing knowledge. This paper presents a multi-perspective modelling approach to systematically manage distributed manufacturing knowledge on the SW. Considering knowledge engineering as a cyclic and constructive modelling process, a multi-perspective knowledge modelling process is proposed to evolve along knowledge elicitation, engineering modelling, UML-based object modelling, OWL-based ontology modelling, knowledge formalisation and OWL-QL assisted knowledge verification activities. The proposed approach is viewed as a promising knowledge management method that facilitates the implementation of computer supported cooperative work (CSCW) in distributed manufacturing for SW applications by integrating the industrial, UML enabled software engineering techniques into recent ontology-based knowledge engineering process. The feasibility of knowledge management through multi-perspective modelling is manifested using the manufacturing ontology for manufacturing electronic connectors.

M. Cai,W. Y. Zhang,G. Chen,K. Zhang,S. T. Li

DOI: https://doi.org/10.1080/00207540902814330

IF: 9.018

2009-01-01

International Journal of Production Research

Abstract:As supply chains are becoming ever more global and agile in the modern manufacturing era, enterprises are increasingly dependent upon the efficient and effective discovery of shared manufacturing resources provided by their partners, wherever they are. Enterprises are thus faced with increasing challenges caused by the technical difficulties and ontological issues in manufacturing interoperability and integration over heterogeneous computing platforms. This paper presents a prototype intelligent system SWMRD (Semantic Web-based manufacturing resource discovery) for distributed manufacturing collaboration across ubiquitous virtual enterprises. Ontology-based annotation to the distributed manufacturing resources via a new, multidisciplinary manufacturing ontology is proposed on the semantic web to convert resources into machine understandable knowledge, which is a prelude to the meaningful resource discovery for cross-enterprise multidisciplinary collaboration. An ontology-based multi-level knowledge retrieval model is devised to extend the traditional information retrieval approaches based on keyword search, with integrated capabilities of graph search, semantic search, fuzzy search and automated reasoning to realise the intelligent discovery of manufacturing resources, e.g. to facilitate more flexible, meaningful, accurate and automated resource discovery. A case study for intelligent discovery of manufacturing resources is used to demonstrate the practicality of the developed system.

Xiaolin Zheng,Deren Chen,Zigui Wu

DOI: https://doi.org/10.1109/ICSMC.2004.1401195

2004-01-01

Abstract:Networked manufacturing system meets the greater demand from customer, suppliers and partners in manufacturing industry to offer a full range of information and services collaboration. However, there are many security issues within the collaboration and communications, especially when the application service provider mode is adopted. Therefore, an integrated user access control model to overcome security challenges was provided. This model is composed of role authorization, task authorization, company relation authorization and coalition authorization. And we also presented a virtual private network (VPN)-based security solution for networked manufacturing system. These two security solutions help us to safeguard the networked manufacturing system.

Xinrui Liu,Shubo Sun,Yating Wang,Zhiyuan Duan,Xin Li,Qiuye Sun

DOI: https://doi.org/10.1016/j.segan.2024.101533

2024-10-08

Sustainable Energy, Grids and Networks

Abstract:With the increasing number of users and multi-type loads accessing the cyber–physical distribution system (CPDS), the bidirectional interaction between the system becomes more and more frequent. The Load aggregator (LA) also plays an increasingly important role in the interaction process. However, the LA's high dependence on information and lack of security measures make it vulnerable to attacks, so this paper analyzes the interactive security of the LAs from two points. Considering the game process between the LAs and users from the attacker's point of view, this paper puts forward an attack strategy aiming cost function of the LAs, establishes a bi-level multi-objective programming attack model of false data injection attacks(FDIAs), and proposes an attack detection method based on the multi-state matching method and improved similar daily data preprocessing generative adversarial network (P-GAN) from the defender's point of view to defend against the above attack strategy. Furthermore, a hybrid detection mechanism combining event triggering and periodic detection is proposed to ensure response speed and adaptability of detection. The effectiveness of the proposed attack model and the detection method is verified by simulation analysis.

energy & fuels,engineering, electrical & electronic

Haibin Hu

DOI: https://doi.org/10.1063/1.4982570

2017-01-01

AIP Conference Proceedings

Abstract:Among numerous WEB security issues, SQL injection is the most notable and dangerous. In this study, characteristics and procedures of SQL injection are analyzed, and the method for detecting the SQL injection attack is illustrated. The defense resistance and remedy model of SQL injection attack is established from the perspective of non-intrusive SQL injection attack and defense. Moreover, the ability of resisting the SQL injection attack of the server has been comprehensively improved through the security strategies on operation system, IIS and database, etc.. Corresponding codes are realized. The method is well applied in the actual projects.

Bing Zhang,Rong Ren,Jia Liu,Mingcai Jiang,Jiadong Ren,Jingyue Li

DOI: https://doi.org/10.1109/tse.2024.3400404

IF: 7.4

2024-07-19

IEEE Transactions on Software Engineering

Abstract:Due to well-hidden and stage-triggered properties of second-order SQL injections in web applications, current approaches are ineffective in addressing them and still report high false negatives and false positives. To reduce false results, we propose a Proxy-based static analysis and dynamic execution mechanism towards detecting, locating and preventing second-order SQL injections (SQLPsdem). The static analysis first locates SQL statements in web applications and identifies all data sources and injection points (e.g., Post, Sessions, Database, File names) that injection attacks can exploit. After that, we reconstruct the SQL statements and use attack engines to jointly generate attacks to cover all the state-of-the-art attack patterns so as to exploit these applications. We then use proxy-based dynamic execution to capture the data transmitted between web applications and their databases. The data are the reconstructed SQL statements with variable values from the attack payloads. If a web application is vulnerable, the data will contain malicious attacks on the database. We match the data with rules formulated by attack patterns to detect first and second-order SQL injection vulnerabilities in web applications, particularly the second-order ones. We use a representative and complete coverage of attack patterns and precise matching rules to reduce false results. By escaping and truncating malicious payloads in the data transmitted from the web application to the database, we can eliminate the possible negative impact of the data on the database. In the evaluation, by generating 52,771 SQL injection attacks using four attack generators, SQLPsdem successfully detects 26 second-order (including 13 newly discovered ones) and 375 first-order SQL injection vulnerabilities in 12 open-source web applications. SQLPsdem can also 100% eliminate the malicious impact of the data with negligible overhead.

engineering, electrical & electronic,computer science, software engineering

Haoqi Wang,Guangwei Wang,Hao Li,Jiewu Leng,Lindong Lv,Vincent Thomson,Yuyan Zhang,Linli Li,Lucheng Chen

DOI: https://doi.org/10.1016/j.aei.2024.102792

IF: 8.8

2024-01-01

Advanced Engineering Informatics

Abstract:The safety management of manufacturing workshops is crucial for ensuring human- centered Industry 5.0. To infer the unsafe state of a manufacturing workshop, an integrated Digital Twin (DT) and ontology method was used. However, two challenges arise from this approach. First, creating and labeling virtual-real mixed datasets for unsafe state detection typically requires manual effort. Secondly, recognizing semantic relations of instances of unsafe states using an ontology is time-consuming. To address these challenges, an automatic semantic reasoning framework for unsafe state in a Digital Twin Workshop (DTW) is proposed by integrating instance segmentation, relationship detection and ontology technology. For the first challenge, the Mask R-CNN algorithm is applied to generate automatically a semi-virtual dataset in a DTW, which is then mixed with the real datasets to form a virtual-real mixed dataset. This dataset detects object instances of unsafe states. For the second challenge, a relationship detection model is constructed to predict the semantic relationship of detected object instances. The predicted semantic relationship and detected instances are then mapped to unsafe states in an ontology to be used for automatic reasoning. Finally, an experiment in a welding shop demonstrates that the proposed approach can alleviate the two challenges.

Jie Meng,Zeyu Yang,Zhenyong Zhang,Yangyang Geng,Ruilong Deng,Peng Cheng,Jiming Chen,Jianying Zhou

DOI: https://doi.org/10.1145/3627106.3627179

2023-01-01

Abstract:Programmable logic controllers (PLCs), the essential components of critical infrastructure, play a crucial role in various industrial manufacturing processes. Recent attack events show that attackers have a strong interest in tampering with the controller variables, such as the device status and internal program logic. A typical attack strategy is that the attackers just send malicious network traffic of industrial control protocols (ICPs) to change the controller variables of PLCs. To defend against this attack, a lot of countermeasures have been proposed to detect anomalies in network traffic based on the semantic analysis. However, the proprietary nature of ICPs poses a challenge to extracting the required semantics for evaluating the controller variables. In this paper, we propose a novel framework named SePanner to extract the semantics of controller variables from proprietary ICPs based on network traffic. Specifically, SePanner conducts the multi-state comparison to locate the semantic fields directly, then removes the interfering fields by the single-state comparison and filtering criteria. Our experiments demonstrate that SePanner can precisely extract the semantics of controller variables from proprietary ICPs, providing protection for PLCs while remaining compatible with various proprietary binary protocols.

Xinchen Zhang,Zhihan Jiang,Yulong Ding,Edith C.H. Ngai,Shuang-Hua Yang

DOI: https://doi.org/10.1016/j.jfranklin.2024.107000

IF: 4.246

2024-09-01

Journal of the Franklin Institute

Abstract:As the Industrial Internet-of-Things (IIoT) evolves, a growing number of industrial control systems (ICSs) are connecting to the Internet, making them more vulnerable to malicious attacks. This paper addresses the detection of false data injection (FDI) attacks, a prevalent threat to open ICSs. We introduce an innovative anomaly detection technique using isomorphic analysis to safeguard ICSs against FDI attacks. Isomorphic analysis involves comparing transmitted signals with their expected values, which are derived from mathematical models or isomorphic components. For a comprehensive defense mechanism, we incorporate three specific detectors: the control signal detector, the actuating signal detector, and the sensor reading detector. Designed to detect FDI attacks across various parts of the ICS, these detectors ensure the integrity of all transmitted signals throughout the physical control system. While the control signal detector adopts a threshold method, the other two rely on statistical approaches. If an attack is detected, the detectors can correct tampered signals before they reach downstream components, enhancing the system’s overall resilience and fault tolerance. The effectiveness of these detectors is supported by rigorous mathematical proofs. Moreover, our experimental findings further reveal the superiority of the isomorphic strategy over prior work in terms of detection rate, detection time delay, and system resilience.

automation & control systems,engineering, electrical & electronic, multidisciplinary,mathematics, interdisciplinary applications