Ruiwen He,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/ei250167.2020.9346835

2020-01-01

Abstract:With the development of information technology and Power Internet of Things, the increasing number of networked terminals presents new network security threats. Industrial control equipment and systems have vulnerabilities in hardware, software and firmware, and advanced persistent threat against ICS has become more complex and diverse. However, most of the research are aimed at the detection of single vulnerability, and lack attack mechanism analysis and threat assessment for attack chain. We proposed a threat assessment method based on vulnerability descriptive text and described the attributes of attack samples according to the classification results in attack targets, methods and consequences. We constructed attack graphs based on attack sample attributes and cyber-physical topology to quantitatively evaluate the feasibility and benefits of each attack path from vulnerability capabilities and the impact of devices in the physical world. Finally, we took the substation device status monitoring system as an example to verify the feasibility of this method.

Wenyuan Xu

DOI: https://doi.org/10.1145/3579856.3596442

2023-01-01

Abstract:Vulnerabilities pose a significant challenge in ensuring cybersesecurity for information systems. In the past, vulnerabilities were mainly associated with functional defects in system software and hardware, known as "in-band vulnerabilities," whereby "band" refers to the functional domain. However, with the rapid development of the Internet of Things (IoT), new security issues have emerged that traditional vulnerability categorization may not fully cover. IoT devices rely on sensors and actuators to interact with the real world, but this interaction process between physical and digital systems has created defects that are difficult to analyze and detect. These defects include unintentional coupling effects of sensors from ambient analog signals or abnormal channels that were not intentionally designed, collectively known as "out-of-band vulnerabilities." Various security incidents have highlighted the prevalence of out-of-band vulnerabilities in IoT systems, and their activation can result in serious consequences. To address this issue, we propose a vulnerability categorization framework that includes out-of-band vulnerabilities and provides examples for each category. Our talk highlights the need to shift the research paradigm for system security to encompass both in-band and out-of-band vulnerabilities in the intelligence era. Finally, we explore potential solutions for mitigating out-of-band vulnerabilities and securing IoT devices.

Simon Liebl,Leah Lathrop,Ulrich Raithel,Andreas Aßmuth,Ian Ferguson,Matthias Söllner

DOI: https://doi.org/10.48550/arXiv.2405.16318

2024-05-26

Abstract:The growing connectivity of industrial devices as a result of the Internet of Things is increasing the risks to Industrial Control Systems. Since attacks on such devices can also cause damage to people and machines, they must be properly secured. Therefore, a threat analysis is required in order to identify weaknesses and thus mitigate the risk. In this paper, we present a systematic and holistic procedure for analyzing the attack surface and threats of Industrial Internet of Things devices. Our approach is to consider all components including hardware, software and data, assets, threats and attacks throughout the entire product life cycle.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Maede Zolanvari,Marcio A. Teixeira,Lav Gupta,Khaled M. Khan,Raj Jain

DOI: https://doi.org/10.48550/arXiv.1911.05771

2019-11-14

Abstract:It is critical to secure the Industrial Internet of Things (IIoT) devices because of potentially devastating consequences in case of an attack. Machine learning and big data analytics are the two powerful leverages for analyzing and securing the Internet of Things (IoT) technology. By extension, these techniques can help improve the security of the IIoT systems as well. In this paper, we first present common IIoT protocols and their associated vulnerabilities. Then, we run a cyber-vulnerability assessment and discuss the utilization of machine learning in countering these susceptibilities. Following that, a literature review of the available intrusion detection solutions using machine learning models is presented. Finally, we discuss our case study, which includes details of a real-world testbed that we have built to conduct cyber-attacks and to design an intrusion detection system (IDS). We deploy backdoor, command injection, and Structured Query Language (SQL) injection attacks against the system and demonstrate how a machine learning based anomaly detection system can perform well in detecting these attacks. We have evaluated the performance through representative metrics to have a fair point of view on the effectiveness of the methods.

Cryptography and Security,Machine Learning,Networking and Internet Architecture

Shantanu Pal,Zahra Jadidi

DOI: https://doi.org/10.3390/app11209393

2021-10-10

Applied Sciences

Abstract:Industrial Internet of Things (IIoT) can be seen as an extension of the Internet of Things (IoT) services and applications to industry with the inclusion of Industry 4.0 that provides automation, reliability, and control in production and manufacturing. IIoT has tremendous potential to accelerate industry automation in many areas, including transportation, manufacturing, automobile, marketing, to name a few places. When the benefits of IIoT are visible, the development of large-scale IIoT systems faces various security challenges resulting in many large-scale cyber-attacks, including fraudulent transactions or damage to critical infrastructure. Moreover, a large number of connected devices over the Internet and resource limitations of the devices (e.g., battery, memory, and processing capability) further pose challenges to the system. The IIoT inherits the insecurities of the traditional communication and networking technologies; however, the IIoT requires further effort to customize the available security solutions with more focus on critical industrial control systems. Several proposals discuss the issue of security, privacy, and trust in IIoT systems, but comprehensive literature considering the several aspects (e.g., users, devices, applications, cascading services, or the emergence of resources) of an IIoT system is missing in the present state of the art IIoT research. In other words, the need for considering a vision for securing an IIoT system with broader security analysis and its potential countermeasures is missing in recent times. To address this issue, in this paper, we provide a comparative analysis of the available security issues present in an IIoT system. We identify a list of security issues comprising logical, technological, and architectural points of view and consider the different IIoT security requirements. We also discuss the available IIoT architectures to examine these security concerns in a systematic way. We show how the functioning of different layers of an IIoT architecture is affected by various security issues and report a list of potential countermeasures against them. This study also presents a list of future research directions towards the development of a large-scale, secure, and trustworthy IIoT system. The study helps understand the various security issues by indicating various threats and attacks present in an IIoT system.

Davide Quarta,Marcello Pogliani,Mario Polino,Federico Maggi,Andrea Maria Zanchettin,Stefano Zanero

DOI: https://doi.org/10.1109/sp.2017.20

2017-05-01

Abstract:Industrial robots, automated manufacturing, and efficient logistics processes are at the heart of the upcoming fourth industrial revolution. While there are seminal studies on the vulnerabilities of cyber-physical systems in the industry, as of today there has been no systematic analysis of the security of industrial robot controllers. We examine the standard architecture of an industrial robot and analyze a concrete deployment from a systems security standpoint. Then, we propose an attacker model and confront it with the minimal set of requirements that industrial robots should honor: precision in sensing the environment, correctness in execution of control logic, and safety for human operators. Following an experimental and practical approach, we then show how our modeled attacker can subvert such requirements through the exploitation of software vulnerabilities, leading to severe consequences that are unique to the robotics domain. We conclude by discussing safety standards and security challenges in industrial robotics.

Miao Yu,Jianwei Zhuge,Ming Cao,Zhiwei Shi,Lin Jiang

DOI: https://doi.org/10.3390/fi12020027

2020-01-01

Future Internet

Abstract:With the prosperity of the Internet of Things (IoT) industry environment, the variety and quantity of IoT devices have grown rapidly. IoT devices have been widely used in smart homes, smart wear, smart manufacturing, smart cars, smart medical care, and many other life-related fields. With it, security vulnerabilities of IoT devices are emerging endlessly. The proliferation of security vulnerabilities will bring severe risks to users’ privacy and property. This paper first describes the research background, including IoT architecture, device components, and attack surfaces. We review state-of-the-art research on IoT device vulnerability discovery, detection, mitigation, and other related works. Then, we point out the current challenges and opportunities by evaluation. Finally, we forecast and discuss the research directions on vulnerability analysis techniques of IoT devices.

Simon Daniel Duque Anton,Daniel Fraunholz,Daniel Krohmer,Daniel Reti,Daniel Schneider,Hans Dieter Schotten

DOI: https://doi.org/10.1109/jiot.2021.3081741

IF: 10.6

2021-12-15

IEEE Internet of Things Journal

Abstract:Operational Technology (OT) networks and devices, i.e., all components used in industrial environments, were not designed with security in mind. Efficiency and ease of use were the most important design characteristics. However, due to the digitization of industry, an increasing number of devices and industrial networks are opened up to public networks. This is beneficial for the administration and organization of the industrial environments. However, it also increases the attack surface, providing possible points of entry for an attacker. Originally, breaking into production networks meant to break an information technology (IT)-perimeter first, such as a public Website, and then to move laterally to industrial control systems (ICSs) to influence the production environment. However, many OT-devices are connected directly to the Internet, which drastically increases the threat of compromise, especially since OT-devices contain several vulnerabilities. In this work, the presence of OT-devices in the Internet is analyzed from an attacker's perspective. Publicly available tools, such as the search engine Shodan and vulnerability databases, are employed to find commonly used OT-devices and map vulnerabilities to them. These findings are grouped according to the country of origin, manufacturer, and number as well as severity of vulnerability. More than 13000 devices were found, almost all contained at least one vulnerability. European and Northern American countries are by far the most affected ones.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xingmao Shao,Lun Xie,Chiqin Li,Zhiliang Wang,Li, Chiqin

DOI: https://doi.org/10.1007/s10846-023-01984-2

2023-11-04

Journal of Intelligent and Robotic Systems: Theory and Applications

Abstract:The recent integration and collaboration of robots with networks expose new challenges and problems in terms of security. However, to the best of our knowledge, there has not been any comprehensive review of the vulnerabilities and attack surfaces of networked industrial robotic (NIR) systems under the framework of industrial control systems (ICS). Therefore, this paper provides an overview and further analysis of this field. We discuss the structure of the NIR systems in a modern factory, considering physical dynamics, control systems, and manufacturing networks, and then explore the vulnerabilities and the attack surface of this paradigm. Moreover, a new effort is that typical data integrity (DI) attacks that may cause serious robot equipment failures are elaborated in detail, which mainly achieves intrusion by tampering with the data of sensors or controllers through known or potential attack paths. In particular, the covert nature of several DI attacks is revealed. We analyze the existing anomaly detection strategies of the robot system and present numerical examples using dynamics-based control law to illustrate how adversaries achieve stealth to traditional detectors and the impact of the undermined robot system. Conclusively, a security framework integrating protective, detective, and responsive actions is proposed as a compensatory countermeasure for traditional methods against DI attacks. We believe that understanding these attacks and associated defense mechanisms will help accelerate the implementation of robot-based smart manufacturing technology.

Anselme Herman Eyeleko,Tao Feng

DOI: https://doi.org/10.1109/jiot.2023.3308195

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:We have witnessed significant technological advancement over the past few years, including the Internet of Things (IoT). The IoT’s ability to connect consumer appliances to the internet has changed the way we live. As a result of the significant benefits that IoT has brought to household usage, it has become a topic of discussion for research departments, leading to its expansion into industrial sectors, commonly known as the Industrial Internet of Things (IIoT). IIoT enables automation and the use of intelligent machines to improve product manufacturing processes and enhance our lives as customers. However, as IIoT-enabling technology and applications continue to grow, security issues and privacy protection challenges become harder to manage, which frequently results in data breaches and sensitive information disclosures. This paper first explains what the reader needs to know about the IIoT system architecture in Industry 4.0 to make it easier for them to understand. Second, a hacking scenario is utilized as a methodology to conduct an in-depth analysis of various security issues, as well as their impacts and countermeasures, for each level of the IIoT architecture. Additionally, our hacking scenarios present a variety of targets from which malicious actors can launch their assaults. Third, we provide a thorough review of the various blockchain solutions currently being employed to protect IIoT systems. Finally, this paper draws to a close by outlining certain gaps and potential solutions that could be investigated in subsequent studies to strengthen security and enhance privacy for IIoT systems.

computer science, information systems,telecommunications,engineering, electrical & electronic

Binbin Zhao,Shouling Ji,Wei-Han Lee,Changting Lin,Haiqin Weng,Jingzheng Wu,Pan Zhou,Liming Fang,Raheem Beyah

DOI: https://doi.org/10.1109/tdsc.2020.3037908

2020-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The Internet of Things (IoT) has become ubiquitous and greatly affected peoples' daily lives. With the increasing development of IoT devices, the corresponding security issues are becoming more and more challenging. Such a severe security situation raises the following questions that need urgent attention: What are the primary security threats that IoT devices face currently? How do vendors and users deal with these threats? In this article, we aim to answer these critical questions through a large-scale systematic study. Specifically, we perform a ten-month-long empirical study on the vulnerability of 1,362,906 IoT devices varying from six types. The results show sufficient evidence that N-days vulnerability is seriously endangering the IoT devices: 385,060 (28.25 percent) devices suffer from at least one N-days vulnerability. Moreover, 2669 of these vulnerable devices may have been compromised by botnets. We further reveal the massive differences among five popular IoT search engines: Shodan [1], Censys [2], [3], Zoomeye [4], Fofa [5], and NTI [6]. To study whether vendors and users adopt defenses against the threats, we measure the security of MQTT [7] servers, and identify that 12740 (88 percent) MQTT servers have no password protection. Our analysis can serve as an important guideline for investigating the security of IoT devices, as well as advancing the development of a more secure environment for IoT systems.

Simon Liebl,Leah Lathrop,Ulrich Raithel,Matthias Söllner,Andreas Aßmuth

DOI: https://doi.org/10.48550/arXiv.2405.16314

2024-05-26

Abstract:As part of the Internet of Things, industrial devices are now also connected to cloud services. However, the connection to the Internet increases the risks for Industrial Control Systems. Therefore, a threat analysis is essential for these devices. In this paper, we examine Industrial Internet of Things devices, identify and rank different sources of threats and describe common threats and vulnerabilities. Finally, we recommend a procedure to carry out a threat analysis on these devices.

Cryptography and Security

Zhen Ling,Kaizheng Liu,Yiling Xu,Chao Gao,Yier Jin,Cliff Zou,Xinwen Fu,Wei Zhao

DOI: https://doi.org/10.48550/arXiv.1805.05853

2018-05-15

Abstract:In this paper, we present an end-to-end view of IoT security and privacy and a case study. Our contribution is three-fold. First, we present our end-to-end view of an IoT system and this view can guide risk assessment and design of an IoT system. We identify 10 basic IoT functionalities that are related to security and privacy. Based on this view, we systematically present security and privacy requirements in terms of IoT system, software, networking and big data analytics in the cloud. Second, using the end-to-end view of IoT security and privacy, we present a vulnerability analysis of the Edimax IP camera system. We are the first to exploit this system and have identified various attacks that can fully control all the cameras from the manufacturer. Our real-world experiments demonstrate the effectiveness of the discovered attacks and raise the alarms again for the IoT manufacturers. Third, such vulnerabilities found in the exploit of Edimax cameras and our previous exploit of Edimax smartplugs can lead to another wave of Mirai attacks, which can be either botnets or worm attacks. To systematically understand the damage of the Mirai malware, we model propagation of the Mirai and use the simulations to validate the modeling. The work in this paper raises the alarm again for the IoT device manufacturers to better secure their products in order to prevent malware attacks like Mirai.

Cryptography and Security

Nasr Abosata,Saba Al-Rubaye,Gokhan Inalhan,Christos Emmanouilidis

DOI: https://doi.org/10.3390/s21113654

IF: 3.9

2021-05-24

Sensors

Abstract:The growth of the Internet of Things (IoT) offers numerous opportunities for developing industrial applications such as smart grids, smart cities, smart manufacturers, etc. By utilising these opportunities, businesses engage in creating the Industrial Internet of Things (IIoT). IoT is vulnerable to hacks and, therefore, requires various techniques to achieve the level of security required. Furthermore, the wider implementation of IIoT causes an even greater security risk than its benefits. To provide a roadmap for researchers, this survey discusses the integrity of industrial IoT systems and highlights the existing security approaches for the most significant industrial applications. This paper mainly classifies the attacks and possible security solutions regarding IoT layers architecture. Consequently, each attack is connected to one or more layers of the architecture accompanied by a literature analysis on the various IoT security countermeasures. It further provides a critical analysis of the existing IoT/IIoT solutions based on different security mechanisms, including communications protocols, networking, cryptography and intrusion detection systems. Additionally, there is a discussion of the emerging tools and simulations used for testing and evaluating security mechanisms in IoT applications. Last, this survey outlines several other relevant research issues and challenges for IoT/IIoT security.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Rishit Lakhani

DOI: https://doi.org/10.18535/ijecs/v12i11.4779

2023-11-30

International Journal Of Engineering And Computer Science

Abstract:In fact, the mushrooming development of IoT has reshaped industries and everyday life in connecting devices, networks, and systems. Accompanying this phenomenal growth are formidable challenges related to cybersecurity. The major reasons why IoT networks are more susceptible to a variety of cyber threats are the limited computational resources of devices, a lack of standardized security protocols, and the large-scale interconnectedness of devices. This paper throws light on some of the major cybersecurity threats to IoT networks, such as device vulnerabilities, network-based attacks, and data breaches. It further pays attention to the root causes of such vulnerability exposures. Further, it discusses an in-depth analysis of some of the existing defense mechanisms involving advanced authentication methods, encryption techniques, and network security measures. The work also probes into some state-of-the-art security technologies like blockchain and artificial intelligence that hold immense promise for securing IoT. It analyzes real case studies of IoT attacks, such as the Mirai Botnet and Jeep Cherokee Hack, to depict the impact of such threats and extract some helpful lessons in securing future IoT systems. The paper then concludes with discussions on the ever-evolving IoT cybersecurity landscape and how new approaches to defense strategies continue to be thought out, developed, and implemented as these risks continue to mount.

Sachin Sen,Lei Song

DOI: https://doi.org/10.1109/ieacon51066.2021.9654520

2021-11-22

Abstract:Behind the great success of the current internet, Open Systems Interconnect (OSI) and Transport Control Protocol/Internet Protocol (TCP/IP) standards play the most important role. Whereas, due to a lack of standard architectures, industrial internet is lagging behind. This makes industrial internet applications experience increased security risks due to their integration with the information technology and exposure to the public internet. In this research, we propose a layered architecture for industrial internet of things (IIoT) based networked industrial control systems (n-ICS). Layer-wise functionality of this architecture could be useful in identifying necessary security protocols for each layer. Subsequently, this might assist in allocating resources towards the secure operation of industrial applications. To validate the proposed architecture, we modelled a water flow control system, where we demonstrated a data deception attack on its operation at the physical layer. This demonstration validates that from within the close proximity of networked control systems, threat actors can launch possible attacks to deceive physical industrial applications. Our proposed system includes a network communication architecture and a corresponding security architecture aligning with the network architecture. This will facilitate the design of security suites and/or the allocation of security resources on the basis of layered network functionalities.

Georgios Michail Makrakis,Constantinos Kolias,Georgios Kambourakis,Craig Rieger,Jacob Benjamin

DOI: https://doi.org/10.48550/arXiv.2109.03945

2021-09-08

Cryptography and Security

Abstract:Critical infrastructures (CI) and industrial organizations aggressively move towards integrating elements of modern Information Technology (IT) into their monolithic Operational Technology (OT) architectures. Yet, as OT systems progressively become more and more interconnected, they silently have turned into alluring targets for diverse groups of adversaries. Meanwhile, the inherent complexity of these systems, along with their advanced-in-age nature, prevents defenders from fully applying contemporary security controls in a timely manner. Forsooth, the combination of these hindering factors has led to some of the most severe cybersecurity incidents of the past years. This work contributes a full-fledged and up-to-date survey of the most prominent threats against Industrial Control Systems (ICS) along with the communication protocols and devices adopted in these environments. Our study highlights that threats against CI follow an upward spiral due to the mushrooming of commodity tools and techniques that can facilitate either the early or late stages of attacks. Furthermore, our survey exposes that existing vulnerabilities in the design and implementation of several of the OT-specific network protocols may easily grant adversaries the ability to decisively impact physical processes. We provide a categorization of such threats and the corresponding vulnerabilities based on various criteria. As far as we are aware, this is the first time an exhaustive and detailed survey of this kind is attempted.

Hongyi Pu,Liang He,Peng Cheng,Mingyang Sun,Jiming Chen

DOI: https://doi.org/10.1109/mnet.116.2200034

IF: 10.294

2023-04-28

IEEE Network

Abstract:Industrial robots are prototypical cyber-physical systems that are widely deployed in smart and automated manufacturing systems. Industrial robots perform physical operations (picking-and-placing) based on their interactions with other devices in manufacturing systems via the manufacturing network. However, the networking of industrial robots also magnifies their risks to cyber attacks that endanger the physical world, for example, damaging manufacturing devices, degrading production quality/efficiency, or even hurting human operators. To protect industrial robots, a variety of security solutions have been proposed based on the robot's physical model, operation data, side channel information, and so on. In this article, we first summarize the literature of industrial robot security from perspectives of vulnerabilities, attacks, and existing security solutions. We also analyze the main challenges and difficulties hindering the development of robot security, including the lack of security awareness, lack of testbeds, the usually proprietary robot firmware/protocols, and limited on-board computing resources. Moreover, in order to facilitate the security research of industrial robots, we provide a dataset containing both normal and abnormal operation data of robots.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Bandar Alotaibi

DOI: https://doi.org/10.3390/s23177470

IF: 3.9

2023-08-29

Sensors

Abstract:The Industrial Internet of Things (IIoT) paradigm is a key research area derived from the Internet of Things (IoT). The emergence of IIoT has enabled a revolution in manufacturing and production, through the employment of various embedded sensing devices connected by an IoT network, along with a collection of enabling technologies, such as artificial intelligence (AI) and edge/fog computing. One of the unrivaled characteristics of IIoT is the inter-connectivity provided to industries; however, this characteristic might open the door for cyber-criminals to launch various attacks. In fact, one of the major challenges hindering the prevalent adoption of the IIoT paradigm is IoT security. Inevitably, there has been an inevitable increase in research proposals over the last decade to overcome these security concerns. To obtain an overview of this research area, conducting a literature survey of the published research is necessary, eliciting the various security requirements and their considerations. This paper provides a literature survey of IIoT security, focused on the period from 2017 to 2023. We identify IIoT security threats and classify them into three categories, based on the IIoT layer they exploit to launch these attacks. Additionally, we characterize the security requirements that these attacks violate. Finally, we highlight how emerging technologies, such as AI and edge/fog computing, can be adopted to address security concerns and enhance IIoT security.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Jichao Bi,Shibo He,Fengji Luo,Wenchao Meng,Luyue Ji,Da-Wen Huang

DOI: https://doi.org/10.1109/TII.2022.3231406

IF: 12.3

2023-01-01

IEEE Transactions on Industrial Informatics

Abstract:Industrial Internet of Things (IIoT) is vulnerable to advanced persistent threat (APT). In this article, we study a scenario in which APT is launched to attack IIoT devices. Considering the APTs lateral movement, a node-level state evolution model is established to calculate the probability of every device in an IIoT system to be compromised by APT. Based on this, a Stackelberg game model is proposed for the APT attacker and defender, which can accurately describe the gaming process. An effective computational approach is developed to obtain the potential Stackelberg equilibrium strategy pair of the game. Extensive case studies and comparison studies are conducted to validate the effectiveness of the proposed method.