Energy-Aware Green Adversary Model for Cyberphysical Security in Industrial System
TL;DR: An energy-aware green adversary model that runs on real-time anticipatory position-based query scheduling in order to minimize the communication and computation cost for each query, thus, facilitating energy consumption minimization.
Abstract: Adversary models have been fundamental to the various cryptographic protocols and methods. However, their use in most of the branches of research in computer science is comparatively restricted, primarily in case of the research in cyberphysical security (e.g., vulnerability studies, position confidentiality). In this article, we propose an energy-aware green adversary model for its use in smart industrial environment through achieving confidentiality. Even though, mutually the hardware and the software parts of cyberphysical systems can be improved to decrease its energy consumption, this article focuses on aspects of conserving position and information confidentiality. On the basis of our findings (assumptions, adversary goals, and capabilities) from the literature, we give some testimonials to help practitioners and researchers working in cyberphysical security. The proposed model that runs on real-time anticipatory position-based query scheduling in order to minimize the communication and computation cost for each query, thus, facilitating energy consumption minimization. Moreover, we calculate the transferring/acceptance slots required for each query to avoid deteriorating slots. The experimental results confirm that the proposed approach can diminish energy consumption up to five times in comparison to existing approaches
Citations
More filters
TL;DR: The results obtained show that the proposed security framework can efficiently and effectively meet the data confidentiality challenges introduced by the integration of blockchain, edge cloud, and SDN paradigm.
Abstract: The Internet of Things (IoT) plays a vital role in the real world by providing autonomous support for communications and operations, thus enabling and promoting novel services that are commonly used in day-to-day life. It is important to do research on security frameworks for next-generation IoT and develop state-of-the-art confidentiality protection schemes to deal with various attacks on IoT networks. In order to offer prominent features like continuous confidentiality, authentication, and robustness, the blockchain technology comes out as a sustainable solution. A blockchain-enabled distributed security framework using edge cloud and software-defined networking (SDN) is presented in this article. The security attack detection is achieved at the cloud layer, and security attacks are consequently reduced at the edge layer of the IoT network. The SDN-enabled gateway offers dynamic network traffic flow management, which contributes to the security attack recognition through determining doubtful network traffic flows and diminishes security attacks through hindering doubtful flows. The results obtained show that the proposed security framework can efficiently and effectively meet the data confidentiality challenges introduced by the integration of blockchain, edge cloud, and SDN paradigm.
100 citations
TL;DR: A smart collaborative balancing scheme to dynamically adjust the orchestration of network functions and efficiently optimize the workflow patterns to support service reliability of end hosts with different priorities and resists malicious attacks which are targeting the corresponding terminals inside domains.
Abstract: The evolution of cyber–physical system (CPS) benefits from substantial supports of many cutting-edge technologies. However, as a significant medium to bridge virtual and reality parts, the dependability of various network components is facing unprecedented challenges and threats. In this article, we propose a smart collaborative balancing (SCB) scheme to dynamically adjust the orchestration of network functions and efficiently optimize the workflow patterns. First, mathematical models of bandwidth allocation for multiuser with appropriate probability distribution are established. Matrix operations are utilized to solve the relevant issues based on individual congestion windows. Invasion defense mechanisms are also provided and discussed. Second, specific procedures of collaboration among different network components are presented. The capabilities of CPS, in terms of bandwidth allocation and invasion defense, are guaranteed via novel queueing policies and access control mechanisms. Third, we build a comprehensive prototype including multiple domains and users for validations. Experimental results in two scenarios illustrate that SCB not only supports service reliability of end hosts with different priorities, but also resists malicious attacks which are targeting the corresponding terminals inside domains. Compared to the benchmarks in software defined networks and traditional Internet, our scheme performs better in both available resource management and abnormal flow recognition aspects.
66 citations
TL;DR: An in-depth study of the performance of the LoRaWAN communication network in the context of an IoT application for a pilot farm is presented and a mathematical model that precisely predicts the successful packet delivery rate for this type of network is proposed.
66 citations
TL;DR: In this article , a lightweight and anonymity-preserving user authentication protocol is proposed to counter the security threats in the IoT networks, which uses only lightweight cryptography primitives (hash) to alleviate the node's tiny processor burden.
Abstract: Internet of Things (IoT) produces massive heterogeneous data from various applications, including digital health, smart hospitals, automated pathology labs, and so forth. IoT sensor nodes are integrated with the medical equipment to enable the health workers to monitor the patients’ health condition and appliances in real time. However, due to security vulnerabilities, an unauthorized user can access health-related information or control the IoT nodes attached to the patient’s body resulting in unprecedented outcomes. Due to wireless channels as a medium of communication, IoT poses several threats such as a denial of service attack, man-in-the-middle attack, and modification attack to the IoT networks’ security and privacy. The proposed research presents a lightweight and anonymity-preserving user authentication protocol to counter these security threats. The given scheme establishes a secure session for the legitimate user and prohibits unauthorized users from gaining access to the IoT sensor nodes. The proposed protocol uses only lightweight cryptography primitives (hash) to alleviate the node’s tiny processor burden. The proposed protocol is efficient and superior because it has low computational and communication costs than conventional protocols. The proposed scheme uses password protection to let only the legitimate user access the IoT sensor nodes to obtain the patient’s real-time health report.
59 citations
TL;DR: The proposed blockchain and homomorphic encryption-based data aggregation (BHDA) scheme shows a significant improvement in performance and privacy preservation with minimal computation overhead for data aggregation in smart grids.
50 citations
References
More filters
05 May 2008
TL;DR: It is concluded that it will not be sufficient to improve design processes, raise the level of abstraction, or verify designs that are built on today's abstractions to realize the full potential of cyber-Physical Systems.
Abstract: Cyber-Physical Systems (CPS) are integrations of computation and physical processes. Embedded computers and networks monitor and control the physical processes, usually with feedback loops where physical processes affect computations and vice versa. The economic and societal potential of such systems is vastly greater than what has been realized, and major investments are being made worldwide to develop the technology. There are considerable challenges, particularly because the physical components of such systems introduce safety and reliability requirements qualitatively different from those in general- purpose computing. Moreover, physical components are qualitatively different from object-oriented software components. Standard abstractions based on method calls and threads do not work. This paper examines the challenges in designing such systems, and in particular raises the question of whether today's computing and networking technologies provide an adequate foundation for CPS. It concludes that it will not be sufficient to improve design processes, raise the level of abstraction, or verify (formally or otherwise) designs that are built on today's abstractions. To realize the full potential of CPS, we will have to rebuild computing and networking abstractions. These abstractions will have to embrace physical dynamics and computation in a unified way.
3,309 citations
Additional excerpts
...performance of physical processes [1]....
[...]
07 Mar 2009
TL;DR: The PowerNap concept, an energy-conservation approach where the entire system transitions rapidly between a high-performance active state and a near-zero-power idle state in response to instantaneous load, is proposed and the Redundant Array for Inexpensive Load Sharing (RAILS) is introduced.
Abstract: Data center power consumption is growing to unprecedented levels: the EPA estimates U.S. data centers will consume 100 billion kilowatt hours annually by 2011. Much of this energy is wasted in idle systems: in typical deployments, server utilization is below 30%, but idle servers still consume 60% of their peak power draw. Typical idle periods though frequent--last seconds or less, confounding simple energy-conservation approaches.In this paper, we propose PowerNap, an energy-conservation approach where the entire system transitions rapidly between a high-performance active state and a near-zero-power idle state in response to instantaneous load. Rather than requiring fine-grained power-performance states and complex load-proportional operation from each system component, PowerNap instead calls for minimizing idle power and transition time, which are simpler optimization goals. Based on the PowerNap concept, we develop requirements and outline mechanisms to eliminate idle power waste in enterprise blade servers. Because PowerNap operates in low-efficiency regions of current blade center power supplies, we introduce the Redundant Array for Inexpensive Load Sharing (RAILS), a power provisioning approach that provides high conversion efficiency across the entire range of PowerNap's power demands. Using utilization traces collected from enterprise-scale commercial deployments, we demonstrate that, together, PowerNap and RAILS reduce average server power consumption by 74%.
1,002 citations
"Energy-Aware Green Adversary Model ..." refers background in this paper
...The energy request contains two parts: static and dynamic [22]....
[...]
19 Mar 2007
TL;DR: This paper examines the response to the 2000 SCADA security incident at Maroochy Water Services in Queensland, Australia and the lessons learned are useful for establishing academic and industry-based research agendas inSCADA security as well as for safeguarding critical infrastructure.
Abstract: Supervisory control and data acquisition (SCADA) systems are widely used to monitor and control operations in electrical power distribution facilities, oil and gas pipelines, water distribution systems and sewage treatment plants. Technological advances over the past decade have seen these traditionally closed systems become open and Internet-connected, which puts the service infrastructures at risk. This paper examines the response to the 2000 SCADA security incident at Maroochy Water Services in Queensland, Australia. The lessons learned from this incident are useful for establishing academic and industry-based research agendas in SCADA security as well as for safeguarding critical infrastructure
637 citations
Additional excerpts
...tion (SCADA) system is discussed in [3]....
[...]
TL;DR: A method for conserving position confidentiality of roaming PBSs users using machine learning techniques is proposed and it is confirmed that the proposed method achieved above 90% of the position confidentiality in PBSs.
Abstract: Position-based services (PBSs) that deliver networked amenities based on roaming user's positions have become progressively popular with the propagation of smart mobile devices. Position is one of the important circumstances in PBSs. For effective PBSs, extraction and recognition of meaningful positions and estimating the subsequent position are fundamental procedures. Several researchers and practitioners have tried to recognize and predict positions using various techniques; however, only few deliberate the progress of position-based real-time applications considering significant tasks of PBSs. In this paper, a method for conserving position confidentiality of roaming PBSs users using machine learning techniques is proposed. We recommend a three-phase procedure for roaming PBS users. It identifies user position by merging decision trees and k-nearest neighbor and estimates user destination along with the position track sequence using hidden Markov models. Moreover, a mobile edge computing service policy is followed in the proposed paradigm, which will ensure the timely delivery of PBSs. The benefits of mobile edge service policy offer position confidentiality and low latency by means of networking and computing services at the vicinity of roaming users. Thorough experiments are conducted, and it is confirmed that the proposed method achieved above 90% of the position confidentiality in PBSs.
196 citations
"Energy-Aware Green Adversary Model ..." refers background in this paper
...Owing to the widespread use of mobile devices in daily routine life, smart phone has turn out to be a predominant platform for mobile context-aware services, which have appealed abundant attention and boosted dynamic analysis of inferring user’s mobile contexts for suitable position-based system (PBS) services [11]–[16]....
[...]
TL;DR: This work designs a dependable distributed WSN framework for SHM (called DependSHM) and examines its ability to cope with sensor faults and constraints, and presents a distributed automated algorithm to detect such types of faults.
Abstract: As an alternative to current wired-based networks, wireless sensor networks (WSNs) are becoming an increasingly compelling platform for engineering structural health monitoring (SHM) due to relatively low-cost, easy installation, and so forth. However, there is still an unaddressed challenge: the application-specific dependability in terms of sensor fault detection and tolerance. The dependability is also affected by a reduction on the quality of monitoring when mitigating WSN constrains (e.g., limited energy, narrow bandwidth). We address these by designing a dependable distributed WSN framework for SHM (called DependSHM ) and then examining its ability to cope with sensor faults and constraints. We find evidence that faulty sensors can corrupt results of a health event (e.g., damage) in a structural system without being detected. More specifically, we bring attention to an undiscovered yet interesting fact, i.e., the real measured signals introduced by one or more faulty sensors may cause an undamaged location to be identified as damaged (false positive) or a damaged location as undamaged (false negative) diagnosis. This can be caused by faults in sensor bonding, precision degradation, amplification gain, bias, drift, noise, and so forth. In DependSHM , we present a distributed automated algorithm to detect such types of faults, and we offer an online signal reconstruction algorithm to recover from the wrong diagnosis. Through comprehensive simulations and a WSN prototype system implementation, we evaluate the effectiveness of DependSHM .
192 citations