Abstract
With the burgeoning growth of Cyber-Physical Systems (CPSs) and Internet of Things (IoT) in every sphere of life, researchers face new challenges in sensor network security. Most of the research in this area only deals with vulnerabilities, attacks and countermeasures. However, considering security of WSN as a comprehensive unit in the practical deployment of CPS is still missing. The need for the system engineers is to be able to assess the performance of a WSN against attacks and failures so that they may design reliable and stable networks. In this chapter, we are explaining our proposed novel multi-level Network Security & Privacy Evaluation Scheme (NSES) to represent different security levels. The main objective of this evaluation scheme is to help system engineers and security experts to be able to assess the security needs of their networks and maintain the required protection level of the network at early design phases. Through five different case studies, we have demonstrated the application of this scheme. This chapter explain the way this scheme may be used to evaluate and assess the security in different scenarios. These case studies also help in endorsing the usability of the proposed scheme across different application domains.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
http://www.malwaremustdie.org/, 2012, [Online; accessed 2019/07/07].
- 2.
https://trustedcomputinggroup.org/, 2019, [Online; accessed 2019/07/07].
References
Y. Ashibani, Q.H. Mahmoud, Cyber physical systems security: analysis, challenges and solutions. Comput. Secur. 68, 81–97 (2017)
Z. Zhang, J. Porter, E. Eyisi, G. Karsai, X. Koutsoukos, J. Sztipanovits, Co-simulation framework for design of time-triggered cyber physical systems, in Proceedings of the ACM/IEEE 4th International Conference on Cyber-Physical Systems, Ser. ICCPS ’13 (ACM, New York, 2013), pp. 119–128. Available: http://doi.acm.org.ezproxy.library.uvic.ca/10.1145/2502524.2502541
B. Berry, Do you know these key SCADA concepts SCADA tutorial: a quick, easy, comprehensive guide(white paper), DPS Telecom, Technical Report (2011)
A. Humayed, J. Lin, F. Li, B. Luo, Cyber-physical systems security—A survey, CoRR (2017). Available: http://arxiv.org/abs/1701.04525
S. Ali, T. Al Balushi, Z. Nadir, O.K. Hussain, ICS/SCADA System Security for CPS ( Springer, Cham, 2018), pp. 89–113. Available: https://doi.org/10.1007/978-3-319-75880-05
M. Sharma, F. Gebali, H. Elmiligi, M. Rahman, Network security evaluation scheme(NSES) for WSN in cyber-physical systems, in 2018 IEEE 9th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), (2018), pp. 1145–1151
J. Fruhlinger, What is stuxnet, who created it and how does it work? CSO, Technical Report, August 22, 2017. Available: https://www.csoonline.com/article/3218104/
B. Bencsáth, G. Pék, L. Buttyán, M. Félegyházi, The cousins of stuxnet: Duqu, flame, and gauss. Future Internet 4(4), 971–1003 (2012). Available: https://www.mdpi.com/1999-5903/4/4/971
M.B. Farrell, J. Detsch, Hard lessons for Energy Department, power sector after Ukraine hack (2016). Available: http://link.galegroup.com/apps/doc/A452362153/CPI?u=uvictoria{&}sid=CPI{\&}xid=02ff6650
Botnets, Mirai, in NJ Cybersecurity & Communications Integration Cell(NJCCIC) (2016). Available: https://www.cyber.nj.gov/threat-profiles/botnet-variants/mirai-botnet
J. Slay, M. Miller, Lessons learned from the maroochy water breach, in International Federation for Information Processing Digital Library; Critical Infrastructure Protection, vol. 253, (Springer, Boston,2007), pp. 73–82
M.D. Abrams, Malicious control system cyber security attack case study: Maroochy water services, australia, Technical Papers, August 2008. Available: https://www.mitre.org/publications/technical-papers/malicious-control-system-cyber-security-attack-case-study-maroochy-water-services-australia
E. Colbert, Security of cyber-physical systems, J. Cyber Sect. Inf. Syst. 5(1), 41–47 (2017)
J. LaPiedra, The information security process: Prevention, detection and response, GIAC Directory of Certified Professionals, (SANS Institute, Bethesda, 2000–2002)
M.S. Hossain, V. Raghunathan, Aegis: a lightweight firewall for wireless sensor networks, in Distributed Computing in Sensor Systems, ed. by R. Rajaraman, T. Moscibroda, A. Dunkels, A. Scaglione (Springer, Berlin, 2010), pp. 258–272
M. Wilhelm, I. Martinovic, J. Schmitt, V. Lenders, Wifire: a firewall for wireless networks, in Proceedings of the ACM SIGCOMM 2011 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, Toronto, August 15–19, 2011, (2011), pp. 456–457
Y. Zhou, Y. Zhang, Y. Fang, Access control in wireless sensor networks, in Ad Hoc Networks. Security Issues in Sensor and Ad Hoc Networks, vol. 5, No. 1, (Elsevier, Amsterdam, 2007), pp. 3–13. Available: http://www.sciencedirect.com/science/article/pii/S1570870506000497
S. Kumaran, N. Kailasanathan, S. Mohan, Review of asymmetric key cryptography in wireless sensor networks, Int. J. Eng. Tech. 8, 859–862, (2016)
S. Kumaran, P. Ilango, Evolution of key management and variations of random pre key distribution in wireless sensor network: survey. Int. J. Appl. Eng. Res. 9, 11 681–11 688, (2014)
S. Mohammadi, H. Mirvaziri, M. Ghazizadeh-Ahsaee, H. Karimipour, Cyber intrusion detection by combined feature selection algorithm, J. Inf. Sect. Appl. 44, 80–88 (2019). Available: http://www.sciencedirect.com/science/article/pii/S2214212618304617
S. Mohammadi, V. Desai, H. Karimipour, Multivariate mutual information-based feature selection for cyber intrusion detection, in 2018 IEEE Electrical Power and Energy Conference (EPEC) (IEEE, Piscataway, 2018), pp. 1–6
E. Modiri Dovom, A. Azmoodeh, A. Dehghantanha, D. Ellis Newton, R. Parizi, H. Karimipour, Fuzzy pattern tree for edge malware detection and categorization in IoT. J. Sys. Architect. 97, 1–7, (2019)
I. Tomić, J.A. McCann, A survey of potential security issues in existing wireless sensor network protocols, IEEE Internet Things J. 4(6), 1910–1923 (2017)
H. Karimipour, S. Geris, A. Dehghantanha, H. Leung, Intelligent anomaly detection for large-scale smart grids, in IEEE Canadian Conference on Electrical and Computer Engineering (CCECE), Edmonton (2019)
H.J. Liao, C.H.R. Lin, Y.C. Lin, K.Y. Tung, Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16–24 (2013). Available: http://www.sciencedirect.com/science/article/pii/S1084804512001944
S. Duhan, P. Khandnor, Intrusion detection system in wireless sensor networks: a comprehensive review, in 2016 International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT) (2016), pp. 2707–2713
N.A. Alrajeh, S. Khan, B. Shams, Intrusion detection systems in wireless sensor networks: a review. Int. J. Distrib. Sens. Netw. 9(5), 167575 (2013)
H.H. Pajouh, R. Javidan, R. Khayami, A. Dehghantanha, K.R. Choo, A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in iot backbone networks. IEEE Trans. Emerg. Top. Comput. 7(2), 314–323 (2019)
H. Karimipour, A. Dehghantanha, R. Parizi, R. Choo, H. Leung, A deep and scalable unsupervised machine learning system for cyber-attack detection in large-scale smart grids, in IEEE Access ( IEEE, Piscataway, 2019)
S. Geris, H. Karimipour, A feature selection-based approach for joint cyber-attack detection and state estimation, in IEEE International Conference on Smart Energy Grid Engineering (SEGE), Oshawa (2019)
M.R. Begli, F. Derakhshan, H. Karimipour, A layered intrusion detection system for critical infrastructure using machine learning, in IEEE International Conference on Smart Energy Grid Engineering (SEGE), Oshawa (2019)
J. Sakhnini, A. Dehghantanha, H. Karimipour, Smart grid cyber attacks detection using supervised learning and heuristic feature selection, in IEEE International Conference on Smart Energy Grid Engineering (SEGE) (2019)
C. Paquet, Implementing Cisco IOS Network Security (IINS): (CCNA Security Exam 640-553) (Authorized Self-Study Guide), ch. Network Security Using Cisco IOS IPS (Cisco Press, Indianapolis, 2009)
C.C. Portal, Common Criteria for Information Technology Security Evaluation (2012 ). www.commoncriteriaportal.org/files/ccfiles/CCPART3V3.1R4.pdf
K. Caplan, J.L. Sanders, Building an international security standard. IT Prof. 1(2), 29–34 (1999)
Common Criteria (2018) . Available: www.commoncriteriaportal.org
U.S. Department of Commerce, Security Requirements For Cryptographic Modules (National Institute of Standards and Technology, Gaithersburg, 2001). Available: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf
ETSI, CYBER; Cyber Security for Consumer Internet of Things, (2019). Available: https://www.etsi.org
A.A. Cardenas, T. Roosta, S. Sastry, Rethinking security properties, threat models, and the design space in sensor networks: a case study in SCADA systems. Ad Hoc Netw. 7(8), 1434–1447 (2009)
H. Orojloom M.A. Azgomi, A method for modeling and evaluation of the security of cyber-physical systems, in 2014 11th International ISC Conference on Information Security and Cryptology (2014), pp. 131–136
A. Ashok, A. Hahn, M. Govindarasu, Cyber-physical security of wide-area monitoring, protection and control in a smart grid environmen. J. Adv. Res. 5(4), 481–489 (2014). Cyber Security
A. Ramos, R.H. Filho, Sensor data security level estimation scheme for wireless sensor networks. Sensors 15, 2104–2137 (2015)
X. Wu, J. Li, W. Yao, A network security evaluation model based on common criteria, in 2008 International Conference on Apperceiving Computing and Intelligence Analysis (2008), pp. 416–420
Z. Han, X. Li, R. Feng, J. Hu, G. Xu, Z. Feng, A three-dimensional model for software security evaluation, in 2014 Theoretical Aspects of Software Engineering Conference (2014), pp. 34–41
M. Burmester, E. Magkos, V. Chrissikopoulos, Modeling security in cyber physical systems. Int. J. Crit. Infrastruct. Prot. 5(3), 118–126 (2012)
H. Fouchal, J. Blesa, E. Romero, A. Araujo, O. Nieto Taladrez, A security scheme for wireless sensor networks, in 2016 IEEE Global Communications Conference (GLOBECOM) (2016), pp. 1–5
Y. Ping, J. Xinghao, W. Yue, L. Ning, Distributed intrusion detection for mobile ad hoc networks. J. Syst. Eng. Electron. 19(4), 851–859 (2008)
M.F. Othman, K. Shazali, Wireless sensor network applications: a study in environment monitoring system. Procedia Eng. 41, 1204–1210 (2012); International Symposium on Robotics and Intelligent Sensors 2012 (IRIS 2012)
J. Wang, H. Abid, S. Lee, F. Xia, Secured health care application architecture for cyber-physical systems (2012). ArXiv e-prints
O. Kocabas, T. Soyata, M.K. Aktas, Emerging security mechanisms for medical cyber physical systems. IEEE/ACM Trans. Comput. Biol. Bioinforma. 13(3), 401–416 (2016)
S. Pathania, N. Bilandi, Security issues in wireless body area network. Int. J. Comput. Sci. Mob. Comput. 3(4), 1171–1178 (2014)
S. Al-Janabi, I. Al-Shourbaji, M. Shojafar, S. Shamshirband, Survey of main challenges (security and privacy) in wireless body area networks for healthcare applications. Egypt. Inf. J. 18(2), 113–122 (2017)
M.A. Jan, P. Nanda, X. He, R.P. Liu, A sybil attack detection scheme for a forest wildfire monitoring application. Futur. Gener. Comput. Syst. 80, 613–626 (2018)
V. Sivaraman, D. Chan, D. Earl, R. Boreli, Smart-phones attacking smart-homes, in Proceedings of the 9th ACM Conference on Security; Privacy in Wireless and Mobile Networks, Ser. WiSec ’16 (ACM, New York, 2016), pp. 195–200
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Sharma, M., Elmiligi, H., Gebali, F. (2020). Network Security and Privacy Evaluation Scheme for Cyber Physical Systems (CPS). In: Choo, KK., Dehghantanha, A. (eds) Handbook of Big Data Privacy. Springer, Cham. https://doi.org/10.1007/978-3-030-38557-6_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-38557-6_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-38556-9
Online ISBN: 978-3-030-38557-6
eBook Packages: Computer ScienceComputer Science (R0)