Industrial Control Systems (ICS) networks offer a high level of automation combined with high levels of control, quality,and process improvement. Since network corporate users have to access the ICS environment, these networks have to be interconnected. However, this interconnection can introduce risks to the systems and manufacturing processes, which leads to the need to ensure the interconnection is done safely. The objective of this paper is to perform modeling and validation of a proposed secure interconnection between ICS and corporate networks using Colored Petri Networks (CPN). In addition to the best practices published in related works, this paper recommends some integrated features like the use of terminal server service, secure manual uplinks, and unidirectional security gatewayto enhance environmental security. However, our main contribution is the validation process performed in a CPN, which made it possible to execute queries in the state space resulting from the simulation -that works as a proof of concept. As a result, thepaper presents a secure and validated model of interconnection between ICS and corporate networks, capable of being applied to any interconnection environment
Industrial networks use specific equipment, software and protocols with specific characteristics according to the sector in which industry operates. They have a different life cycle than Information Technology (IT) and consequently were not developed with protection features, from a security point of view, there are cases with equipment using Microsoft Windows 3.11 or older operating systems, these equipment or systems are classified as legacy. Due to that the demand for remote support, connection in the corporate networks and sometimes to the Internet has increased what is called attack surface, that is, industrial networks that were once isolated became exposed, with several exploitable vulnerabilities and the number of incidents, in this case cyber-attacks, began to increase to the point of affecting people lives, whether in factories or daily. Identifying the main vulnerabilities already documented and defining a set of security standards for legacy industrial networks is a possibility to define a standards validation environment for these networks and consequently support operators to identify vulnerabilities and act proactively. A systematic review of articles, annals of events and specialized literature was carried out to identify the state of the art regarding topics involving legacy industrial networks, identification of anomalies and security standards to present gaps and propose a research agenda, critical analysis of the works developed. Finally, recommend conducting further research and conducting experiments to assist academia and market in dealing with these scenarios, something that is very common in Brazilian industry given the high investment cost for updating proprietary systems.
With the growth in the spread of ransomware, this malware has become a major threat to businesses and computer users. Ransomware is a different kind of malware that can block the screen of infected computers and/or encrypt the files, and only release them for payment. Due to the evolution of the techniques of obfuscation of ransomware, it becomes more difficult to detect by antivirus software among others. Because of the financial return it provides, because in most attacks users make the payment because they do not have an information security policy and together with the lack of regular backups. The present work uses an approach in which it identifies and classifies types of ransomware using machine learning algorithms such as Naive Bayes, Support Vector Machines -SVM, and K-nearest neighbors KNN. In the end, it is expected that the samples presented can be correctly identified and classified, and that which algorithm has obtained the best result.
Predictive maintenance is a prominent area inside Industry 4.0. Fault diagnosis is a part that integrates this context because it enables maintenance before the breakdown. Deep Learning techniques have been widely explored in literature for this diagnosis. However, most of the research assumes that the training and test data belong to the same distribution; that is different in industrial scenarios, where differences in working conditions cause discrepancies in the data. This issue increases the need for more labeled data for a reliable classifier. However, acquiring and labeling this data is costly and laborious. To deal with this, domain adaptation techniques are used. Despite this, fault diagnosis lacks experiments with more complex scenarios, with more variations in working conditions such as load and speed. To overcome this problem, bibliographical research composed of two Systematic Reviews of the Literature is proposed to structure an experiment to select a reliable model for domain adaptation. The results concluded that the grayscale time-frequency images generated by CWT and FSWT, combined with architectures such as MDD, CAN, and Discluster-DA, should compose the experiment to select a reliable model most applicable to an industrial environment. Keywords: Industry 4.0; predictive maintenance; fault diagnosis; transfer learning; domain adaptation; different operating conditions PROPOSIÇÃO DE EXPERIMENTO PARA SELEÇÃO DE MODELO DE DEEP LEARNING PARA O DIAGNÓSTICO DE FALHAS EM CENÁRIOS INDUSTRIAIS RESUMOA manutenção preditiva é uma área promissora dentro da Indústria 4.0. O diagnóstico de falhas é uma parte integrante deste contexto, pois possibilita que medidas de manutenção sejam tomadas antes de uma eventual quebra. As técnicas de Deep Learning vêm sendo amplamente exploradas na literatura para estes diagnósticos. No entanto, grande parte dos trabalhos assumem que os dados de treinamento e teste pertencem a mesma distribuição, o que de fato não ocorre em cenários industriais onde variações de operação causam discrepância nos dados. Esta característica aumenta a necessidade de mais dados rotulados para que o classificador seja mais robusto. Porém adquirir e rotular estes dados é custoso laborioso. Para resolver este problema técnicas de adaptação de domínio estão sendo empregadas. No entanto, esta área carece de experimentos com cenários mais complexos, com maiores variações de condições de operação como carga e velocidade. Para lidar com este problema, este trabalho propõe uma pesquisa bibliográfica composta por duas Revisões Sistemáticas da Literatura, para estruturar um experimento para a seleção de um modelo robusto de adaptação de domínio. Com os resultados, conclui-se que as imagens do domínio tempo-frequência, geradas por CWT e FSWT em escala de cinza, aliadas a arquiteturas como MDD, CAN e Discluster-DA, devem compor o experimento para selecionar um modelo robusto, que seja mais aplicável a um cenário industrial. Palavras-chave: Indústria 4.0; manutenção preditiva; diagnóstico de falhas; transfer ...
A Flash Crowd (FC) event occurs when network traffic increases suddenly due to a specific reason (e.g. e-commerce sale). Despite its legitimacy, this kind of situation usually decreases the network resource performance. Furthermore, attackers may simulate FC situations to introduce undetected attacks, such as Distributed Denial of Service (DDoS), since it is very difficult to distinguish between legitimate and malicious data flows. To differentiate malicious and legitimate traffic we propose applying zero inflated count data models in conjunction with the Correlation Coefficient Flow (CCF) method – a well-known method used in FC situations. Our results were satisfactory and improve the accuracy of CCF method. Furthermore, since the environment toggles between normal and FC situations, our method has the advantage of working in both situations.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.