Maede Zolanvari scite author profile

This article surveys blockchain-based approaches for several security services. These services include authentication, confidentiality, privacy and access control list (ACL), data and resource provenance, and integrity assurance. All these services are critical for the current distributed applications, especially due to the large amount of data being processed over the networks and the use of cloud computing. Authentication ensures that the user is who he/she claims to be. Confidentiality guarantees that data cannot be read by unauthorized users. Privacy provides the users the ability to control who can access their data. Provenance allows an efficient tracking of the data and resources along with their ownership and utilization over the network. Integrity helps in verifying that the data has not been modified or altered. These services are currently managed by centralized controllers, for example, a certificate authority. Therefore, the services are prone to attacks on the centralized controller. On the other hand, blockchain is a secured and distributed ledger that can help resolve many of the problems with centralization. The objectives of this paper are to give insights on the use of security services for current applications, to highlight the state of the art techniques that are currently used to provide these services, to describe their challenges, and to discuss how the blockchain technology can resolve these challenges. Further, several blockchain-based approaches providing such security services are compared thoroughly. Challenges associated with using blockchain-based security services are also discussed to spur further research in this area.

show abstract

Machine Learning-Based Network Vulnerability Analysis of Industrial Internet of Things

Zolanvari

Teixeira

Gupta

et al. 2019

IEEE Internet Things J.

361

149

View full text Add to dashboard Cite

From 2012 to 2015, her research concerned performance improvement of communication networks. Since 2015, she has been a Graduate Research Assistant with Washington University in St. Louis. Her current research interests include utilizing machine learning and deep learning for network security of the Industrial Internet of Things, Internet of Things, machine learning, cyber-security, secure computer networks, and wireless communications. Marcio A. Teixeira (M'18-SM'18) received the M.Sc. degree in computer science and the Ph.D. degree in electrical engineering from the Federal

show abstract

Cybersecurity for industrial control systems: A survey

Bhamare

Zolanvari

Erbad

et al. 2020

Computers & Security

216

View full text Add to dashboard Cite

Industrial Control System (ICS) is a general term that includes supervisory control & data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (PLC). ICSs are often found in the industrial sectors and critical infrastructures, such as nuclear and thermal plants, water treatment facilities, power generation, heavy industries, and distribution systems. Though ICSs were kept isolated from the Internet for so long, significant achievable business benefits are driving a convergence between ICSs and the Internet as well as information technology (IT) environments, such as cloud computing. As a result, ICSs have been exposed to the attack vectors used in the majority of cyber-attacks. However, ICS devices are inherently much less secure against such advanced attack scenarios. A compromise to ICS can lead to enormous physical damage and danger to human lives. In this work, we have a close look at the shift of the ICS from stand-alone systems to cloud-based environments. Then we discuss the major works, from industry and academia towards the development of the secure ICSs, especially applicability of the machine learning techniques for the ICS cyber-security. The work may help to address the challenges of securing industrial processes, particularly while migrating them to the cloud environments.

show abstract

Recent Advances in the Internet-of-Medical-Things (IoMT) Systems Security

Ghubaish

Salman

Zolanvari

et al. 2021

IEEE Internet Things J.

224

View full text Add to dashboard Cite

The rapid evolutions in micro-computing, minihardware manufacturing, and machine to machine (M2M) communications have enabled novel Internet of Things (IoT) solutions to reshape many networking applications. Healthcare systems are among these applications that have been revolutionized with IoT, introducing an IoT branch known as the Internet of Medical Things (IoMT) systems. IoMT systems allow remote monitoring of patients with chronic diseases. Thus, it can provide timely patients' diagnostic that can save their life in case of emergencies. However, security in these critical systems is a major challenge facing their wide utilization.In this paper, we present state-of-the-art techniques to secure IoMT systems' data during collection, transmission, and storage. We comprehensively overview IoMT systems' potential attacks, including physical and network attacks. Our findings reveal that most security techniques do not consider various types of attacks. Hence, we propose a security framework that combines several security techniques. The framework covers IoMT security requirements and can mitigate most of its known attacks.

show abstract

SCADA System Testbed for Cybersecurity Research Using Machine Learning Approach

et al. 2018

View full text Add to dashboard Cite

This paper presents the development of a SCADA system testbed used for cybersecurity research. The testbed consists of a water storage tank's control system, which is a stage in the process of water treatment and distribution. Sophisticated cyber-attacks are conducted against the testbed. During the attacks, the network traffic is captured, and features are extracted from the traffic to build a dataset for training and testing different machine learning algorithms. Five traditional machine learning algorithms are trained to detect the attacks: Random Forest, Decision Tree, Logistic Regression, Naïve Bayes and KNN. After that, the trained machine learning models are built and deployed in the network, where new tests are made using online network traffic. The performance obtained during the training and test of the machine learning models is compared to the performance obtained during the online deployment of these models in the network. The results show the efficiency of the machine learning models in detecting the attacks in real time. The testbed provides a good understanding of the effects and consequences of attacks on real SCADA environments.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Maede Zolanvari

Security Services Using Blockchains: A State of the Art Survey

Machine Learning-Based Network Vulnerability Analysis of Industrial Internet of Things

Cybersecurity for industrial control systems: A survey

Recent Advances in the Internet-of-Medical-Things (IoMT) Systems Security

SCADA System Testbed for Cybersecurity Research Using Machine Learning Approach

Contact Info

Product

Resources

About