SCADAWall: A CPI-enabled firewall model for SCADA security

Liu, Dong; Guo, Huaqun; Zhou, Jianying; Zhou, Lihua; Wong, Jun Wen

doi:10.1016/j.cose.2018.10.002

Cited by 41 publications

(13 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Trying to cope with data injection attacks in ICS, Wang et al [26] proposed a new method that uses a Long Short Term Memory Recurrent Neural Network (LSTM-RNN) as a temporal sequences predictor. Li et al [27] proposed a SCADA firewall model, called SCADAWall, for SCADA security. The SCADAWall model is powered by a comprehensive packet inspection (CPI) technology.…”

Section: Related Workmentioning

confidence: 99%

Blockchain and Random Subspace Learning-Based IDS for SDN-Enabled Industrial IoT Security

Derhab

Gabsi

Gumaei

et al. 2019

Sensors

137

View full text Add to dashboard Cite

The industrial control systems are facing an increasing number of sophisticated cyber attacks that can have very dangerous consequences on humans and their environments. In order to deal with these issues, novel technologies and approaches should be adopted. In this paper, we focus on the security of commands in industrial IoT against forged commands and misrouting of commands. To this end, we propose a security architecture that integrates the Blockchain and the Software-defined network (SDN) technologies. The proposed security architecture is composed of: (a) an intrusion detection system, namely RSL-KNN, which combines the Random Subspace Learning (RSL) and K-Nearest Neighbor (KNN) to defend against the forged commands, which target the industrial control process, and (b) a Blockchain-based Integrity Checking System (BICS), which can prevent the misrouting attack, which tampers with the OpenFlow rules of the SDN-enabled industrial IoT systems. We test the proposed security solution on an Industrial Control System Cyber attack Dataset and on an experimental platform combining software-defined networking and blockchain technologies. The evaluation results demonstrate the effectiveness and efficiency of the proposed security solution.

show abstract

Section: Related Workmentioning

confidence: 99%

Blockchain and Random Subspace Learning-Based IDS for SDN-Enabled Industrial IoT Security

Derhab

Gabsi

Gumaei

et al. 2019

Sensors

137

View full text Add to dashboard Cite

show abstract

“…However, unlike the 2004 study, the study in Wool et al 8 doesn’t suggest that later software versions have fewer errors. Li et al 9 proposed a new Supervisory Control and Data Acquisition firewall model powered by the Comprehensive Packet Inspection (CPI) technology. This model includes a new Proprietary Industrial Protocols Extension Algorithm to extend capabilities to proprietary industrial protocol protection, and an Out-of-Sequence Detection Algorithm to detect abnormality within industrial operations.…”

Section: Research Surveys On Critical Cybersecurity Topicsmentioning

confidence: 99%

Educational modules and research surveys on critical cybersecurity topics

Wang

Yang

Wan

2020

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

Cybersecurity comprised all the technologies and practices that protect data as well as computer and network systems. In this article, we develop four course modules on critical cybersecurity topics that can be adopted in college-level cybersecurity courses in which these topics are covered. Our goal for developing these course modules with the hands-on labs is to increase students’ understanding and hands-on experiences on these critical topics that support cyber skills development for college students. The hands-on labs are designed to enhance students’ engagement and provide them hands-on experiences with real-world cyber activities to augment their cyber education of both foundational and advanced skills. We also conduct research surveys on the most-recent significant research in these critical cybersecurity fields. These cybersecurity course modules with the labs are also designed to help college/university professors enhance and update their cybersecurity course content, activities, hands-on lab exercises, and pedagogical methods, as well as emphasize the cyber skills to meet today’s pressing cybersecurity education needs for college students. Our proposed cybersecurity modules with hands-on labs will also help building the nation’s cybersecurity workforce.

show abstract

“…This incongruence is obvious with the differing mentality with regards to SCADA systems, in particular as seen by SCADA operators, the threat to safety and continuity of the process, far outweighs the application of IT security technologies [10]. The increasing interconnectivity and integration of SCADA systems has also amplified the exposure of the network to a greater number of access points, this not only provides the need for greater understanding but compounds the complexity of the environment with a greater number of subsystems that have interconnections between each other [8,9]. This further makes redundant the older security beliefs of 'air gap' or security through obscurity, and disconnection from internet.…”

Section: Common Threats and Vulnerabilitiesmentioning

confidence: 99%

Convergence of IT and SCADA: Associated Security Threats and Vulnerabilities

Smurthwaite

Bhattacharya

2020

IOP Conf. Ser.: Mater. Sci. Eng.

View full text Add to dashboard Cite

As many industries shift towards centralised controlled information systems for monitoring and control, more importance is being placed upon technologies such as Supervisory Control and Data Acquisitions industrial systems (SCADA). This focus on integration and interoperability presents numerous challenges for security personnel and organisational management alike. It becomes paramount therefore to reciprocate this new direction within an organisation with adequate plans and frameworks that ensure protection and security of its SCADA architecture. A clear understanding of the relevant threats and vulnerabilities is critical for adopting/developing appropriate policy and frameworks. To this end, in this research we identify and analyse relevant SCADA security threats and vulnerabilities and present a simple scheme to classify them for better understanding.

show abstract

SCADAWall: A CPI-enabled firewall model for SCADA security

Cited by 41 publications

References 5 publications

Blockchain and Random Subspace Learning-Based IDS for SDN-Enabled Industrial IoT Security

Blockchain and Random Subspace Learning-Based IDS for SDN-Enabled Industrial IoT Security

Educational modules and research surveys on critical cybersecurity topics

Convergence of IT and SCADA: Associated Security Threats and Vulnerabilities

Contact Info

Product

Resources

About