Securing industrial automation and control systems using application whitelisting

Obermeier, Sebastian; Schierholz, Ragnar; Hristova, Ana

doi:10.1109/etfa.2014.7005242

Cited by 5 publications

(2 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Smart prioritization makes use of existing knowledge, insights, and previous experiences related to system dynamics to identify an efficient and exceptionally effective defensive strategy [113]; • Test all patches in off-line test environments before implementation; • Implement application whitelisting on human-machine interfaces. Application whitelisting is a security technique that enhances security by allowing systems to run only those applications that have been explicitly approved and listed in a designated whitelist [114]; • Harden field devices, including tablets and smartphones; • Replace out-of-date software and hardware devices; • After conducting thorough testing to confirm that it will not disrupt ICS operations, disable unused ports and services on ICS devices; • Implement and test system backups and recovery processes; • Configure encryption and security for ICS protocols.…”

Section: Host Securitymentioning

confidence: 99%

Securing Industrial Control Systems: Components, Cyber Threats, and Machine Learning-Driven Defense Strategies

Nankya,

Chataut,

Akl

2023

Sensors

View full text Add to dashboard Cite

Industrial Control Systems (ICS), which include Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and Programmable Logic Controllers (PLC), play a crucial role in managing and regulating industrial processes. However, ensuring the security of these systems is of utmost importance due to the potentially severe consequences of cyber attacks. This article presents an overview of ICS security, covering its components, protocols, industrial applications, and performance aspects. It also highlights the typical threats and vulnerabilities faced by these systems. Moreover, the article identifies key factors that influence the design decisions concerning control, communication, reliability, and redundancy properties of ICS, as these are critical in determining the security needs of the system. The article outlines existing security countermeasures, including network segmentation, access control, patch management, and security monitoring. Furthermore, the article explores the integration of machine learning techniques to enhance the cybersecurity of ICS. Machine learning offers several advantages, such as anomaly detection, threat intelligence analysis, and predictive maintenance. However, combining machine learning with other security measures is essential to establish a comprehensive defense strategy for ICS. The article also addresses the challenges associated with existing measures and provides recommendations for improving ICS security. This paper becomes a valuable reference for researchers aiming to make meaningful contributions within the constantly evolving ICS domain by providing an in-depth examination of the present state, challenges, and potential future advancements.

show abstract

Section: Host Securitymentioning

confidence: 99%

Securing Industrial Control Systems: Components, Cyber Threats, and Machine Learning-Driven Defense Strategies

Nankya,

Chataut,

Akl

2023

Sensors

View full text Add to dashboard Cite

show abstract

“…Obermeier et al apply whitelisting to applications for protecting industrial automation and control systems. They find application whitelisting to be an effective means of preventing the instal- lation of malware [13].…”

Section: Related Workmentioning

confidence: 99%

IoTProtect: Highly Deployable Whitelist-based Protection for Low-cost Internet-of-Things Devices

Ying

Hara³

et al. 2018

Journal of Information Processing

View full text Add to dashboard Cite

In recent years, many Internet-of-Things (IoT) devices, such as home routers and Internet Protocol (IP) cameras, have been compromised through infection by malware as a consequence of weak authentication and other vulnerabilities. Malware infection can lead to functional disorders and/or misuse of these devices in cyberattacks of various kinds. However, unlike personal computers (PCs), low-cost IoT devices lack rich computational resources, with the result that conventional protection mechanisms, such as signature-based anti-virus software, cannot be used. In this study, we present IoTProtect, a lightweight , whitelist-based protection mechanism that can be deployed easily on existing commercial products with very little modification of their firmware. IoTProtect uses a whitelist to check processes running on IoT devices and terminate unknown processes periodically. Our experiments using four low-cost IoT devices and 4,981 in-the-wild malware binaries show that IoTProtect successfully terminated 99.92% of the processes created by the binaries within 44 seconds after their infection with central processing unit (CPU) overhead of 24% and disk space overhead of 288 KB.

show abstract

Mitigating Mirai Malware Spreading in IoT Environment

Gopal

Mallesh

Jyostna

et al. 2018

2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI)

View full text Add to dashboard Cite

Securing industrial automation and control systems using application whitelisting

Cited by 5 publications

References 12 publications

Securing Industrial Control Systems: Components, Cyber Threats, and Machine Learning-Driven Defense Strategies

Securing Industrial Control Systems: Components, Cyber Threats, and Machine Learning-Driven Defense Strategies

IoTProtect: Highly Deployable Whitelist-based Protection for Low-cost Internet-of-Things Devices

Mitigating Mirai Malware Spreading in IoT Environment

Contact Info

Product

Resources

About