WiP: Distributed Intrusion Detection System for TCP/IP-Based Connections in Industrial Environments Using Self-organizing Maps

Kharitonov, Aleksei; Zimmermann, A

doi:10.1007/978-3-030-81645-2_14

Cited by 2 publications

(1 citation statement)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Furthermore, TCP/IP-based systems are susceptible to various forms of cyber-attacks, including denial-of-service (DoS) attacks and man-in-the-middle (MitM) attacks. These attacks can disrupt network operations, degrade service quality, or facilitate unauthorized access to sensitive data [52]- [57]. Mitigating these threats requires implementing robust security measures, such as firewalls, intrusion detection systems, and encryption protocols, to safeguard TCP/IP-based communications and protect user privacy.…”

Section: Introductionmentioning

confidence: 99%

Performance, privacy, and security issues of TCP/IP at the application layer: A comprehensive survey

Timothy Murkomen

2024

GSC Adv. Res. Rev.

View full text Add to dashboard Cite

TCP/IP is the backbone of modern network communication, connecting devices across the world. TCP/IP at its core is a suite of protocols that enables the transmission of data between computers, facilitating the foundation of the interconnected global network. At the Application Layer of TCP/IP is where the interaction between software applications and the network occurs. The user-centric protocols such as HTTP, SMTP, FTP, POP3, IMAP and DNS facilitate various tasks at this layer such as web browsing, email communication, and file transfer. This comprehensive survey conducted an exploration of the performance, security and privacy issues at the application layer of the TCP/IP. It initiated by providing a background of TCP/IP model, it’s architecture and the core characteristics, with major focus on the application layer. This paper aimed to discuss the state-of-the-art of performance, privacy and security concerns in TCP/IP application layer. It also proposed future research areas to equip researchers, practitioners, policy makers and the decision makers with tangible knowledge, offering guidance in navigating the performance, privacy and security concerns in TCP/IP Application Layer. It aimed to discuss the current performance, privacy and security research gaps at the Application Layer of the TCP/IP Model. The findings of this research sheds light on the performance, privacy and security issues while suggesting the countermeasures to strengthen and optimize the overall performance, security and privacy of TCP/IP model at the application layer. The paper finally suggests future directions and research areas at the TCP/IP application layer.

show abstract

Section: Introductionmentioning

confidence: 99%

Performance, privacy, and security issues of TCP/IP at the application layer: A comprehensive survey

Timothy Murkomen

2024

GSC Adv. Res. Rev.

View full text Add to dashboard Cite

show abstract

Ensuring cybersecurity for industrial networks: A solution for ARP-based MITM attacks

Bruschi,

Di Pasquale,

Lanzi

et al. 2024

JCS

View full text Add to dashboard Cite

The increased adoption of the Internet Protocol (IP) in ICSs has made these systems vulnerable to the same security risks that are present in traditional IT environments. The legacy nature of ICSs and their unique operational requirements make them vulnerable to security threats that are different from those in IT environments. In this paper, we describe a protocol, named ArpON, which is able to wipe out in quasi real time any ARP cache poisoning attempt, thus making it ineffective. Contrarily to solutions presented in the literature for contrasting ARP cache poisoning, ArpON incurs in low operational costs, is backward compatible, transparent to the ARP protocol and does not use any HW feature nor cryptography functionality. We also model and validate ArpON in the OMNET + + network simulator. The simulation results show that ArpON is effective in avoiding ARP poisoning, and its communication overhead is negligible with respect to classical ARP protocol.

show abstract

WiP: Distributed Intrusion Detection System for TCP/IP-Based Connections in Industrial Environments Using Self-organizing Maps

Cited by 2 publications

References 33 publications

Performance, privacy, and security issues of TCP/IP at the application layer: A comprehensive survey

Performance, privacy, and security issues of TCP/IP at the application layer: A comprehensive survey

Ensuring cybersecurity for industrial networks: A solution for ARP-based MITM attacks

Contact Info

Product

Resources

About