Live forensics of software attacks on cyber–physical systems

Al-Sharif, Ziad A.; Al-Saleh, Mohammed I.; Alawneh, Luay; Jararweh, Yaser; Gupta, Brij B.

doi:10.1016/j.future.2018.07.028

Cited by 49 publications

(17 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Abeykoon and Feng [92] proposed an analytical framework to acquire digital evidence from a Robot Operating System. Al-Sharif et al [93] investigated the possibility of collecting digital evidence extracted from the main memory (RAM) of the computer components about attacks on CPS. They used Java for their demonstration and found that it is possible to collect some evidence even after the garbage collector is explicitly executed.…”

Section: Current Cps Forensics Approachesmentioning

confidence: 99%

See 1 more Smart Citation

Cyber–Physical Systems Forensics: Today and Tomorrow

Mohamed

Al-Jaroodi

Jawhar

2020

JSAN

View full text Add to dashboard Cite

Cyber–Physical Systems (CPS) connect the physical world (systems, environments, and humans) with the cyber world (software, data, etc.) to intelligently enhance the operational environment they serve. CPS are distributed software and hardware components embedded in the physical world and possibly attached to humans. They offer smart features, such as enhancing and optimizing the reliability, quality, safety, health, security, efficiency, operational costs, sustainability, and maintainability of physical systems. CPS are also very vulnerable to security attacks and criminal activities. In addition, they are very complex and have a direct impact on their environment. Therefore, it is hard to detect and investigate security attacks, while such attacks may have a catastrophic impact on the physical world. As a result, CPS must incorporate security measures in addition to suitable and effective forensics capabilities. When the security measures fail and an attack occurs, it becomes imperative to perform thorough forensics analysis. Adding effective forensics tools and capabilities will support the investigations of incidents. This paper defines the field of CPS forensics and its dimensions: Technical, Organizational, and Legal. Then, it reviews examples of current research efforts in the field and the types of tools and methods they propose for CPS forensics. In addition, it discusses the issues and challenges in the field that need to be addressed by researchers and developers of CPS. The paper then uses the review outcomes to discuss future research directions to address challenges and create a more effective, efficient, and safe forensics tools and for CPS. This discussion aims to create a starting point for researchers where they can identify the gaps and challenges and create suitable solutions through their research in CPS forensics.

show abstract

Section: Current Cps Forensics Approachesmentioning

confidence: 99%

“…Al-Sharif et al [93] Investigation approach Cyber To enable collecting digital evidence extracted from the main memory.…”

Section: Abeykoon and Feng [92] Forensic Tool Cybermentioning

confidence: 99%

Cyber–Physical Systems Forensics: Today and Tomorrow

Mohamed

Al-Jaroodi

Jawhar

2020

JSAN

View full text Add to dashboard Cite

show abstract

“…Serangan Distributed Denial of Services (DDoS) terus menjadi salah satu ancaman paling menantang ke Internet. Intensitas dan frekuensi serangan ini meningkat dengan kecepatan yang mengkhawatirkan [5] Begitu seringnya serangan DoS terjadi menyebabkan banyak peneliti yang melakukan penelitian tentang serangan DoS di antaranya yaitu serangan pada sistem fisik [9], survey dan mitigasi serangan DoS pada Named Data Networking [10], eksplorasi bukti digital pada smart router [11], mitigasi serangan DoS yang efisien [12], deteksi DoS pada penerapan jaringan sensor nirkabel [13], deteksi serangan DDoS berbasis multiple autonomous systems [14], dan DDoS bandwidth flooding [15].…”

Section: Pendahuluanunclassified

Peningkatan Keamanan Router Mikrotik Terhadap Serangan Denial of Service (DoS)

2020

View full text Add to dashboard Cite

Denial of Service (DoS) attacks are one of the most common attacks on website, networks, routers and servers, including on router mikrotik. A DoS attack aims to render a network router unable to service requests from authorized users. The result will disrupt the operational activities of the organization and cause material and non-material losses. In this study, a simulation and analysis of DoS attacks using the Live Forensics method were carried out and the router security enhancement from rectangular software and hardware. From the research results obtained digital evidence of DoS attacks in the form of IP addresses and attacker activity logs. In addition, the increase in router security in terms of software by using Firewall Filter and Firewall Raw has proven effective in preventing attacks. While improving router security in terms of hardware by setting a reset button on the router and firewall devices is also very necessary so that the router can avoid physical attacks by irresponsible persons.

show abstract

“…In [15] author discussed a case study of smart medical devices in terms of general problems of assessing the quality of cyber-physical systems. [16] provided live forensics of software attacks on CPS by launching attacks and understanding its internal flows. [17] compared security issues between IoT and traditional network, elaborated opening security issues in IoT, analyzed the security problems of various layers of IoT and tries to find solutions to them.…”

Section: Literature Reviewmentioning

confidence: 99%

Scalable Emulated Framework for IoT Devices in Smart Logistics Based Cyber-Physical Systems: Bonded Coverage and Connectivity Analysis

Abbas

Marwat

2020

IEEE Access

View full text Add to dashboard Cite

In this research, scalable framework for Smart Logistics based Cyber-Physical System (SLCPS) is emulated for stable coverage and connectivity of Internet of Things (IoT) devices. This work is modern manifestation of three laws of computing. Moore's and Koomey's laws recommend performance gain and energy efficiency whereas Metcalfe's law imply network scalability. Combination of these laws suggests the research proposition that development of scalable and performance efficient IoT networks is inevitable. Although IoT has improved specific logistics modules considerably, but incorporation of IoT in complete supply chain of food and random placement of IoT devices due to which unstable coverage and connectivity occurred are major challenges in logistics. The proposed SLCPS framework is designed firstly, to develop apt IoT protocol stack for logistics. Secondly, for bonded connectivity and coverage, mathematical models are proposed instead of random placement and coverage map is based on binary coverage model. Thirdly, for scalability supply chain of food for smart logistics process is designed in terms of container, storehouse and warehouse comprising of varying number of IoT devices. The architecture of SLCPS framework has three modules i.e. internal IoT network, border router and external network, emulated in Cooja simulator. The contikimac protocol is used for efficient traffic flow and power consumption. Single hop, multiple hops and random IoT devices placement scenarios are used for results comparison and validation. The performance evaluation results, i.e. throughput, network convergence time, packet delivery ratio, average latency, power consumption and timeline investigation validated utilization of proposed framework in terms of enhanced network performance. Significance of proposed SLCPS framework results in cost minimization, reducing communication and computation overhead, resilience to IoT device failures and an interference free network connectivity and coverage. Coverage and connectivity are measure of quality of service in IoT network. Therefore, this research provided bonded coverage and connectivity in smart logistics using mathematical models. In addition, a baseline framework is provided for extended research in CPS and IoT applications.

show abstract

Live forensics of software attacks on cyber–physical systems

Cited by 49 publications

References 47 publications

Cyber–Physical Systems Forensics: Today and Tomorrow

Cyber–Physical Systems Forensics: Today and Tomorrow

Peningkatan Keamanan Router Mikrotik Terhadap Serangan Denial of Service (DoS)

Scalable Emulated Framework for IoT Devices in Smart Logistics Based Cyber-Physical Systems: Bonded Coverage and Connectivity Analysis

Contact Info

Product

Resources

About