Towards a CDS-based Intrusion Detection Deployment Scheme for Securing Industrial Wireless Sensor Networks

Bayou, Lyes; Cuppens-Boulahia, Nora; Espes, David; Cuppen, Frederic

doi:10.1109/ares.2016.48

Cited by 9 publications

(4 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Olawumi et al showed three types of effective attacks, using vulnerabilities of the Zigbee standard, and proposed countermeasures against them. Alcaraz and Lopez [15] and Bayou et al [16] applied threat models of other networks to the IWSN. Alcaraz and Lopez analyzed the application of the supervisory control and data acquisition (SCADA) threat model and the WSN threat model in Zigbee, WirelessHART, and ISA 100.11a network environments and proposed countermeasures.…”

Section: Related Workmentioning

confidence: 99%

“…In order to apply the IWSN standard to industrial control systems, security for the IWSN is essential. Therefore, many studies have been carried out to identify vulnerabilities through security analysis of the IWSN standard and to find countermeasures [11,12,13,14,15,16,17]. While it is true that the security of the IWSN standard has been strengthened through these studies, there is still a lack of study on the provisioning process, which is where all security begins.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Toward Security Enhanced Provisioning in Industrial IoT Systems

Kwon

Jeong

Shon

2018

Sensors

View full text Add to dashboard Cite

Through the active development of industrial internet of things (IIoT) technology, there has been a rapid increase in the number of different industrial wireless sensor networks (IWSNs). Accordingly, the security of IWSNs is also of importance, as many security problems related to IWSN protocols have been raised and various studies have been conducted to solve these problems. However, the provisioning process is the first step in introducing a new device into the IIoT network and a starting point for IIoT security. Therefore, leakage of security information in the provisioning process makes exposure of secret keys and all subsequent security measures meaningless. In addition, using the exploited secret keys, the attacker can send false command to the node or send false data to the network manager and it can cause serious damage to industrial infrastructure depending on the IWSN. Nevertheless, a security study on the provisioning process has not been actively carried out, resulting in a provisioning process without guaranteed security. Therefore, in this paper, we analyzed security issues of the provisioning process in IWSN by researching prominent IWSN standards, including ISA 100.11a, WirelessHART, and Zigbee, and also an ISA 100.11a-certified device and provisioning process-related studies. Then, we verified the security issues of the provisioning process through testing and analyzing the provisioning process using the ISA 100.11a standard-implemented devices and ISA 100.11a-certified devices. Finally, we discuss security considerations and the direction of future research on provisioning security for IWSN in the IIoT era.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Toward Security Enhanced Provisioning in Industrial IoT Systems

Kwon

Jeong

Shon

2018

Sensors

View full text Add to dashboard Cite

show abstract

“…The deployment of IDS-agents is out of the scope of this paper. However, in our study, we use the scheme proposed in [14]. This scheme uses the graph theory concept of Connected Dominated Set to ensure the gathering of the whole exchanged traffic.…”

Section: Ids-agents Deployment Schemementioning

confidence: 99%

“…∧is_packetT ype(packet , Ack) ∧ is_dstAddr(packet , s) ∧is_assignedF q(s, packet) ∧ is_slotStartT ime(s, packet) (14) We should note that the Network Manager is responsible of building, managing and updating slots and frequencies planning.…”

Section: Communication Scheduling Rulesmentioning

confidence: 99%

wIDS: A Multilayer IDS for Wireless-Based SCADA Systems

Bayou

Espes

Cuppens-Boulahia

et al. 2017

Information Systems Security

Self Cite

View full text Add to dashboard Cite

The increasing use of wireless sensors networks in Supervisory Control and Data Acquisition systems (SCADA) raises the need of enforcing the security of this promising technology. Indeed, SCADA systems are used to manage critical installations that have hard security, reliability and real-time requirements. Consequently, in order to ensure Wireless Industrial Sensor Networks (WISN) security, Intrusion Detection Systems should be used as a second line of defense, in addition to sensor's embedded security mechanisms. In this paper, we present wIDS a multilayer specification-based Intrusion Detection System specially tailored for WISN. It has a two-level detection architecture and is based on a formal description of node's normal behavior.

show abstract

Big Data Collection and Correlation Analysis of Wireless Sensor Networks Yielding to Target Detection and Classification

Giri

Jyothi

2017

Proceedings of International Conference on Computational Intelligence and Data Engineering

View full text Add to dashboard Cite

Towards a CDS-based Intrusion Detection Deployment Scheme for Securing Industrial Wireless Sensor Networks

Cited by 9 publications

References 21 publications

Toward Security Enhanced Provisioning in Industrial IoT Systems

Toward Security Enhanced Provisioning in Industrial IoT Systems

wIDS: A Multilayer IDS for Wireless-Based SCADA Systems

Big Data Collection and Correlation Analysis of Wireless Sensor Networks Yielding to Target Detection and Classification

Contact Info

Product

Resources

About