“…In this paper we extend our previous work [12] in several ways: (1) first, we extend our IDS in a way that it receives network packets from a mirror port in order to acquire the data values (in our previous implementation, the IDS obtained the values of the system from a shared database used in the simulation of the process), (2) we implement our system on an industry-supported (and state of the art) SDN controller called ONOS 2 (Previously we implemented our system in an academic SDN controller called POX), (3) following security best practices for operating an IDS, we move the IDS from the same network being monitored to another segmented network that cannot send packets to the network being monitored, (4) we modularize our system to enable flexibility, and also higher fidelity with real-world systems (our previous work was implemented all within a single virtual machine, while in this paper we have three different virtual machines, one running the SDN network and physical process, another the SDN controller, and another the IDS), (5) we make all of our implementation and contributions open-source and available online (as stated in the introduction), and (6) in this paper we focus on the migration of an attacker from the real system, to a honeypot (Previously, we focused on the implementation of the IDS and the response to sensor attacks and controller attacks, but did not look at how to deceive the adversary and migrate them seamlessly to a honeypot). Our work emphasizes the importance of providing a seamless transition from the real system, to the honeypot environment, so the attacker does not detect that it has been transferred from the real target to a fake system.…”
Section: Pysupporting
confidence: 72%
“…Antonioli et al developed MiniCPS, a research tool that leverages the flexibility of SDN in order to present a framework with which any researcher can simulate an entire ICS network corresponding to a physical model of a known system [2]. In our previous efforts we extended MiniCPS by implementing a Physics-Based Anomaly Detection (PBAD) system [5] to identify attacks, and then implemented an incident-response system that removed the compromised sensor or controller from the network using SDN and then rerouted the network traffic to either a virtual sensor to replace the compromised sensor values, or a redundant controller to replace the compromised device [12].…”
Section: Pymentioning
confidence: 99%
“…In this paper, we address this gap by continuing our work on intrusion response mechanisms to keep the control system operating safely while sustaining attacks. In particular, we extend our intrusion-response architecture that leverages Software-Defined Networking (SDN) to automatically reconfigure our attacked-network in real-time [12]. While our previous work focused on replacing compromised sensor and control messages to trustworthy sources, in this paper we focus on two new use-cases for network reconfiguration during an attack:…”
Numerous research efforts have focused on intrusion detection in industrial control networks, however, few of them discuss what to do after an intrusion has been detected. Because the safety of most of these control systems is time-sensitive, we need new research on automatic incident response. In this paper, we extend our work on leveraging Software-Defined Networking (SDN) to automatically reconfigure an industrial control network to mitigate the impact of attacks, and to deceive adversaries. CCS CONCEPTS • Security and privacy → Intrusion detection systems; Network security; Domain-specific security and privacy architectures; • Networks → Programmable networks; • Applied computing → Industry and manufacturing.
“…In this paper we extend our previous work [12] in several ways: (1) first, we extend our IDS in a way that it receives network packets from a mirror port in order to acquire the data values (in our previous implementation, the IDS obtained the values of the system from a shared database used in the simulation of the process), (2) we implement our system on an industry-supported (and state of the art) SDN controller called ONOS 2 (Previously we implemented our system in an academic SDN controller called POX), (3) following security best practices for operating an IDS, we move the IDS from the same network being monitored to another segmented network that cannot send packets to the network being monitored, (4) we modularize our system to enable flexibility, and also higher fidelity with real-world systems (our previous work was implemented all within a single virtual machine, while in this paper we have three different virtual machines, one running the SDN network and physical process, another the SDN controller, and another the IDS), (5) we make all of our implementation and contributions open-source and available online (as stated in the introduction), and (6) in this paper we focus on the migration of an attacker from the real system, to a honeypot (Previously, we focused on the implementation of the IDS and the response to sensor attacks and controller attacks, but did not look at how to deceive the adversary and migrate them seamlessly to a honeypot). Our work emphasizes the importance of providing a seamless transition from the real system, to the honeypot environment, so the attacker does not detect that it has been transferred from the real target to a fake system.…”
Section: Pysupporting
confidence: 72%
“…Antonioli et al developed MiniCPS, a research tool that leverages the flexibility of SDN in order to present a framework with which any researcher can simulate an entire ICS network corresponding to a physical model of a known system [2]. In our previous efforts we extended MiniCPS by implementing a Physics-Based Anomaly Detection (PBAD) system [5] to identify attacks, and then implemented an incident-response system that removed the compromised sensor or controller from the network using SDN and then rerouted the network traffic to either a virtual sensor to replace the compromised sensor values, or a redundant controller to replace the compromised device [12].…”
Section: Pymentioning
confidence: 99%
“…In this paper, we address this gap by continuing our work on intrusion response mechanisms to keep the control system operating safely while sustaining attacks. In particular, we extend our intrusion-response architecture that leverages Software-Defined Networking (SDN) to automatically reconfigure our attacked-network in real-time [12]. While our previous work focused on replacing compromised sensor and control messages to trustworthy sources, in this paper we focus on two new use-cases for network reconfiguration during an attack:…”
Numerous research efforts have focused on intrusion detection in industrial control networks, however, few of them discuss what to do after an intrusion has been detected. Because the safety of most of these control systems is time-sensitive, we need new research on automatic incident response. In this paper, we extend our work on leveraging Software-Defined Networking (SDN) to automatically reconfigure an industrial control network to mitigate the impact of attacks, and to deceive adversaries. CCS CONCEPTS • Security and privacy → Intrusion detection systems; Network security; Domain-specific security and privacy architectures; • Networks → Programmable networks; • Applied computing → Industry and manufacturing.
“…The cybersecurity, by definition, is a process consisting three objectives: to protect, detect, and respond to cyber-attacks [78]. Particularly, the two main objectives are the ones that rely on data protection and are given more attention since Internet of things networks have to be built in a safe environment that allows a safe interoperability between the facilities.…”
The new paradigms of Industry 4.0 force all the industrial sectors to face a deep digital transformation in order to be on the edge in a competitive and globalized scenario. Following this trend, the shipbuilding industry has to establish its own path to adapt itself to the digital era. This chapter aims to explore this challenge and give an outlook on the multiple transformative technologies that are involved. For that reason, a case of study is presented as a starting point, in which the digital technologies that can be applied are easily recognized. A social network analysis (SNA) is developed among these key enabling technologies (KETs), in order to stress their correlations and links. As a result, artificial intelligence (AI) can be highlighted as a support to the other technologies, such as vertical integration of naval production systems (e.g., connectivity, Internet of things, collaborative robotics, etc.), horizontal integration of value networks (e.g., cybersecurity, diversification, etc.), and life cycle reengineering (e.g., drones, 3D printing (3DP), virtual and augmented reality, remote sensing networks, robotics, etc.).
“…A straightforward utilisation of these methodologies is for model-checking (as, e.g., in [19]) or monitoring (as, e.g., in [4]) in order to be able to verify security properties of CPSs either before system deployment or, when static analysis is not feasible, at runtime to promptly detect undesired behaviours. In other words, we aim at providing an essential stepping stone for Figure 1: MITM attacks to sensor readings and control commands formal and automated analysis techniques for checking the security of CPSs (rather than for providing defence techniques, i.e., mitigation [45]).…”
We apply formal methods to lay and streamline theoretical foundations to reason about Cyber-Physical Systems (CPSs) and physics-based attacks, i.e., attacks targeting physical devices. We focus on a formal treatment of both integrity and denial of service attacks to sensors and actuators of CPSs, and on the timing aspects of these attacks. Our contributions are fourfold. (1) We define a hybrid process calculus to model both CPSs and physics-based attacks. (2) We formalise a threat model that specifies MITM attacks that can manipulate sensor readings or control commands in order to drive a CPS into an undesired state; we group these attacks into classes, and provide the means to assess attack tolerance/vulnerability with respect to a given class of attacks, based on a proper notion of most powerful physics-based attack.(3) We formalise how to estimate the impact of a successful attack on a CPS and investigate possible quantifications of the success chances of an attack. (4) We illustrate our definitions and results by formalising a non-trivial running example in Uppaal SMC, the statistical extension of the Uppaal model checker; we use Uppaal SMC as an automatic tool for carrying out a static security analysis of our running example in isolation and when exposed to three different physics-based attacks with different impacts. * This document extends the paper "A Formal Approach to Physics-Based Attacks in Cyber-Physical Systems" that will appear in ACM Transactions on Privacy and Security by providing proofs that are worked out in full details.In this section, we introduce our Calculus of Cyber-Physical Systems and Attacks, CCPSA, which extends the Calculus of Cyber-Physical Systems, defined in our companion papers [37,41], with specific features to formalise and study attacks to physical devices.Let us start with some preliminary notation.3 Intuitively, attacks of classes weaker than C can do less with respect to attacks of class C.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.