Browsing by Author "Sinha, Roopak"
Now showing 1 - 7 of 7
Results Per Page
Sort Options
- Actively detecting multiscale flooding attacks & attack volumes in resource-constrained ICPSPublication . Zahid, Farzana; Kuo, Matthew M.Y.; Sinha, Roopak; Funchal, Gustavo Silva; Pedrosa, Tiago; Leitão, PauloThe significant growth in modern communication technologies has led to an increase in zero-day vulnerabilities that degrade the performance of cyber-physical systems (ICPS). Distributed denial of service (DDoS) attacks are one such threat that overwhelms a target with floods of packets, posing a severe risk to the normal operations of the ICPS. Current solutions to detect DDoS attacks are unsuitable for resource-constrained ICPS. This study proposes actively detecting multiscale flooding DDoS attacks in resource-constrained ICPS by analyzing network traffic in the frequency domain. A two-phased technique detects attack presence and attack volume. Both phases use a novel combination of light-weight and theoretically sound statistical methods. The effectiveness of the proposed technique is evaluated using mainstream metrics like true and false positive rates, accuracy, and precision using BOUN DDoS 2020 and CICDDoS 2019 datasets. An implementation of the proposed approach on a programmable logic controllers-based ICPS demonstrated improvements in resource usage and detection time compared to the existing state-of-the-art.
- An intrusion detection system dataset for a multi-agent cyber-physical conveyor systemPublication . Funchal, Gustavo Silva; Zahid, Farzana; Melo, Victoria; Kuo, Matthew M.Y.; Pedrosa, Tiago; Sinha, Roopak; Prieta Pintado, Fernando De la; Leitão, PauloIndustry 4.0 is built upon the foundation of connecting devices and systems via Internet of Things (IoT) technologies, with Cyber-Physical Systems (CPS) serving as the backbone infrastructure. Although this approach brings numerous benefits like improved performance, responsiveness and reconfigurability, it also introduces security concerns, making devices and systems vulnerable to cyber attacks. There is a need for effective techniques to protect these systems, and the availability of datasets becomes essential to support the development of such techniques. This paper presents a dataset based on the collection of traffic information exchanged in a self-organizing conveyor system using the multi-agent systems (MAS) architecture and containing various intelligent conveyor modules. The dataset comprises data collected at the network and agent levels under normal system operation, denial of service (DoS) attacks, and malicious agent attacks. An intrusion detection system that integrates Fast Fourier Transform (FFT) and Machine Learning (ML) analysis is developed to demonstrate the utility of this dataset.
- Assessing the integration of software agents and industrial automation systems with ISO/IEC 25010Publication . Karnouskos, Stamatis; Sinha, Roopak; Leitão, Paulo; Ribeiro, Luis; Strasser, Thomas I.Agent-technologies have been used for higher-level decision making in addition to carrying out lower-level automation and control functions in industrial systems. Recent research has identified a number of architectural patterns for the use of agents in industrial automation systems but these practices vary in several ways, including how closely agents are coupled with physical systems and their control functions. Such practices may play a pivotal role in the Cyber-Physical System integration and interaction. Hence, there is a clear need for a common set of criteria for assessing available practices and identifying a bestfit practice for a given industrial use case. Unfortunately, no such common criteria exist currently. This work proposes an assessment criteria approach as well as a methodology to enable the use case based selection of a best practice for integrating agents and industrial systems. The software product quality model proposed by the ISO/IEC 25010 family of standards is used as starting point and is put in the industrial automation context. Subsequently, the proposed methodology is applied, and a survey of experts in the domain is carried out,in order to reveal some insights on the key characteristics of the subject matter.
- DDoS attacks on smart manufacturing systems: a cross-domain taxonomy and attack vectorsPublication . Zahid, Farzana; Funchal, Gustavo Silva; Melo, Victória; Kuo, Matthew M.Y.; Leitão, Paulo; Sinha, RoopakDenial of Service is a significant availability threat in Industrial Cyber-Physical systems and smart manufacturing is not an exception. The types, methods, and duration of these attacks have been evolving rapidly and their number has increased dramatically, reaching a new record in history. In particular, digitisation of the manufacturing process and increased connectivity have created a battleground between product quality of service and threats associated with cross-domains and multi-vector attacks that affect the manufacturing system performance. The existing research on cyber-threats related to smart manufacturing system does not consider the comprehensive landscape of denial of service attacks. In this study, we classify well-accepted (distributed) denial of service attacks according to a proposed taxonomy, focusing on both the multi-vector attacks and cross-domain attacks. Utilising the taxonomy, more than fifty different denial of service attacks on smart manufacturing system were classified in terms of Endpoint and Network (distributed) denial of service attacks. As an example, a Cyber-Physical Conveyor System was used to examine the proposed taxonomy.
- Designing actively ecure, highly available industrial automation applicationsPublication . Tanveer, Awais; Sinha, Roopak; MacDonell, Stephen G.; Leitão, Paulo; Vyatkin, ValeriyProgrammable Logic Controllers (PLCs) execute critical control software that drives Industrial Automation and ControlSystems(IACS).PLCs can become easy targets for cyber adversaries as they are resource-constrained and are usually built using legacy, less-capable security measures. Security attacks can significantly affect system availability, which is an essential requirement for IACS. We propose a method to make PLC applications more security-aware. Based on the well-known IEC 61499 function blocks standard for developing IACS software, our method allows designers to annotate critical parts of an application during design time. On deployment, these parts of the application are automatically secured using appropriate security mechanisms to detect and prevent attacks. We present a summary of availability attacks on distributed IACS applications that can be mitigated by our proposed method. Security mechanisms are achieved using IEC 61499 Service-Interface Function Blocks (SIFBs) embedding Intrusion Detection and Prevention System (IDPS), added to the application at compile time. This method is more amenable to providing active security protection from attacks on previously unknown (zero-day) vulnerabilities. We test our solution on an IEC 61499 application executing on Wago PFC200 PLCs. Experiments show that we can successfully log and prevent attacks at the application level as well as help the application to gracefully degrade into safe mode, subsequently improving availability.
- IASelect: finding best-fit agent practices in industrial CPS using graph databasesPublication . Sharma, Chandan; Sinha, Roopak; Leitão, PauloThe ongoing fourth Industrial Revolution depends mainly on robust Industrial Cyber-Physical Systems (ICPS). ICPS includes computing (software and hardware) abilities to control complex physical processes in distributed industrial environments.Industrialagents,originatingfromthewell-established multi-agent systems field, provide complex and cooperative control mechanisms at the software level, allowing us to develop larger and more feature-rich ICPS. The IEEE P2660.1 standardisation project, ”Recommended Practices on Industrial Agents: Integration of Software Agents and Low Level Automation Functions” focuses on identifying Industrial Agent practices that can benefit ICPS systems of the future. A key problem within this project is identifying the best-fit industrial agent practices for a given ICPS. This paper reports on the design and development of a tool to address this challenge. This tool, called IASelect, is built using graph databases and provides the ability to flexibly and visually query a growing repository of industrial agent practices relevant to ICPS. IASelect includes a front-end that allows industry practitioners to interactively identify best-fit practices without having to write manual queries.
- The applicability of ISO/IEC 25023 measures to the integration of agents and automation systemsPublication . Karnouskos, Stamatis; Sinha, Roopak; Leitão, Paulo; Ribeiro, Luis; Strasser, Thomas I.The integration of industrial automation systems and software agents has been practiced for many years. However, such an integration is usually done by experts and there is no consistent way to assess these practices and to optimally select one for a specific system. Standards such as the ISO/IEC 25023 propose measures that could be used to obtain a quantification on the characteristics of such integration. In this work, the suitability of these characteristics and their proposed calculation for assessing the connection of industrial automation systems with software agents is discussed. Results show that although most of the measures are relevant for the integration of agents and industrial automation systems, some are not relevant in this context. Additionally, it was noticed that some measures, especially those of a more technical nature, were either very difficult to computed in the automation system integration, or did not provide sufficient guidance to identify a practice to be used.