scholarly journals A Review of Attacks, Vulnerabilities, and Defenses in Industry 4.0 with New Challenges on Data Sovereignty Ahead

Sensors ◽  
2021 ◽  
Vol 21 (15) ◽  
pp. 5189
Author(s):  
Vítor Pedreira ◽  
Daniel Barros ◽  
Pedro Pinto
Keyword(s):  
Systematic Review ◽  
Industry 4.0 ◽  
Defense Mechanisms ◽  
Intrusion Detection Systems ◽  
Dos Attacks ◽  
Defense Strategies ◽  
Detection Systems ◽  
Buffer Overflows ◽  
Future Challenges ◽  
International Data

The concepts brought by Industry 4.0 have been explored and gradually applied.The cybersecurity impacts on the progress of Industry 4.0 implementations and their interactions with other technologies require constant surveillance, and it is important to forecast cybersecurity-related challenges and trends to prevent and mitigate these impacts. The contributions of this paper are as follows: (1) it presents the results of a systematic review of industry 4.0 regarding attacks, vulnerabilities and defense strategies, (2) it details and classifies the attacks, vulnerabilities and defenses mechanisms, and (3) it presents a discussion of recent challenges and trends regarding cybersecurity-related areas for Industry 4.0. From the systematic review, regarding the attacks, the results show that most attacks are carried out on the network layer, where dos-related and mitm attacks are the most prevalent ones. Regarding vulnerabilities, security flaws in services and source code, and incorrect validations in authentication procedures are highlighted. These are vulnerabilities that can be exploited by dos attacks and buffer overflows in industrial devices and networks. Regarding defense strategies, Blockchain is presented as one of the most relevant technologies under study in terms of defense mechanisms, thanks to its ability to be used in a variety of solutions, from Intrusion Detection Systems to the prevention of Distributed dos attacks, and most defense strategies are presented as an after-attack solution or prevention, in the sense that the defense mechanisms are only placed or thought, only after the harm has been done, and not as a mitigation strategy to prevent the cyberattack. Concerning challenges and trends, the review shows that digital sovereignty, cyber sovereignty, and data sovereignty are recent topics being explored by researchers within the Industry 4.0 scope, and GAIA-X and International Data Spaces are recent initiatives regarding data sovereignty. A discussion of trends is provided, and future challenges are pointed out.

scholarly journals CNN-Based Network Intrusion Detection against Denial-of-Service Attacks

Electronics ◽  
2020 ◽  
Vol 9 (6) ◽  
pp. 916 ◽  
Author(s):  
Jiyeon Kim ◽  
Jiwon Kim ◽  
Hyunjung Kim ◽  
Minsun Shim ◽  
Eunjung Choi
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Denial Of Service ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
National Defense ◽  
Dos Attacks ◽  
Detection Systems ◽  
Network Intrusion

As cyberattacks become more intelligent, it is challenging to detect advanced attacks in a variety of fields including industry, national defense, and healthcare. Traditional intrusion detection systems are no longer enough to detect these advanced attacks with unexpected patterns. Attackers bypass known signatures and pretend to be normal users. Deep learning is an alternative to solving these issues. Deep Learning (DL)-based intrusion detection does not require a lot of attack signatures or the list of normal behaviors to generate detection rules. DL defines intrusion features by itself through training empirical data. We develop a DL-based intrusion model especially focusing on denial of service (DoS) attacks. For the intrusion dataset, we use KDD CUP 1999 dataset (KDD), the most widely used dataset for the evaluation of intrusion detection systems (IDS). KDD consists of four types of attack categories, such as DoS, user to root (U2R), remote to local (R2L), and probing. Numerous KDD studies have been employing machine learning and classifying the dataset into the four categories or into two categories such as attack and benign. Rather than focusing on the broad categories, we focus on various attacks belonging to same category. Unlike other categories of KDD, the DoS category has enough samples for training each attack. In addition to KDD, we use CSE-CIC-IDS2018 which is the most up-to-date IDS dataset. CSE-CIC-IDS2018 consists of more advanced DoS attacks than that of KDD. In this work, we focus on the DoS category of both datasets and develop a DL model for DoS detection. We develop our model based on a Convolutional Neural Network (CNN) and evaluate its performance through comparison with an Recurrent Neural Network (RNN). Furthermore, we suggest the optimal CNN design for the better performance through numerous experiments.

A Host-Based Intrusion Detection System Using Architectural Features to Improve Sophisticated Denial-of-Service Attack Detections

2010 ◽  
Vol 4 (1) ◽  
pp. 18-31
Author(s):  
Ran Tao ◽  
Li Yang ◽  
Lu Peng ◽  
Bin Li
Keyword(s):  
Operating System ◽  
Intrusion Detection ◽  
Detection System ◽  
Denial Of Service ◽  
Hardware Architecture ◽  
Intrusion Detection Systems ◽  
System Level ◽  
Gradient Boosting ◽  
Dos Attacks ◽  
Detection Systems

Application features like port numbers are used by Network-based Intrusion Detection Systems (NIDSs) to detect attacks coming from networks. System calls and the operating system related information are used by Host-based Intrusion Detection Systems (HIDSs) to detect intrusions toward a host. However, the relationship between hardware architecture events and Denial-of-Service (DoS) attacks has not been well revealed. When increasingly sophisticated intrusions emerge, some attacks are able to bypass both the application and the operating system level feature monitors. Therefore, a more effective solution is required to enhance existing HIDSs. In this article, the authors identify the following hardware architecture features: Instruction Count, Cache Miss, Bus Traffic and integrate them into a HIDS framework based on a modern statistical Gradient Boosting Trees model. Through the integration of application, operating system and architecture level features, the proposed HIDS demonstrates a significant improvement of the detection rate in terms of sophisticated DoS intrusions.

scholarly journals Deep Learning-Based Intrusion Detection Systems: A Systematic Review

IEEE Access ◽  
2021 ◽  
Vol 9 ◽  
pp. 101574-101599
Author(s):  
Jan Lansky ◽  
Saqib Ali ◽  
Mokhtar Mohammadi ◽  
Mohammed Kamal Majeed ◽  
Sarkhel H. Taher Karim ◽  
...  
Keyword(s):  
Systematic Review ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Detection Systems
Sign in / Sign up

Export Citation Format

Share Document