Defending Industrial Internet of Things Against Modbus/TCP Threats: A Combined AI-Based Detection and SDN-Based Mitigation Solution

Radoglou-Grammatikis, P.,; Sarigiannidis, P.; Efstathopoulos, G.; Lagkas, T.; Sarigiannidis, A.; Mladenov, V. M.; Siaxabanis, N.

Autors: Radoglou-Grammatikis, P., Sarigiannidis, P., Efstathopoulos, G., Lagkas, T., Sarigiannidis, A., Mladenov, V. M., Siaxabanis, N.
Title: Defending Industrial Internet of Things Against Modbus/TCP Threats: A Combined AI-Based Detection and SDN-Based Mitigation Solution
Keywords: Active Learning, Intrusion Detection and Prevention, Modbus,

Abstract: The rapid evolution of the Industrial Internet of Things (IIoT) introduces multiple benefits, such as self-monitoring, pervasive control and self-healing, leading IIoT environments, such as Critical Infrastructures (CIs) to a new digital era. However, this new reality creates severe cybersecurity issues due to the vulnerable nature of the IIoT protocols. In this paper, we focus on Modbus/Transmission Control Protocol (TCP), which is widely adopted by IIoT environments, such as the smart electrical grid. Modbus/TCP is characterised by severe vulnerabilities since it does not incorporate adequate authentication and authorisation services. First, we provide a Modbus/TCP threat model, which estimates the severity of the Modbus/TCP threats supported by relevant Modbus/TCP-related penetration testing tools. The proposed model combines (a) STRIDE-per-element, (b) an Attack Defence Tree (ADT) and (c) one from Common Vulnerability Scoring System (CVSS) and OWASP Risk Rating (OWASP-RR) methodol

References

Issue

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4141459, pp. 1-44, 2022, United States, http://dx.doi.org/10.2139/ssrn.4141459

Цитирания (Citation/s):
1. Tudosi, A.D., Graur, A., Balan, D.G., Potorac, A.D. and Tarabuta, R., 2023. Automated User Authentication Configuration for pfSense Firewall Using Scripting and LDAP Integration (No. 10057). EasyChair. (Google Scholar) - 2023 - от чужди автори в чужди издания, неиндексирани в Scopus или Web of Science
2. TUDOSI, A.D., GRAUR, A., BALAN, D.G. and POTORAC, A.D., Automatic Directory Service Integration in Distributed Firewall Resources: A Study of Scripting and LDAP Integration with pfSense. 11th IEEE International Conference on E-Health and Bioengineering - EHB 2023, 979-8-3503-2887-5/23/$31.00 ©2023 IEEE (Google Scholar) - 2023 - от чужди автори в чужди издания, неиндексирани в Scopus или Web of Science

Вид: статия в списание, публикация в реферирано издание, индексирана в Google Scholar

Е-Публикации
Технически университет - София

Детайли за публикация от базата данни на ТУ - София (Publication Details)