ebook img

Cybersecurity and Privacy in Cyber–Physical Systems PDF

455 Pages·2019·23.196 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Cybersecurity and Privacy in Cyber–Physical Systems

Cybersecurity and Privacy in Cyber-Physical Systems Cybersecurity and Privacy in Cyber-Physical Systems Edited by Yassine Maleh Mohammad Shojafar Ashraf Darwish Abdelkrim Haqiq CRC Press Taylor & Francis Group 6000 Broken Sound Parkway NW, Suite 300 Boca Raton, FL 33487-2742 © 2019 by Taylor & Francis Group, LLC CRC Press is an imprint of Taylor & Francis Group, an Informa business No claim to original U.S. Government works Printed on acid-free paper International Standard Book Number-13: 978-1-138-34667-3 (Hardback) This book contains information obtained from authentic and highly regarded sources. Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, please access www.copyright. com (http://www.copyright.com/) or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. CCC is a not-for-profit organization that provides licenses and registration for a variety of users. For organizations that have been granted a photocopy license by the CCC, a separate system of payment has been arranged. Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe. Visit the Taylor & Francis Web site at http://www.taylorandfrancis.com and the CRC Press Web site at http://www.crcpress.com For Adam, Lina, and Sabrine CRC Press Taylor & Francis Group 6000 Broken Sound Parkway NW, Suite 300 Boca Raton, FL 33487-2742 © 2019 by Taylor & Francis Group, LLC CRC Press is an imprint of Taylor & Francis Group, an Informa business No claim to original U.S. Government works Printed on acid-free paper International Standard Book Number-13: 978-1-138-34667-3 (Hardback) This book contains information obtained from authentic and highly regarded sources. Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, please access www.copyright. com (http://www.copyright.com/) or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. CCC is a not-for-profit organization that provides licenses and registration for a variety of users. For organizations that have been granted a photocopy license by the CCC, a separate system of payment has been arranged. Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe. Visit the Taylor & Francis Web site at http://www.taylorandfrancis.com and the CRC Press Web site at http://www.crcpress.com Contents Preface ................................................................................................................ix Editorial Advisory Board and Reviewers ..........................................................xi Editors ..............................................................................................................xiii Contributors ....................................................................................................xvii SeCtion i CYBeR-PHYSiCAL SYSteMS: VULneRABiLitieS, AttACKS AnD tHReAtS 1 Improving Security and Privacy in Cyber-Physical Systems ..................3 SUMAIYA THASEEN, ASWANI KUMAR CHERUKURI AND AMIR AHMAD 2 Vulnerability Analysis for Cyber-Physical Systems ..............................45 D. SUMATHI AND M. ROOPA CHANDRIKA 3 State Estimation-Based Attack Detection in Cyber-Physical Systems: Limitations and Solutions ......................................................71 CHUADHRY MUJEEB AHMED, JIANYING ZHOU AND ADITYA P. MATHUR SeCtion ii SeCURitY AnD PRiVACY in CLoUD AnD eMBeDDeD SYSteMS FoR CYBeR-PHYSiCAL SYSteMS 4 Towards Secure Software-Defined Networking Integrated Cyber-Physical Systems: Attacks and Countermeasures ....................103 UTTAM GHOSH, PUSHPITA CHATTERJEE, SACHIN S. SHETTY, CHARLES KAMHOUA AND LAURENT NJILLA 5 DDoS Defense in SDN-Based Cyber-Physical Cloud .........................133 SAFAA MAHRACH AND ABDELKRIM HAQIQ vii viii ◾ Contents 6 Detecting Pilot Contamination Attacks in Wireless Cyber-Physical Systems ......................................................................159 DIMITRIYA MIHAYLOVA, GEORGI ILIEV AND ZLATKA VALKOVA-JARVIS 7 Laboratory Exercises to Accompany Industrial Control and Embedded Systems Security Curriculum Modules ............................185 GUILLERMO A. FRANCIA, III, JAY SNELLEN AND GRETCHEN RICHARDS SeCtion iii S eCURitY AnD PRiVACY in BiG DAtA CYBeR-PHYSiCAL SYSteMS 8 Security and Privacy in Big Data Cyber-Physical Systems .................217 L. JOSEPHINE USHA AND J. JESU VEDHA NAYAHI 9 Big Data Technologies–Supported Generic Visualization System in an Enterprise Cyber-Physical Environment ........................251 FERDA ÖZDEMIR SÖNMEZ AND BANU GÜNEL 10 Searching for IoT Resources in Intelligent Transportation Cyberspace (T-CPS)—Requirements, Use-Cases and Security Aspects .................................................................................293 Md. MUZAKKIR HUSSAIN, MOHAMMAD SAAD ALAM, M. M. SUFYAN BEG AND RASHID ALI SeCtion iV CYBeRSeCURitY in CYBeR-PHYSiCAL SYSteMS 11 Evaluating the Reliability of Digital Forensics Tools for Cyber-Physical Systems .................................................................335 PRECILLA M. DIMPE AND OKUTHE P. KOGEDA 12 Point-of-Sale Device Attacks and Mitigation Approaches for Cyber-Physical Systems .................................................................367 Md. ARABIN ISLAM TALUKDER, HOSSAIN SHAHRIAR AND HISHAM HADDAD 13 Cyber Profiteering in the Cloud of Smart Things ..............................393 S. SELVA NIDHYANANTHAN, J. SENTHIL KUMAR AND A. KAMARAJ Index ...........................................................................................................427 Preface Today, everything is digital, and what is not is soon to be digital. As citizens, we all have access to a computer, a tablet or a telephone for our personal and professional use. These means of communication are increasingly connected, gaining accessibil- ity and simplicity for our daily uses. We are living in a data-driven age. Data has been locating or is going to locate every point of our life. Most people think that this influence is a consequence of industry 4.0 that makes our life faster than before, as with all other industrial revolutions. Industry 4.0 enabled the cooperation between the cyber domain and physical systems. This cooperation is called cyber- physical systems (CPSs). Most critical infrastructures such as the power grid, rail or air traffic control, industrial automation in manufacturing, water/wastewater infrastructure, bank- ing systems and so on are CPSs. Given that the continued availability of their core functions is extremely important to people’s normal and economic lives, there is widespread concern that CPSs could be subjected to intense cyberattacks. In fact, a number of these cases have occurred over the past decade. It is therefore extremely important to defend these systems against cyber threats. Due to the cyber-physical nature of most of these systems and the increasing use of networks, embedded computing and supervisory control and data acquisition (SCADA) attack surfaces have increased. In this tutorial, we will examine some of these cyber threats, discuss methodologies, tools and techniques for defending these systems and show how the design of secure cyber-physical systems differs from the previous design. Cybersecurity attacks are becoming more frequent as cyberattackers exploit sys- tem vulnerabilities for financial gain. Nation-state actors employ the most skilled attackers, capable of launching targeted and coordinated attacks. Sony, PumpUp and Saks, Lord & Taylor are recent examples of targeted attacks. The time between a security breach and detection is measured in days. Cyberattackers are aware of exist- ing security controls and are continually improving their attack techniques. To make matters worse, cyberattackers have a wide range of tools to bypass traditional security mechanisms. Malware infection control frameworks, zero-day exploits and rootkits can be easily purchased at an underground market. Attackers can also buy personal information and compromised domains in order to launch additional attacks. ix

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.