Cyber attacks on IoT devices and preparedness for Industry 4.0

The Internet of Things (IoT) ecosystem comprises billions of heterogeneous Internet-connected devices which are revolutionizing many domains, such as healthcare, transportation, smart cities, to mention only a few. Along with the unprecedented new opportunities, the IoT revolution is creating an enormous attack surface for potential sophisticated cyber attacks. In this context, Remote Attestation (RA) has gained wide interest as an important security technique to remotely detect adversarial presence and assure the legitimate state of an IoT device. While many RA approaches proposed in the literature make different assumptions regarding the architecture of IoT devices and adversary capabilities, most typical RA schemes rely on minimal Root of Trust by leveraging hardware that guarantees code and memory isolation. However, the presence of a specialized hardware is not always a realistic assumption, for instance, in the context of legacy IoT devices and resource-constrained IoT devices. In this paper, we survey and analyze existing software-based RA schemes (i.e., RA schemes not relying on specialized hardware components) through the lens of IoT. In particular, we provide a comprehensive overview of their design characteristics and security capabilities, analyzing their advantages and disadvantages. Finally, we discuss the opportunities that these RA schemes bring in attesting legacy and resource-constrained IoT devices, along with open research issues.

Download Full-text

Artificial Intelligence Applications for Industry 4.0: A Literature-Based Study

Journal of Industrial Integration and Management ◽

10.1142/s2424862221300040 ◽

2021 ◽

pp. 1-29

Author(s):

Mohd Javaid ◽

Abid Haleem ◽

Ravi Pratap Singh ◽

Rajiv Suman

Keyword(s):

Artificial Intelligence ◽

Industry 4.0 ◽

Decisive Role ◽

Vital Role ◽

Data Types ◽

Process Data ◽

Automation Systems ◽

Recent Developments ◽

Iot Devices

Artificial intelligence (AI) contributes to the recent developments in Industry 4.0. Industries are focusing on improving product consistency, productivity and reducing operating costs, and they want to achieve this with the collaborative partnership between robotics and people. In smart industries, hyperconnected manufacturing processes depend on different machines that interact using AI automation systems by capturing and interpreting all data types. Smart platforms of automation can play a decisive role in transforming modern production. AI provides appropriate information to take decision-making and alert people of possible malfunctions. Industries will use AI to process data transmitted from the Internet of things (IoT) devices and connected machines based on their desire to integrate them into their equipment. It provides companies with the ability to track their entire end-to-end activities and processes fully. This literature review-based paper aims to brief the vital role of AI in successfully implementing Industry 4.0. Accordingly, the research objectives are crafted to facilitate researchers, practitioners, students and industry professionals in this paper. First, it discusses the significant technological features and traits of AI, critical for Industry 4.0. Second, this paper identifies the significant advancements and various challenges enabling the implementation of AI for Industry 4.0. Finally, the paper identifies and discusses significant applications of AI for Industry 4.0. With an extensive review-based exploration, we see that the advantages of AI are widespread and the need for stakeholders in understanding the kind of automation platform they require in the new manufacturing order. Furthermore, this technology seeks correlations to avoid errors and eventually to anticipate them. Thus, AI technology is gradually accomplishing various goals of Industry 4.0.

Download Full-text

Towards Near-Real-Time Intrusion Detection for IoT Devices using Supervised Learning and Apache Spark

Electronics ◽

10.3390/electronics9030444 ◽

2020 ◽

Vol 9 (3) ◽

pp. 444 ◽

Cited By ~ 1

Author(s):

Valerio Morfino ◽

Salvatore Rampone

Keyword(s):

Machine Learning ◽

Random Forest ◽

Learning Algorithms ◽

Hybrid Approach ◽

Cyber Attacks ◽

Machine Learning Algorithms ◽

Apache Spark ◽

Identification Accuracy ◽

Supervised Machine Learning ◽

Iot Devices

In the fields of Internet of Things (IoT) infrastructures, attack and anomaly detection are rising concerns. With the increased use of IoT infrastructure in every domain, threats and attacks in these infrastructures are also growing proportionally. In this paper the performances of several machine learning algorithms in identifying cyber-attacks (namely SYN-DOS attacks) to IoT systems are compared both in terms of application performances, and in training/application times. We use supervised machine learning algorithms included in the MLlib library of Apache Spark, a fast and general engine for big data processing. We show the implementation details and the performance of those algorithms on public datasets using a training set of up to 2 million instances. We adopt a Cloud environment, emphasizing the importance of the scalability and of the elasticity of use. Results show that all the Spark algorithms used result in a very good identification accuracy (>99%). Overall, one of them, Random Forest, achieves an accuracy of 1. We also report a very short training time (23.22 sec for Decision Tree with 2 million rows). The experiments also show a very low application time (0.13 sec for over than 600,000 instances for Random Forest) using Apache Spark in the Cloud. Furthermore, the explicit model generated by Random Forest is very easy-to-implement using high- or low-level programming languages. In light of the results obtained, both in terms of computation times and identification performance, a hybrid approach for the detection of SYN-DOS cyber-attacks on IoT devices is proposed: the application of an explicit Random Forest model, implemented directly on the IoT device, along with a second level analysis (training) performed in the Cloud.

Download Full-text

Towards a Lightweight Detection System for Cyber Attacks in the IoT Environment Using Corresponding Features

Electronics ◽

10.3390/electronics9010144 ◽

2020 ◽

Vol 9 (1) ◽

pp. 144 ◽

Cited By ~ 6

Author(s):

Yan Naung Soe ◽

Yaokai Feng ◽

Paulus Insap Santosa ◽

Rudy Hartanto ◽

Kouichi Sakurai

Keyword(s):

Machine Learning ◽

Feature Selection ◽

Detection System ◽

Detection Performance ◽

Cyber Attacks ◽

Raspberry Pi ◽

Selection Algorithm ◽

Feature Selection Algorithm ◽

New Feature ◽

Iot Devices

The application of a large number of Internet of Things (IoT) devices makes our life more convenient and industries more efficient. However, it also makes cyber-attacks much easier to occur because so many IoT devices are deployed and most of them do not have enough resources (i.e., computation and storage capacity) to carry out ordinary intrusion detection systems (IDSs). In this study, a lightweight machine learning-based IDS using a new feature selection algorithm is designed and implemented on Raspberry Pi, and its performance is verified using a public dataset collected from an IoT environment. To make the system lightweight, we propose a new algorithm for feature selection, called the correlated-set thresholding on gain-ratio (CST-GR) algorithm, to select really necessary features. Because the feature selection is conducted on three specific kinds of cyber-attacks, the number of selected features can be significantly reduced, which makes the classifiers very small and fast. Thus, our detection system is lightweight enough to be implemented and carried out in a Raspberry Pi system. More importantly, as the really necessary features corresponding to each kind of attack are exploited, good detection performance can be expected. The performance of our proposal is examined in detail with different machine learning algorithms, in order to learn which of them is the best option for our system. The experiment results indicate that the new feature selection algorithm can select only very few features for each kind of attack. Thus, the detection system is lightweight enough to be implemented in the Raspberry Pi environment with almost no sacrifice on detection performance.

Download Full-text

Machine Learning-Based IoT-Botnet Attack Detection with Sequential Architecture

Sensors ◽

10.3390/s20164372 ◽

2020 ◽

Vol 20 (16) ◽

pp. 4372 ◽

Cited By ~ 1

Author(s):

Yan Naung Soe ◽

Yaokai Feng ◽

Paulus Insap Santosa ◽

Rudy Hartanto ◽

Kouichi Sakurai

Keyword(s):

Machine Learning ◽

High Performance ◽

Detection System ◽

Rapid Development ◽

Attack Detection ◽

Cyber Attacks ◽

Detection Systems ◽

Iot Devices ◽

Artificial Neural Network Ann ◽

Feature Selection Approach

With the rapid development and popularization of Internet of Things (IoT) devices, an increasing number of cyber-attacks are targeting such devices. It was said that most of the attacks in IoT environments are botnet-based attacks. Many security weaknesses still exist on the IoT devices because most of them have not enough memory and computational resource for robust security mechanisms. Moreover, many existing rule-based detection systems can be circumvented by attackers. In this study, we proposed a machine learning (ML)-based botnet attack detection framework with sequential detection architecture. An efficient feature selection approach is adopted to implement a lightweight detection system with a high performance. The overall detection performance achieves around 99% for the botnet attack detection using three different ML algorithms, including artificial neural network (ANN), J48 decision tree, and Naïve Bayes. The experiment result indicates that the proposed architecture can effectively detect botnet-based attacks, and also can be extended with corresponding sub-engines for new kinds of attacks.

Download Full-text

Measurement applications in Industry 4.0: the case of an IoT–oriented platform for remote programming of automatic test equipment

ACTA IMEKO ◽

10.21014/acta_imeko.v8i2.643 ◽

2019 ◽

Vol 8 (2) ◽

pp. 62

Author(s):

Leopoldo Angrisani ◽

Umberto Cesaro ◽

Mauro D'Arco ◽

Oscar Tamburis

Keyword(s):

Industry 4.0 ◽

Multicore Processors ◽

Test Equipment ◽

Automatic Test Equipment ◽

Automatic Test ◽

Gpib Bus ◽

Iot Devices ◽

Remote Clients ◽

A Site ◽

Server Application

A laboratory regarded as a site that collects IoT devices, and which allows remote clients to use them as an automatic test equipment (ATE) through a controller acting as service provider, is proposed herein. To assure efficiency and responsiveness, the controller is programmed as a multithreading system that takes advantage of multicore processors. The controller includes a server application that supports communication with clients by means of a TCP/IP protocol. It uses GPIB bus functionalities to control the instruments of the local ATE. It allows several clients to connect and interact with the specific resources of the laboratory. Thanks to the availability of identical sets of resources and to the underlying multithreading philosophy, client requests are processed in tandem rather than according to a classical queuing approach.

Download Full-text

Interoperability between OPC UA and oneM2M

Journal of Internet Services and Applications ◽

10.1186/s13174-021-00144-9 ◽

2021 ◽

Vol 12 (1) ◽

Author(s):

Salvatore Cavalieri ◽

Salvatore Mulè

Keyword(s):

Industry 4.0 ◽

Industrial Applications ◽

The Novel ◽

Iot Devices

AbstractA key requirement of realizing the connected world featured by IoT is to ensure interoperability among different connected devices. Interoperability is also at the basis of the realization of the novel vision of Industry 4.0; a lot effort is put to make interoperable the interchange of information between industrial applications, also including IoT ecosystems. For this reason, during these last years, several approaches aimed to enhance interoperability between industrial applications and IoT appeared in the literature. In this paper an interoperability proposal is presented. It is based on the idea to realize interworking between the two standards considered among the reference ones in the industrial and IoT domains. They are the OPC UA for the industrial domain and oneM2M for the IoT. Interworking is realized in such a way to allow industrial applications based on OPC UA to acquire information coming from oneM2M-based IoT devices. The proposal allows an OPC UA Server to publish each piece of information produced by oneM2M-based IoT devices, so that this information may be consumed by industrial applications playing the OPC UA Client role.

Download Full-text

IoT-based Application of Information Security Triad

International Journal of Interactive Mobile Technologies (iJIM) ◽

10.3991/ijim.v15i24.27333 ◽

2021 ◽

Vol 15 (24) ◽

pp. 61-76

Author(s):

Mana Saleh Al Reshan

Keyword(s):

Information Security ◽

Smart Home ◽

Cyber Attacks ◽

Security And Privacy ◽

Smart Devices ◽

Exponential Increase ◽

Operational Capabilities ◽

Smart Tv ◽

Iot Devices ◽

Smart Home Appliances

Information Security is the foremost concern for IoT (Internet of things) devices and applications. Since the advent of IoT, its applications and devices have experienced an exponential increase in numerous applications which are utilized. Nowadays we people are becoming smart because we started using smart devices like a smartwatch, smart TV, smart home appliances. These devices are part of the IoT devices. The IoT device differs widely in capacity storage, size, computational power, and supply of energy. With the rapid increase of IoT devices in different IoT fields, information security, and privacy are not addressed well. Most IoT devices having constraints in computational and operational capabilities are a threat to security and privacy, also prone to cyber-attacks. This study presents a CIA triad-based information security implementation for the four-layer architecture of the IoT devices. An overview of layer-wise threats to the IoT devices and finally suggest CIA triad-based security techniques for securing the IoT devices.

Download Full-text

A Survey on the Usage of Blockchain Technology for Cyber-Threats in the Context of Industry 4.0

Sustainability ◽

10.3390/su12219179 ◽

2020 ◽

Vol 12 (21) ◽

pp. 9179

Author(s):

Sidi Boubacar ElMamy ◽

Hichem Mrabet ◽

Hassen Gharbi ◽

Abderrazak Jemai ◽

Damien Trentesaux

Keyword(s):

Crucial Role ◽

Industry 4.0 ◽

Denial Of Service ◽

Linear Structure ◽

Cyber Attacks ◽

Mobile Systems ◽

Data Availability ◽

Future Research ◽

Cyber Threats ◽

Blockchain Technology

A systematic review of the literature is presented related to the usage of blockchain technology (BCT) for cyber-threats in the context of Industry 4.0. BCT plays a crucial role in creating smart factories and it is recognized as a core technology that triggers a disruptive revolution in Industry 4.0. Beyond security, authentication, asset tracking and the exchange of smart contracts, BCTs allow terminals to exchange information according to mutually agreed rules within a secured manner. Consequently, BCT can play a crucial role in industrial sustainability by preserving the assets and the environment and by enhancing the quality of life of citizens. In this work, a classification of the most important cyber-attacks that occurred in the last decade in Industry 4.0 is proposed based on four classes. The latter classes cover scanning, local to remote, power of root and denial of service (DoS). BCT is also defined and various types belong to BCT are introduced and highlighted. Likewise, BCT protocols and implementations are discussed as well. BCT implementation includes linear structure and directed acyclic graph (DAG) technology. Then, a comparative study of the most relevant works based on BCT in Industry 4.0 is conducted in terms of confidentiality, integrity, availability, privacy and multifactor authentication features. Our review shows that the integration of BCT in industry can ensure data confidentiality and integrity and should be enforced to preserve data availability and privacy. Future research directions towards enforcing BCT in the industrial field by considering machine learning, 5G/6G mobile systems and new emergent technologies are presented.

Download Full-text

Botnet and Internet of Things (IoTs)

Security, Privacy, and Forensics Issues in Big Data - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-9742-1.ch013 ◽

2020 ◽

pp. 304-316

Author(s):

Kamal Alieyan ◽

Ammar Almomani ◽

Rosni Abdullah ◽

Badr Almutairi ◽

Mohammad Alauthman

Keyword(s):

Internet Of Things ◽

Cyber Attacks ◽

The Internet ◽

Ddos Attacks ◽

Botnet Detection ◽

The Public ◽

Detection Techniques ◽

Channel Information ◽

Iot Devices ◽

The Internet Of Things

In today's internet world the internet of things (IoT) is becoming the most significant and developing technology. The primary goal behind the IoT is enabling more secure existence along with the improvement of risks at various life levels. With the arrival of IoT botnets, the perspective towards IoT products has transformed from enhanced living enabler into the internet of vulnerabilities for cybercriminals. Of all the several types of malware, botnet is considered as really a serious risk that often happens in cybercrimes and cyber-attacks. Botnet performs some predefined jobs and that too in some automated fashion. These attacks mostly occur in situations like phishing against any critical targets. Files sharing channel information are moved to DDoS attacks. IoT botnets have subjected two distinct problems, firstly, on the public internet. Most of the IoT devices are easily accessible. Secondly, in the architecture of most of the IoT units, security is usually a reconsideration. This particular chapter discusses IoT, botnet in IoT, and various botnet detection techniques available in IoT.

Download Full-text