FIGURE 3 - uploaded by Gemini George
Content may be subject to copyright.
Source publication
Industrial IoT (IIoT) refers to the application of IoT in industrial management to improve overall operational efficiency. With IIoT that accelerates the industrial automation process by enrolling thousands of IoT devices, strong security foundations are to be deployed befitting the distributed connectivity and constrained functionalities of the Io...
Similar publications
In the industrial Internet of Things domain, applications are moving from the Cloud into the edge, closer to the devices producing and consuming data. This means applications move from the scalable and homogeneous cloud environment into a constrained heterogeneous edge network. Making edge applications reliable enough to fulfill Industrie 4.0 use c...
Citations
... Nevertheless, this approach needs the integration of novel attack techniques and the handling of zero-day vulnerabilities. In the realm of the Industrial Internet of Things (IIoT), "A Graph-Based Security Framework for Securing Industrial to IoT Networks from Vulnerability Exploitations" [23] introduces a graphical model intended to represent vulnerability relationships within IIoT networks. However, the absence of standardized cost calculation methods may introduce inconsistencies and diminish the accuracy of cost assessments proposed by existing mechanisms. ...
... These features include security, transactional privacy, integrity, authorization, censorship resistance, data immutability, auditability, system transparency, and fault tolerance [1], [4]. The IoT is significantly contributing to smart city projects and driving the next industry revolution "Industry 4.0" with diverse applications in various sectors [5], [6]. Revenue generated by IoT applications across various sectors is projected to grow from $892 billion (about $2,700 per person in the US) in 2018 to an estimated $4 trillion (about $12,000 per person in the US) by 2025 [4]. ...
... IoT applications primarily focus on automating various daily tasks and enabling objects to function without human intervention. However, realizing this vision and meeting the increasing demand requires robust security measures, privacy protection, reliable authentication mechanisms, and effective safeguards against potential attacks [5]- [7]. ...
The Internet of Things (IoT) can be defined as a network of intelligent objects where physical objects are equipped with electronic and network components to enable connectivity. These smart objects are embedded with sensors that enable them to monitor, sense, and gather data pertaining to their surroundings, including the environment and human activities. The applications of IoT, both existing and forthcoming, show great promise in terms of enhancing convenience, efficiency, and automation in our daily lives. However, for the widespread adoption and effective implementation of The Internet of Things, addressing concerns related to security, authentication, privacy, and recovery from potential attacks is crucial. To achieve end-to-end security in Internet of Things environments, it is imperative to make necessary modifications to the architecture of The Internet of Things applications. In this paper, we propose assessment parameters and a layered framework that integrates The Internet of Things and blockchain to enhance
... However, it can be challenging to ensure security when previously deployed devices lack security safeguards and have a complicated upgrade process. IIoT's increased connectivity raises security risks, especially when older isolated components are connected to the network [48,49]. ...
... However, these investigations often overlook the security aspects associated with caching, especially concerning IoT applications vulnerable to disruptive security threats [2]. While George et al. [11] examined vulnerabilities in Industrial IoT (IIoT) networks and proposed risk mitigation strategies, security-aware caching and content transfer received little attention in models such as that of Chaudhary et al. [12], focused on safe content distribution. Zahed et al. [2] introduced trusted caching nodes in IIoT networks, optimizing content breach costs and energy consumption. ...
With its networked military equipment, the Internet of Military Things (IoMT) is bothered by severe security issues, hampering data accessibility and service delivery. Distributed Denial of Service (DDoS) incidents are risks that disrupt mission-critical activities. To detect DDoS assaults within IoMT data caching systems, this article investigated machine learning algorithms. Leveraging machine learning techniques, it adapts dynamically to evolving attack patterns, enhancing the resilience and availability of the cached data in the intricate IoMT networks. Extensive experiments demonstrate the significance of ensemble learning in addressing the intricacies of multiclass DDoS instances in IoMT networks.
... With this, the idea regarding maintainability became more influential in HC-IoT application, because of the security requirements of these networks [209]. In [210], the authors suggested that the provision of authentication, validation, verification, and software patches are the primary security concern of HC-IoT networks. For this, the authors present a strategy that guarantees the secure software update of employed devices with an assessment process to catch high-risk vulnerabilities in operational networks. ...
Internet of Things (IoT) applications are switching from general to precise in different industries, e.g., healthcare, automation, military, maritime, smart cities, transportation, logistics, and many more. In the healthcare domain, these applications had demonstrated an incredible improvement in patient assessment, monitoring, and prescription, etc., with ease of access through the Internet. Despite its benefits, this technology also offers several security challenges for the research community and healthcare stakeholders, because of its wireless communication and open-area deployment. To explore, patient wearable devices and other networking entities follows unstructured communication format to share their accumulated data in the network, which makes them susceptible to manifold security threats. Considering the significance of these applications, data acquisition, processing, storage, and assessment on client and remote sides need a high standard of secure communication infrastructure. Therefore, security of these applications is one of the major obstacles that prevent their widespread use in different healthcare domains. To discuss different security constraints, in this paper, we present a comprehensive survey of the theoretical literature from 2015-to-2023 to highlight the unresolved security problems of this emerging technology. Based on the evaluated literature pros and cons, we determine the security requirements and challenges of Healthcare-IoT (HC-IoT) applications. Following this, we demonstrate future research directions that could be useful for the researchers and industry stakeholders working in this domain. To demonstrate the uniqueness of this work and claim its contribution, we compare our work section-wise with previously published papers to answer the question of reviewers, editors, students, and readers, why this review article is required in the presence of already published review articles.
... The generated models can be analyzed to find the crucial most attack points that need immediate attention from the security team. These crucial attack points need to be secured to get the best return on security investment [7,8,36]. ...
... Existing research uses various optimization techniques to find the best possible defenses within budget [31,30,24,13,26,7,8,36,5,2,19], but they have not included the "hardened core and monitored perimeter" in the strategy. Due to that deficiency, those methods will fall short in choosing the best defenses. ...
... In [38], the authors take maximum vulnerability coverage as the main factor, and a stochastic programming-based solution is proposed. Countermeasures can be selected in such a way that the maximum number of attacks can be countered in the high risk attack paths [7,8,36]. Business scenarios can also be added to find out the impact of attacks. Business impact analysis can help determine the network's riskiest assets. ...
In today’s IT enterprises, security strategy determination has become exponentially complex with the increasing complexity of the network infrastructure. Various types of defenses are available with a security administrator, viz., harden, detect, isolate, deceive, and evict. These defenses have their specific purposes. Separate strategies are required for implementing each type of defense in the context of an enterprise network. The existing defense strategy selection schemes do not have explicit strategies for different classes of defenses. In this paper, we propose two separate strategies to determine the point of deployment of harden and detect defenses. These strategies would be useful in providing a better return on security investments.
... Wu et al. (2016) focused on the interdependence of system vulnerabilities and used the vulnerability dependency graph to quantify the security risk in cyber-physical systems [38]. George and Thampi (2018) suggested a graph-based framework to mitigate the vulnerability exploitation risk in Industrial Internet of Things (IIoT) networks, which produced attack graphs to represent the relationships among vulnerabilities and targets in the IIoT network and measured the security threat between a given source and a target in the network [39]. Al Ghazo et al. (2019) proposed a model-checking-based automated attack graph generator and visualizer for CPS and IoT systems to analyze how threat actors can exploit interdependencies among existing vulnerabilities [40]. ...
Identifying, analyzing, and evaluating cybersecurity risks is essential to devise effective decision-making strategies to secure critical manufacturing against potential cyberattacks. However, a manufacturing-specific quantitative approach to effectively model threat events and evaluate the unique cybersecurity risks in discrete manufacturing systems is lacking. In response, this paper introduces the first taxonomy-driven graph-theoretic model and framework to formally represent this unique cybersecurity threat landscape and identify vulnerable manufacturing assets requiring prioritized control. First, the proposed framework characterizes threat actors' techniques, tactics, and procedures using taxonomical classifications of manufacturing-specific threat attributes and integrates these attributes into cybersecurity risk modeling. This facilitates systematic generation of comprehensive and generalizable cyber-physical attack graphs for discrete manufacturing systems. Second, using the attack graph formalism, the proposed framework enables concurrent modeling and analysis of a wide variety of cybersecurity threats comprising varying attack vectors, locations, vulnerabilities, and consequences. The risk model captures the cascading attack impact of varying attack methods through different cyber and physical entities in manufacturing systems, leading to specific consequences. Then, the constructed cyber-physical attack graphs are analyzed to comprehend threat propagation through the discrete manufacturing value chain and identify potential attack paths. Third, a quantitative risk assessment approach is presented to evaluate the cybersecurity risk associated with potential attack paths. It also identifies the attack path with the maximum likelihood of success, pointing out critical manufacturing assets requiring prioritized control. Finally, the proposed risk modeling and assessment framework is demonstrated using an illustrative example.
... IoT devices are conquering diverse application fields, namely smart homes, military, transportation, industry, etc. [72]. IIoT is the innovative endeavor to fabricate a smart manufacturing eco-system by implementing the advantages of IoT into industrial process management [24]. This technology is as well a component of maintainable and as well smart cities infrastructure particularly in an industrial division termed the IIoT. ...
Recently, the Internet of Thing’s (IoT’s) rising popularity is offering a promising opportunity not just aimed at the diverse home automation systems’ expansion however as well aimed at diverse industrial applications. By leveraging these advantages, automation is implemented in the industries resulting in the Industrial IoT (IIoT). Even though IoT/IIoT simplifies the daily activities that benefit human operations, they cause severe security challenges that are worth focusing on. Consequently, IoT/IIoT yields effective and efficient solutions by implementing an Intrusion Detection System (IDS). The IDS is a solution aimed at addressing the security and privacy challenges of detecting diverse IoT/IIoT attacks. Diverse IDS methodologies are employed aimed at identifying intrusion within the data however still require enhancement on the detection system. A literature survey regarding the IDS in the IoT/IIoT topic is offered that largely concentrated on the research’s present state by evaluating the literature, discovering the existent trends, and offering open problems and upcoming directions.
... For example, the use of a threat modelling phase requires exploitable vulnerabilities and how these link to threat actors [40]. In other papers, vulnerability identification is undertaken by using various knowledge bases and methodologies that may also be used for threats, such as OWASP [51,64], NVD [50], CRAMM (CCTA Risk Analysis and Management Method) [49], the MITRE CVE list [53,54], and STRIDE [42,59,71]. ...
... Vulnerabilities may be simplified into classifications based on risk-related attributes. For example, George and Thampi [53,54] categorise vulnerabilities into software weaknesses and insecure configurations for devices and networks, while Garcia et al. [52] propose eight vulnerability types for general IoT domains. Within the work of James [57], vulnerabilities are associated within a single or multi-state state attack, where more complex attacks exploit vulnerabilities to have multiple outcomes. ...
... Cyber IoT vulnerabilities can be gathered from knowledge bases, with OWASP, NVD, and the MITRE CVE list being some of the most common. However, these bases are not always applicable to all IoT domains; works like those of George and Thampi [53,54] and Garcia et al. [52] use proposed classifications to overcome this. Moreover, IoT knowledge bases need to be consciously updated due to new vulnerabilities, with unknown vulnerabilities [62] making it difficult to predict the next IoT weakness. ...
The Internet of Things (IoT) continues to grow at a rapid pace, becoming integrated into the daily operations of individuals and organisations. IoT systems automate crucial services within daily life that users may rely on, which makes the assurance of security towards entities such as devices and information even more significant. In this paper, we present a comprehensive survey of papers that model cyber risk management processes within the context of IoT, and provide recommendations for further work. Using 39 collected papers, we studied IoT cyber risk management frameworks against four research questions that delve into cyber risk management concepts and human-orientated vulnerabilities. The importance of this work being human-driven is to better understand how individuals can affect risk and the ways that humans can be impacted by attacks within different IoT domains. Through the analysis, we identified open areas for future research and ideas that researchers should consider.
... The disadvantage is that firewalls may not be able to prevent all attacks, such as APT attackers who may use disguised traffic or application-based attacks. Vulnerability management refers to the timely discovery and repair of vulnerabilities in the system to avoid APT attacks [28,29]. This method requires continuous vulnerability scanning and management and timely patching, but this may take a lot of time and effort, and attackers may find new vulnerabilities to attack the system. ...
The industrial internet of things (IIoT) is a key pillar of the intelligent society, integrating traditional industry with modern information technology to improve production efficiency and quality. However, the IIoT also faces serious challenges from advanced persistent threats (APTs), a stealthy and persistent method of attack that can cause enormous losses and damages. In this paper, we give the definition and development of APTs. Furthermore, we examine the types of APT attacks that each layer of the four-layer IIoT reference architecture may face and review existing defense techniques. Next, we use several models to model and analyze APT activities in IIoT to identify their inherent characteristics and patterns. Finally, based on a thorough discussion of IIoT security issues, we propose some open research topics and directions.
