Cyber Threats to Industrial IoT: A Survey on Attacks and Countermeasures

In today’s Industrial Internet of Things (IIoT) environment, where different systems interact with the physical world, the state proposed by the Industry 4.0 standards can lead to escalating vulnerabilities, especially when these systems receive data streams from multiple intermediaries, requiring multilevel security approaches, in addition to link encryption. At the same time taking into account the heterogeneity of the systems included in the IIoT ecosystem and the non-institutionalized interoperability in terms of hardware and software, serious issues arise as to how to secure these systems. In this framework, given that the protection of industrial equipment is a requirement inextricably linked to technological developments and the use of the IoT, it is important to identify the major vulnerabilities and the associated risks and threats and to suggest the most appropriate countermeasures. In this context, this study provides a description of the attacks against IIoT systems, as well as a thorough analysis of the solutions for these attacks, as they have been proposed in the most recent literature.

[1]  Muna Al-Hawawreh,et al.  Leveraging Deep Learning Models for Ransomware Detection in the Industrial Internet of Things Environment , 2019, 2019 Military Communications and Information Systems Conference (MilCIS).

[2]  Changhe Yuan,et al.  Diversity in Neural Architecture Search , 2020, 2020 International Joint Conference on Neural Networks (IJCNN).

[3]  Mohammed Mahmudur Rahman,et al.  A comparative study of WLAN security protocols: WPA, WPA2 , 2015, 2015 International Conference on Advances in Electrical Engineering (ICAEE).

[4]  Mostafa Belkasmi,et al.  Internet of Things Security: Layered classification of attacks and possible Countermeasures , 2016 .

[5]  Saurabh Bilgaiyan,et al.  Curbing Distributed Denial of Service attack by traffic filtering in Wireless Sensor Network , 2014, Fifth International Conference on Computing, Communications and Networking Technologies (ICCCNT).

[6]  Quanyan Zhu,et al.  RIoTS: Risk Analysis of IoT Supply Chain Threats , 2020, 2020 IEEE 6th World Forum on Internet of Things (WF-IoT).

[7]  Polina Repp Diagnostics and assessment of the industrial network security expert system , 2017, 2017 International Conference on Industrial Engineering, Applications and Manufacturing (ICIEAM).

[8]  Li Deng,et al.  Intrusion Detection Method Based on Support Vector Machine Access of Modbus TCP Protocol , 2016, 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[9]  Wei Huang,et al.  Research on Network Security Attack Detection Algorithm in Smart Grid System , 2018, 2018 IEEE International Conference of Safety Produce Informatization (IICSPI).

[10]  Roberto Tron,et al.  Resilience of Multi-robot Systems to Physical Masquerade Attacks , 2019, 2019 IEEE Security and Privacy Workshops (SPW).

[11]  Paul Tavolato,et al.  Detection of Man-in-the-Middle Attacks on Industrial Control Networks , 2016, 2016 International Conference on Software Security and Assurance (ICSSA).

[12]  Konstantinos Demertzis,et al.  A Hybrid Network Anomaly and Intrusion Detection Approach Based on Evolving Spiking Neural Network Classification , 2013, e-Democracy.

[13]  Erdal Irmak,et al.  An overview of cyber-attack vectors on SCADA systems , 2018, 2018 6th International Symposium on Digital Forensic and Security (ISDFS).

[14]  Rui Zhang,et al.  Active eavesdropping via spoofing relay attack , 2015, 2016 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[15]  Klaus Wehrle,et al.  Challenges and Opportunities in Securing the Industrial Internet of Things , 2020, IEEE Transactions on Industrial Informatics.

[16]  Albert Y. Zomaya,et al.  An Industrial Network Intrusion Detection Algorithm Based on Multifeature Data Clustering Optimization Model , 2020, IEEE Transactions on Industrial Informatics.

[17]  The Industrial Internet of Things Volume G1: Reference Architecture , 2019 .

[18]  Konstantinos Demertzis,et al.  The Next Generation Cognitive Security Operations Center: Network Flow Forensics Using Cybersecurity Intelligence , 2018, Big Data Cogn. Comput..

[19]  Rayford B. Vaughn,et al.  Phighting the Phisher: Using Web Bugs and Honeytokens to Investigate the Source of Phishing Attacks , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[20]  Ian P. Turnipseed,et al.  Industrial Control System Simulation and Data Logging for Intrusion Detection System Research , 2015 .

[21]  Xiangjian He,et al.  Detection of Denial-of-Service Attacks Based on Computer Vision Techniques , 2015, IEEE Transactions on Computers.

[22]  Konstantinos Demertzis,et al.  MOLESTRA: A Multi-Task Learning Approach for Real-Time Big Data Analytics , 2018, 2018 Innovations in Intelligent Systems and Applications (INISTA).

[23]  Nuno Pereira,et al.  Security and Privacy in the Industrial Internet of Things: Current Standards and Future Challenges , 2020, IEEE Access.

[24]  Masood Parvania,et al.  Cloud Based Intrusion Detection and Prevention System for Industrial Control Systems Using Software Defined Networking , 2019, 2019 Resilience Week (RWS).

[26]  Emilio Tissato Nakamura,et al.  A Privacy, Security, Safety, Resilience and Reliability Focused Risk Assessment Methodology for IIoT Systems Steps to Build and Use Secure IIoT Systems , 2018, 2018 Global Internet of Things Summit (GIoTS).

[27]  Budi Rahardjo,et al.  Attack scenarios and security analysis of MQTT communication protocol in IoT system , 2017, 2017 4th International Conference on Electrical Engineering, Computer Science and Informatics (EECSI).

[28]  Anuroop Gaddam,et al.  Anomaly Detection Models for Detecting Sensor Faults and Outliers in the IoT - A Survey , 2019, 2019 13th International Conference on Sensing Technology (ICST).

[29]  Jose M. Such,et al.  Understanding Security Requirements for Industrial Control System Supply Chains , 2019, 2019 IEEE/ACM 5th International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS).

[30]  Mohamed Amine Ferrag,et al.  Authentication Protocols for Internet of Things: A Comprehensive Survey , 2016, Secur. Commun. Networks.

[31]  Udo Kannengiesser,et al.  Towards viewpoint-oriented engineering for Industry 4.0: A standards-based approach , 2018, 2018 IEEE Industrial Cyber-Physical Systems (ICPS).

[32]  P. Balamuralidhar,et al.  Secure MQTT for Internet of Things (IoT) , 2015, 2015 Fifth International Conference on Communication Systems and Network Technologies.

[33]  Vinod Yegneswaran,et al.  BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation , 2007, USENIX Security Symposium.

[34]  Rosilah Hassan,et al.  IPv6 Neighbor Discovery Protocol Specifications, Threats and Countermeasures: A Survey , 2017, IEEE Access.

[35]  Félix Antonio Barrio Juárez Cybersecurity in an Industrial Internet of Things Environment (IIoT) Challenges for Standards Systems and Evaluation Models , 2019, 2019 8th International Conference On Software Process Improvement (CIMPS).

[36]  David De Roure,et al.  The Industrial Internet of Things in the Industry 4.0 supply chains: literature review and future trends , 2019, ArXiv.

[37]  Naofal Al-Dhahir,et al.  Impact of Passive and Active Security Attacks on MIMO Smart Grid Communications , 2019, IEEE Systems Journal.

[38]  Pavol Zavarsky,et al.  Deep Packet Inspection in Industrial Automation Control System to Mitigate Attacks Exploiting Modbus/TCP Vulnerabilities , 2020, 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS).

[39]  Marc Dacier,et al.  Insights on the Security and Dependability of Industrial Control Systems , 2014, IEEE Security & Privacy.

[40]  F. Richard Yu,et al.  Industrial Internet: A Survey on the Enabling Technologies, Applications, and Challenges , 2017, IEEE Communications Surveys & Tutorials.

[41]  Francesco Palmieri,et al.  Introducing Fraudulent Energy Consumption in Cloud Infrastructures: A New Generation of Denial-of-Service Attacks , 2017, IEEE Systems Journal.

[42]  Konstantinos Demertzis,et al.  Identifying data streams anomalies by evolving spiking restricted Boltzmann machines , 2019, Neural Computing and Applications.

[43]  Nicholas Kolokotronis,et al.  A Novel Online Incremental Learning Intrusion Prevention System , 2019, 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS).

[44]  Ali Dehghantanha,et al.  Leveraging Machine Learning Techniques for Windows Ransomware Network Traffic Detection , 2018, ArXiv.

[45]  Antonella Santone,et al.  Real-Time SCADA Attack Detection by Means of Formal Methods , 2019, 2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE).

[46]  Luying Zhou,et al.  Anomaly Detection Methods for IIoT Networks , 2018, 2018 IEEE International Conference on Service Operations and Logistics, and Informatics (SOLI).

[47]  Sumayah Al-Rabiaah,et al.  The “Stuxnet” Virus of 2010 As an Example of A “APT” and Its “Recent” Variances , 2018, 2018 21st Saudi Computer Society National Computer Conference (NCC).

[48]  Tseng Aragorn,et al.  Deep Learning for Ransomware Detection , 2016 .

[49]  Raheem Beyah,et al.  Temporal Execution Behavior for Host Anomaly Detection in Programmable Logic Controllers , 2020, IEEE Transactions on Information Forensics and Security.

[50]  Frédéric Le Mouël,et al.  A survey of IoT protocols and their security issues through the lens of a generic IoT stack , 2020, Internet Things.

[51]  Krzysztof Kolowrocki,et al.  Critical Infrastructure Safety Indicators , 2018, 2018 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM).

[52]  Anne Remke,et al.  A Parser for Deep Packet Inspection of IEC-104: A Practical Solution for Industrial Applications , 2019, 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks – Industry Track.

[53]  Lei Zhang,et al.  A Case Study of Anomaly Detection in Industrial Environments , 2019, 2019 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC).

[54]  Taha Selim Ustun,et al.  A Novel Approach for Mitigation of Replay and Masquerade Attacks in Smartgrids Using IEC 61850 Standard , 2019, IEEE Access.

[55]  Pál Varga,et al.  Security threats and issues in automation IoT , 2017, 2017 IEEE 13th International Workshop on Factory Communication Systems (WFCS).

[56]  Shambhu J. Upadhyaya,et al.  PHONEY: mimicking user response to detect phishing attacks , 2006, 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks(WoWMoM'06).

[57]  Konstantinos Demertzis,et al.  Anomaly detection via blockchained deep learning smart contracts in industry 4.0 , 2020, Neural Computing and Applications.

[58]  Irfan Siddavatam,et al.  Reconnaissance of Industrial Control System by deep packet inspection , 2016, 2016 IEEE International Conference on Engineering and Technology (ICETECH).

[59]  Cédric Fournet,et al.  Cinderella: Turning Shabby X.509 Certificates into Elegant Anonymous Credentials with the Magic of Verifiable Computation , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[60]  Lawrence K. Saul,et al.  Beyond blacklists: learning to detect malicious web sites from suspicious URLs , 2009, KDD.

[61]  Jie Wu,et al.  A Capacity-Aware Distributed Denial-of-Service Attack in Low-Power and Lossy Networks , 2019, 2019 IEEE 40th Sarnoff Symposium.

[62]  Baojiang Cui,et al.  Learning URL Embedding for Malicious Website Detection , 2020, IEEE Transactions on Industrial Informatics.

[63]  Béla Genge,et al.  Anomaly Detection in Aging Industrial Internet of Things , 2019, IEEE Access.

[64]  W. Eddy Defenses Against TCP SYN Flooding Attacks , 2007 .

[65]  F. Sandu,et al.  Solutions for deep packet inspection in industrial communications , 2016, 2016 International Conference on Communications (COMM).

[66]  Zhong Fan,et al.  Anomaly Detection for IoT Time-Series Data: A Survey , 2020, IEEE Internet of Things Journal.

[67]  Michail Maniatakos,et al.  The Cybersecurity Landscape in Industrial Control Systems , 2016, Proceedings of the IEEE.

[68]  Sakir Sezer,et al.  A Multi-Classifier Network-Based Crypto Ransomware Detection System: A Case Study of Locky Ransomware , 2019, IEEE Access.

[69]  Lu Xu,et al.  AutoGesNet: Auto Gesture Recognition Network Based on Neural Architecture Search , 2020, 2020 12th International Conference on Advanced Computational Intelligence (ICACI).

[70]  Chao-Hsien Lee,et al.  Heterogeneous Industrial IoT Integration for Manufacturing Production , 2019, 2019 International Symposium on Intelligent Signal Processing and Communication Systems (ISPACS).

[71]  Lan Liu,et al.  Research on Security Detection and Data Analysis for Industrial Internet , 2019, 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C).

[72]  Thiemo Voigt,et al.  SVELTE: Real-time intrusion detection in the Internet of Things , 2013, Ad Hoc Networks.

[73]  Imad Fakhri Taha Alshaikhli,et al.  Comparative study on 4G/LTE cryptographic algorithms based on different factors , 2014 .

[74]  Ahmed Serhrouchni,et al.  Analysis of authentication techniques in Internet of Things (IoT) , 2017, 2017 1st Cyber Security in Networking Conference (CSNet).

[75]  Wa'el Hadi,et al.  Detecting Phishing Websites Using Associative Classification , 2013 .

[76]  Simone Raponi,et al.  KaFHCa: Key-establishment via Frequency Hopping Collisions , 2020, ICC 2021 - IEEE International Conference on Communications.

[77]  Alireza Esfahani,et al.  An Efficient Web Authentication Mechanism Preventing Man-In-The-Middle Attacks in Industry 4.0 Supply Chain , 2019, IEEE Access.

[78]  Han Qiu,et al.  Data protection: Combining fragmentation, encryption, and dispersion , 2015, 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC).

[79]  Muna Al-Hawawreh,et al.  Targeted Ransomware: A New Cyber Threat to Edge System of Brownfield Industrial Internet of Things , 2019, IEEE Internet of Things Journal.

[80]  David De Roure,et al.  Cyber risk at the edge: current and future trends on cyber risk analytics and artificial intelligence in the industrial internet of things and industry 4.0 supply chains , 2020, Cybersecur..

[81]  Etienne Stalmans,et al.  A framework for DNS based detection and mitigation of malware infections on a network , 2011, 2011 Information Security for South Africa.

[82]  Quanyan Zhu,et al.  IoT Supply Chain Security: Overview, Challenges, and the Road Ahead , 2019, ArXiv.

[83]  Konstantinos Demertzis,et al.  Gryphon: a semi-supervised anomaly detection system based on one-class evolving spiking neural network , 2019, Neural Computing and Applications.

[84]  Howard Shrobe,et al.  IIoT Cybersecurity Risk Modeling for SCADA Systems , 2018, IEEE Internet of Things Journal.

[85]  Qijun Gu,et al.  Denial of Service Attacks , 2012 .

[86]  Ragib Hasan,et al.  Towards an Analysis of Security Issues, Challenges, and Open Problems in the Internet of Things , 2015, 2015 IEEE World Congress on Services.

[87]  Srinivas Sampalli,et al.  A Survey of Security in SCADA Networks: Current Issues and Future Challenges , 2019, IEEE Access.

[88]  Xing Liu,et al.  Secure Internet of Things (IoT)-Based Smart-World Critical Infrastructures: Survey, Case Study and Research Opportunities , 2019, IEEE Access.

[89]  Sushmita Ruj,et al.  A Comprehensive Survey on Attacks, Security Issues and Blockchain Solutions for IoT and IIoT , 2020, J. Netw. Comput. Appl..

[90]  Ming Hu,et al.  Research on Industrial Internet of Things Security Architecture and Protection Strategy , 2019, 2019 International Conference on Virtual Reality and Intelligent Systems (ICVRIS).

[91]  Charalabos Skianis,et al.  A Survey on Context-Aware Mobile and Wireless Networking: On Networking and Computing Environments' Integration , 2013, IEEE Communications Surveys & Tutorials.

[92]  Houbing Song,et al.  Security of the Internet of Things: Vulnerabilities, Attacks, and Countermeasures , 2019, IEEE Communications Surveys & Tutorials.

[93]  Ki-Hyung Kim,et al.  Industrial control system security framework for ethiopia , 2017, 2017 Ninth International Conference on Ubiquitous and Future Networks (ICUFN).

[94]  A. V. Deorankar,et al.  Survey on Anomaly Detection of (IoT)- Internet of Things Cyberattacks Using Machine Learning , 2020, 2020 Fourth International Conference on Computing Methodologies and Communication (ICCMC).

[95]  Konstantinos Demertzis,et al.  An innovative soft computing system for smart energy grids cybersecurity , 2018 .

[96]  Chunhe Song,et al.  Research on Industrial Control Anomaly Detection Based on FCM and SVM , 2018, 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).

[97]  Minaxi Gupta,et al.  Behind Phishing: An Examination of Phisher Modi Operandi , 2008, LEET.

[98]  Yang Li A Vulnerability Risk Assessment Method for Industrial Control System , 2020, 2020 International Conference on Computer Communication and Network Security (CCNS).

[99]  V. Dobrota,et al.  Denial of Service and Man-in-the-Middle Attacks Against IoT Devices in a GPS-Based Monitoring Software for Intelligent Transportation Systems , 2020, 2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet).

[100]  Daniele Sgandurra,et al.  Automated Dynamic Analysis of Ransomware: Benefits, Limitations and use for Detection , 2016, ArXiv.

[101]  Fabio Martinelli,et al.  R-PackDroid: API package-based characterization and detection of mobile ransomware , 2017, SAC.

[102]  L. Iliadis,et al.  Cognitive Web Application Firewall to Critical Infrastructures Protection from Phishing Attacks , 2019 .

[103]  Dong-Ho Kang,et al.  Cyber threats and defence approaches in SCADA systems , 2014, 16th International Conference on Advanced Communication Technology.

[104]  Jessye Dos Santos,et al.  Security Protocols and Privacy Issues into 6LoWPAN Stack: A Synthesis , 2014, IEEE Internet of Things Journal.

[105]  R. Muraleedharan,et al.  Cross Layer Denial of Service Attacks in Wireless Sensor Network Using Swarm Intelligence , 2006, 2006 40th Annual Conference on Information Sciences and Systems.

[106]  Hsiao-Hwa Chen,et al.  Trust and Reputation Systems for Wireless Sensor Networks , 2009 .

[107]  Vineet Richariya,et al.  Implementing a Web Browser with Phishing Detection Techniques , 2011, ArXiv.

[108]  Konstantinos Demertzis,et al.  A Dynamic Ensemble Learning Framework for Data Stream Analysis and Real-Time Threat Detection , 2018, ICANN.

[109]  Xavier Vilajosana,et al.  An analysis of packet fragmentation impact in LPWAN , 2018, 2018 IEEE Wireless Communications and Networking Conference (WCNC).

[110]  Parikshit N. Mahalle,et al.  Security Issues in IIoT: A Comprehensive Survey of Attacks on IIoT and Its Countermeasures , 2018, 2018 IEEE Global Conference on Wireless Computing and Networking (GCWCN).

[111]  Özgür B. Akan,et al.  Energy efficient network coding-based MAC for cooperative ARQ wireless networks , 2013, Ad Hoc Networks.

[112]  Konstantinos Demertzis,et al.  Evolving Smart URL Filter in a Zone-Based Policy Firewall for Detecting Algorithmically Generated Malicious Domains , 2015, SLDS.

[113]  Shahid Mumtaz,et al.  Massive Internet of Things for Industrial Applications: Addressing Wireless IIoT Connectivity Challenges and Ecosystem Fragmentation , 2017, IEEE Industrial Electronics Magazine.

[114]  Xiaodong Zhu,et al.  Traffic Data Classification to Detect Man-in-the-Middle Attacks in Industrial Control System , 2020, 2019 6th International Conference on Dependable Systems and Their Applications (DSA).

[115]  Zhao Xiang,et al.  Masquerade Detection Using Support Vector Machines in the Smart Grid , 2014, 2014 Seventh International Joint Conference on Computational Sciences and Optimization.

[116]  Geoff Hulten,et al.  Spamming botnets: signatures and characteristics , 2008, SIGCOMM '08.

[117]  Osama A. Mohammed,et al.  Hey, My Malware Knows Physics! Attacking PLCs with Physical Model Aware Rootkit , 2017, NDSS.