Special Issue "Cyber Security of Critical Infrastructures"

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: 20 August 2021.

Special Issue Editors

Dr. Leandros Maglaras
E-Mail Website
Guest Editor
Dr. Ioanna Kantzavelou
E-Mail Website
Guest Editor
Department of Informatics and Computer Engineering, University of West Attica, Athens, Greece
Interests: IT security; cybersecurity; intrusion detection in information and communication systems; attacker profiling; attack modeling; game theory
Special Issues and Collections in MDPI journals
Dr. Mohamed Amine Ferrag
E-Mail Website
Guest Editor
Department of Computer Science, Guelma University, Guelma, Algeria
Interests: agricultural internet of things; wireless network security; network coding security; applied cryptography
Special Issues and Collections in MDPI journals

Special Issue Information

Critical infrastructures are vital assets for public safety, economic welfare, and the national security of countries. Vulnerabilities of critical infrastructures have increased with the widespread use of information technologies. As Critical National Infrastructures are becoming more vulnerable to cyberattacks, their protection becomes a significant issue for any organization as well as nation. The risks to continued operations from failing to upgrade aging infrastructure or not meeting mandated regulatory regimes are considered higher given the demonstrable impact of such circumstances.

Due to the rapid increase of sophisticated cyber threats targeting critical infrastructures with significant destructive effects, the cyber security of critical infrastructures has become an agenda item for academics, practitioners, and policy makers. A holistic view which covers technical, policy, human, and behavioral aspects is essential to handle cyber security of critical infrastructures effectively. Moreover, the ability to attribute crimes to criminals is a vital element of avoiding impunity in cyberspace.

In this Special Issue, both research and practical aspects of cyber security considerations in critical infrastructures are of interest. Aligned with the interdisciplinary nature of cyber security, authors from academia, government, and industry are welcome to contribute.

We seek original and high-quality submissions on, but not limited to, one or more of the following topics:

  • Security of the smart grid;
  • Security of supervisory control and data acquisition (SCADA) systems;
  • Cyber security of complex and distributed critical infrastructures;
  • Cyber security of industrial control systems;
  • Cyber security modeling and simulation;
  • Cyber threat modeling and analysis;
  • Safety-security interactions;
  • Cyber security engineering;
  • Behavioral modeling;
  • Network security and protocols;
  • Security, privacy, and legal issues of big data and the Internet of Things;
  • Cyber threat intelligence;
  • Situational awareness;
  • Attack modeling, prevention, mitigation, and defense;
  • Cyberphysical systems security approaches and algorithms;
  • Critical infrastructure security policies, standards and regulations;
  • Vulnerability and risk assessment methodologies for distributed critical infrastructures;
  • Risk management and cyber insurance;
  • Simulation and test beds for the security evaluation of critical infrastructures;
  • Resiliency and security of cyber systems;
  • Cyber security and privacy policy;
  • Hardware security solutions;
  • Incident response;
  • Encryption, authentication, availability assurance;
  • Human awareness and training;
  • Intrusion detection;
  • Trust and privacy;
  • Secure communication protocols;
  • Malware analysis;
  • Attribution of cyberattacks;
  • Cyber warfare, peacekeeping;
  • Hybrid war…
Dr. Leandros Maglaras
Asst. Prof. Ioanna Kantzavelou
Dr. Mohamed Amine Ferrag
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (11 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Article
Privacy Preserving Face Recognition in Cloud Robotics: A Comparative Study
Appl. Sci. 2021, 11(14), 6522; https://doi.org/10.3390/app11146522 - 15 Jul 2021
Viewed by 173
Abstract
Real-time robotic applications encounter the robot on board resources’ limitations. The speed of robot face recognition can be improved by incorporating cloud technology. However, the transmission of data to the cloud servers exposes the data to security and privacy attacks. Therefore, encryption algorithms [...] Read more.
Real-time robotic applications encounter the robot on board resources’ limitations. The speed of robot face recognition can be improved by incorporating cloud technology. However, the transmission of data to the cloud servers exposes the data to security and privacy attacks. Therefore, encryption algorithms need to be set up. This paper aims to study the security and performance of potential encryption algorithms and their impact on the deep-learning-based face recognition task’s accuracy. To this end, experiments are conducted for robot face recognition through various deep learning algorithms after encrypting the images of the ORL database using cryptography and image-processing based algorithms. Full article
(This article belongs to the Special Issue Cyber Security of Critical Infrastructures)
Show Figures

Figure 1

Article
Threat Modelling and Beyond-Novel Approaches to Cyber Secure the Smart Energy System
Appl. Sci. 2021, 11(11), 5149; https://doi.org/10.3390/app11115149 - 01 Jun 2021
Viewed by 603
Abstract
Smart Grids (SGs) represent electrical power systems that incorporate increased information processing and efficient technological solutions. The integration of local prosumers, demand response systems and storage allows novel possibilities with regard to energy balancing and optimization of grid operations. Unfortunately, the dependence on [...] Read more.
Smart Grids (SGs) represent electrical power systems that incorporate increased information processing and efficient technological solutions. The integration of local prosumers, demand response systems and storage allows novel possibilities with regard to energy balancing and optimization of grid operations. Unfortunately, the dependence on IT leaves the SG exposed to security violations. In this paper, we contribute to this challenge and provide a methodology for systematic risk assessment of cyber attacks in SG systems. We propose a threat model and identify possible vulnerabilities in low-voltage distribution grids. Then, we calculate exploitation probabilities from realistic attack scenarios. Lastly, we apply formal verification to check the stochastic model against attack properties. The obtained results provide insight into potential threats and the likeliness of successful attacks. We elaborate on the effects of a security violation with regard to security and privacy of energy clients. In the aftermath, we discuss future considerations for improving security in the critical energy sector. Full article
(This article belongs to the Special Issue Cyber Security of Critical Infrastructures)
Show Figures

Figure 1

Article
Sisyfos: A Modular and Extendable Open Malware Analysis Platform
Appl. Sci. 2021, 11(7), 2980; https://doi.org/10.3390/app11072980 - 26 Mar 2021
Viewed by 378
Abstract
Sisyfos is a modular and extensible platform for malware analysis; it addresses multiple operating systems, including critical infrastructure ones. Its purpose is to enable the development and evaluation of new tools as well as the evaluation of malware classifiers. Sisyfos has been developed [...] Read more.
Sisyfos is a modular and extensible platform for malware analysis; it addresses multiple operating systems, including critical infrastructure ones. Its purpose is to enable the development and evaluation of new tools as well as the evaluation of malware classifiers. Sisyfos has been developed based on open software for feature extraction and is available as a stand-alone tool with a web interface but can be integrated into an operational environment with a continuous sample feed. We present the structure and implementation of Sisyfos, which accommodates analysis for Windows, Linux and Android malware. Full article
(This article belongs to the Special Issue Cyber Security of Critical Infrastructures)
Show Figures

Figure 1

Article
Post Quantum Cryptographic Keys Generated with Physical Unclonable Functions
Appl. Sci. 2021, 11(6), 2801; https://doi.org/10.3390/app11062801 - 21 Mar 2021
Viewed by 541
Abstract
Lattice and code cryptography can replace existing schemes such as elliptic curve cryptography because of their resistance to quantum computers. In support of public key infrastructures, the distribution, validation and storage of the cryptographic keys is then more complex for handling longer keys. [...] Read more.
Lattice and code cryptography can replace existing schemes such as elliptic curve cryptography because of their resistance to quantum computers. In support of public key infrastructures, the distribution, validation and storage of the cryptographic keys is then more complex for handling longer keys. This paper describes practical ways to generate keys from physical unclonable functions, for both lattice and code-based cryptography. Handshakes between client devices containing the physical unclonable functions (PUFs) and a server are used to select sets of addressable positions in the PUFs, from which streams of bits called seeds are generated on demand. The public and private cryptographic key pairs are computed from these seeds together with additional streams of random numbers. The method allows the server to independently validate the public key generated by the PUF, and act as a certificate authority in the network. Technologies such as high performance computing, and graphic processing units can further enhance security by preventing attackers from making this independent validation when only equipped with less powerful computers. Full article
(This article belongs to the Special Issue Cyber Security of Critical Infrastructures)
Show Figures

Figure 1

Article
Cyber Ranges and TestBeds for Education, Training, and Research
Appl. Sci. 2021, 11(4), 1809; https://doi.org/10.3390/app11041809 - 18 Feb 2021
Cited by 1 | Viewed by 724
Abstract
In recent years, there has been a growing demand for cybersecurity experts, and, according to predictions, this demand will continue to increase. Cyber Ranges can fill this gap by combining hands-on experience with educational courses, and conducting cybersecurity competitions. In this paper, we [...] Read more.
In recent years, there has been a growing demand for cybersecurity experts, and, according to predictions, this demand will continue to increase. Cyber Ranges can fill this gap by combining hands-on experience with educational courses, and conducting cybersecurity competitions. In this paper, we conduct a systematic survey of ten Cyber Ranges that were developed in the last decade, with a structured interview. The purpose of the interview is to find details about essential components, and especially the tools used to design, create, implement and operate a Cyber Range platform, and to present the findings. Full article
(This article belongs to the Special Issue Cyber Security of Critical Infrastructures)
Show Figures

Figure 1

Article
Detecting Vulnerabilities in Critical Infrastructures by Classifying Exposed Industrial Control Systems Using Deep Learning
Appl. Sci. 2021, 11(1), 367; https://doi.org/10.3390/app11010367 - 01 Jan 2021
Cited by 1 | Viewed by 862
Abstract
Industrial control systems depend heavily on security and monitoring protocols. Several tools are available for this purpose, which scout vulnerabilities and take screenshots of various control panels for later analysis. However, they do not adequately classify images into specific control groups, which is [...] Read more.
Industrial control systems depend heavily on security and monitoring protocols. Several tools are available for this purpose, which scout vulnerabilities and take screenshots of various control panels for later analysis. However, they do not adequately classify images into specific control groups, which is crucial for security-based tasks performed by manual operators. To solve this problem, we propose a pipeline based on deep learning to classify snapshots of industrial control panels into three categories: internet technologies, operation technologies, and others. More specifically, we compare the use of transfer learning and fine-tuning in convolutional neural networks (CNNs) pre-trained on ImageNet to select the best CNN architecture for classifying the screenshots of industrial control systems. We propose the critical infrastructure dataset (CRINF-300), which is the first publicly available information technology (IT)/operational technology (OT) snapshot dataset, with 337 manually labeled images. We used the CRINF-300 to train and evaluate eighteen different pipelines, registering their performance under CPU and GPU environments. We found out that the Inception-ResNet-V2 and VGG16 architectures obtained the best results on transfer learning and fine-tuning, with F1-scores of 0.9832 and 0.9373, respectively. In systems where time is critical and the GPU is available, we recommend using the MobileNet-V1 architecture, with an average time of 0.03 s to process an image and with an F1-score of 0.9758. Full article
(This article belongs to the Special Issue Cyber Security of Critical Infrastructures)
Show Figures

Figure 1

Article
On Combining Static, Dynamic and Interactive Analysis Security Testing Tools to Improve OWASP Top Ten Security Vulnerability Detection in Web Applications
Appl. Sci. 2020, 10(24), 9119; https://doi.org/10.3390/app10249119 - 20 Dec 2020
Viewed by 872
Abstract
The design of the techniques and algorithms used by the static, dynamic and interactive security testing tools differ. Therefore, each tool detects to a greater or lesser extent each type of vulnerability for which they are designed for. In addition, their different designs [...] Read more.
The design of the techniques and algorithms used by the static, dynamic and interactive security testing tools differ. Therefore, each tool detects to a greater or lesser extent each type of vulnerability for which they are designed for. In addition, their different designs mean that they have different percentages of false positives. In order to take advantage of the possible synergies that different analysis tools types may have, this paper combines several static, dynamic and interactive analysis security testing tools—static white box security analysis (SAST), dynamic black box security analysis (DAST) and interactive white box security analysis (IAST), respectively. The aim is to investigate how to improve the effectiveness of security vulnerability detection while reducing the number of false positives. Specifically, two static, two dynamic and two interactive security analysis tools will be combined to study their behavior using a specific benchmark for OWASP Top Ten security vulnerabilities and taking into account various scenarios of different criticality in terms of the applications analyzed. Finally, this study analyzes and discuss the values of the selected metrics applied to the results for each n-tools combination. Full article
(This article belongs to the Special Issue Cyber Security of Critical Infrastructures)
Show Figures

Figure 1

Article
A Study on the Concept of Using Efficient Lightweight Hash Chain to Improve Authentication in VMF Military Standard
Appl. Sci. 2020, 10(24), 8999; https://doi.org/10.3390/app10248999 - 16 Dec 2020
Viewed by 446
Abstract
Authentication algorithms in the form of cryptographic schemes, such as the Secure Hash Algorithm 1 (SHA-1) and the digital signature algorithm (DSA), specified in the current variable message format (VMF) military standard have numerous reliability-related limitations when applied to tactical data link (TDL) [...] Read more.
Authentication algorithms in the form of cryptographic schemes, such as the Secure Hash Algorithm 1 (SHA-1) and the digital signature algorithm (DSA), specified in the current variable message format (VMF) military standard have numerous reliability-related limitations when applied to tactical data link (TDL) and multi-TDL networks (MTN). This is because TDL and MTN require maximum tactical security, communication integrity, and low network overhead based on many protocol header bits for rapid communication with limited network resources. The application of such authentication algorithms to TDL and MTN in a rapidly changing battlefield environment without reinforcement measures will lead to functional weaknesses and vulnerabilities when high-level digital-covert activities and deception tactics are implemented. Consequently, the existing VMF authentication scheme must be improved to secure transmission integrity, lower network transaction, and receive authentication tactical information in VMF-based combat network radio (CNR) networks. Therefore, in this study, a tactical wireless ad hoc network topology, similar to that of the existing CNRs, is considered, and a lightweight multi-factor hash chain-based authentication scheme that includes a time-based one-time password (T-OTP) for network overhead reduction and terminal authentication is proposed, coupled with exception handling. The proposed method enhances the confidentiality of tactical message exchanges and reduces unnecessary network transactions and transmission bits for authentication flows between real-time military terminals owned by squads, while ensuring robustness in limited battlefields. Based on these approaches, in the future, we intend to increase the authentication reliability between wireless terminals in the Korean variable message format (KVMF)-based CNR networks based on the Korean Army Corps network scenarios. Full article
(This article belongs to the Special Issue Cyber Security of Critical Infrastructures)
Show Figures

Figure 1

Article
Modern Aspects of Cyber-Security Training and Continuous Adaptation of Programmes to Trainees
Appl. Sci. 2020, 10(16), 5702; https://doi.org/10.3390/app10165702 - 17 Aug 2020
Cited by 2 | Viewed by 1099
Abstract
Nowadays, more-and-more cyber-security training is emerging as an essential process for the lifelong personnel education in organizations, especially for those which operate critical infrastructures. This is due to security breaches on popular services that become publicly known and raise people’s security awareness. Except [...] Read more.
Nowadays, more-and-more cyber-security training is emerging as an essential process for the lifelong personnel education in organizations, especially for those which operate critical infrastructures. This is due to security breaches on popular services that become publicly known and raise people’s security awareness. Except from large organizations, small-to-medium enterprises and individuals need to keep their knowledge on the related topics up-to-date as a means to protect their business operation or to obtain professional skills. Therefore, the potential target-group may range from simple users, who require basic knowledge on the current threat landscape and how to operate the related defense mechanisms, to security experts, who require hands-on experience in responding to security incidents. This high diversity makes training and certification quite a challenging task. This study combines pedagogical practices and cyber-security modelling in an attempt to support dynamically adaptive training procedures. The training programme is initially tailored to the trainee’s needs, promoting the continuous adaptation to his/her performance afterwards. As the trainee accomplishes the basic evaluation tasks, the assessment starts involving more advanced features that demand a higher level of understanding. The overall method is integrated in a modern cyber-ranges platform, and a pilot training programme for smart shipping employees is presented. Full article
(This article belongs to the Special Issue Cyber Security of Critical Infrastructures)
Show Figures

Figure 1

Article
A Holistic Cybersecurity Maturity Assessment Framework for Higher Education Institutions in the United Kingdom
Appl. Sci. 2020, 10(10), 3660; https://doi.org/10.3390/app10103660 - 25 May 2020
Cited by 5 | Viewed by 1954
Abstract
As organisations are vulnerable to cyberattacks, their protection becomes a significant issue. Capability Maturity Models can enable organisations to benchmark current maturity levels against best practices. Although many maturity models have been already proposed in the literature, a need for models that integrate [...] Read more.
As organisations are vulnerable to cyberattacks, their protection becomes a significant issue. Capability Maturity Models can enable organisations to benchmark current maturity levels against best practices. Although many maturity models have been already proposed in the literature, a need for models that integrate several regulations exists. This article presents a light, web-based model that can be used as a cybersecurity assessment tool for Higher Education Institutes (HEIs) of the United Kingdom. The novel Holistic Cybersecurity Maturity Assessment Framework incorporates all security regulations, privacy regulations, and best practices that HEIs must be compliant to, and can be used as a self assessment or a cybersecurity audit tool. Full article
(This article belongs to the Special Issue Cyber Security of Critical Infrastructures)
Show Figures

Figure 1

Article
A Multi-Tier Streaming Analytics Model of 0-Day Ransomware Detection Using Machine Learning
Appl. Sci. 2020, 10(9), 3210; https://doi.org/10.3390/app10093210 - 04 May 2020
Cited by 1 | Viewed by 846
Abstract
Desktop and portable platform-based information systems become the most tempting target of crypto and locker ransomware attacks during the last decades. Hence, researchers have developed anti-ransomware tools to assist the Windows platform at thwarting ransomware attacks, protecting the information, preserving the users’ privacy, [...] Read more.
Desktop and portable platform-based information systems become the most tempting target of crypto and locker ransomware attacks during the last decades. Hence, researchers have developed anti-ransomware tools to assist the Windows platform at thwarting ransomware attacks, protecting the information, preserving the users’ privacy, and securing the inter-related information systems through the Internet. Furthermore, they utilized machine learning to devote useful anti-ransomware tools that detect sophisticated versions. However, such anti-ransomware tools remain sub-optimal in efficacy, partial to analyzing ransomware traits, inactive to learn significant and imbalanced data streams, limited to attributing the versions’ ancestor families, and indecisive about fusing the multi-descent versions. In this paper, we propose a hybrid machine learner model, which is a multi-tiered streaming analytics model that classifies various ransomware versions of 14 families by learning 24 static and dynamic traits. The proposed model classifies ransomware versions to their ancestor families numerally and fuses those of multi-descent families statistically. Thus, it classifies ransomware versions among 40K corpora of ransomware, malware, and good-ware versions through both semi-realistic and realistic environments. The supremacy of this ransomware streaming analytics model among competitive anti-ransomware technologies is proven experimentally and justified critically with the average of 97% classification accuracy, 2.4% mistake rate, and 0.34% miss rate under comparative and realistic test. Full article
(This article belongs to the Special Issue Cyber Security of Critical Infrastructures)
Show Figures

Figure 1

Back to TopTop