Special Issue "Security Threats and Countermeasures in Cyber-Physical Systems"

A special issue of Journal of Sensor and Actuator Networks (ISSN 2224-2708).

Deadline for manuscript submissions: closed (28 February 2021).

Special Issue Editors

Prof. Dr. Paul Watters
E-Mail Website
Guest Editor
PPDP & Associate Professor, Macquarie University, Sydney, Australia
Interests: Examining the links between film piracy and the proliferation of child abuse material online; AI and penetration testing; cybercrime and cyber terrorism; online threats and social harms; malware and ransomware; API security; identity thefts; scams and phishing.
Special Issues and Collections in MDPI journals
Dr. Gregory Epiphaniou
E-Mail Website
Guest Editor
Associate Professor in Security Engineering, WMG, University of Warwick, Coventry CV4 7AL, UK
Interests: cyber resilience; proactive network defence; physical layer security
Special Issues and Collections in MDPI journals
Dr. Pedro Pinto
E-Mail Website
Guest Editor
Instituto Politécnico de Viana do Castelo, 4900-347 Viana do Castelo, ISMAI, and INESC TEC, 4200-465 Porto, Portugal
Interests: wireless and mobile networks; network and system security
Special Issues and Collections in MDPI journals
Prof. Dr. Mohammad Hammoudeh
E-Mail Website
Guest Editor
School of Computing, Math and Digital Technology, Manchester Metropolitan University, Manchester M15 6BH, UK
Interests: wireless sensor networks; Internet of things; wireless ad hoc communications; mobile communications; network security; sensor/actuator networks; cyber–physical systems
Special Issues and Collections in MDPI journals
Dr. A.S.M. Kayes
E-Mail Website
Guest Editor
Department of Computer Science and Information Technology, La Trobe University, Bundoora, VIC 3086, Australia
Interests: different aspects of security, privacy and trust practices to address emergency events such as the COVID-19 outbreak and other e-health measures; data governance and big data applications; Internet of Things and data quality; context-aware access control; data sharing and privacy; security and AI; ransomware detection and defense; IoT security; cloud/fog security
Special Issues and Collections in MDPI journals

Special Issue Information

Dear Colleagues,

Wireless, sensor and actuator technologies are often central to sensing- or communication-critical systems. The last two decades have witnessed a revolution in the design of sensors and actuators that have the capacity to gather, analyse and communicate data wirelessly to drive intelligent actions in the physical world. Such Cyber-Physical Systems (CPS) adds another integration and coordination dimension between the physical and digital worlds. This digital transformation covers manufacturing, critical care, public health, supply chain and various types of smart connected systems. For instance, the smart city concept has gained advantage from new sensing technologies, Internet of Things (IoT), artificial intelligence, cloud computing, big data, smart controllers and adaptive robotics for increasing productivity, fostering industrial growth and shifting economics.

CPS, though still in its infancy, is a fast-moving field with limitless potential. In order to take advantage of what wireless sensor and actuator networks can offer to CPS, many technical challenges have to be overcome before that potential can be achieved. When security is overlooked, CPS can potentially pose serious risks for all stakeholders. There are a large number of potential vulnerabilities and methodologies that are specific to CPS where classical security measures are ineffective. Security advancements have not kept pace with emerging threats to CPS. Security threats targeting the sensing and prediction capabilities of CPS and corresponding countermeasures are an under investigated area in the literature. For example, limited attempts have been made to compact malicious data injection attacks in sensors and adversarial machine learning. Failure to consider such threats and adversarial models may leads to exploitable system designs that could have disastrous consequences.

This Special Issue is dedicated to publishing cutting-edge research focused on addressing the various fundamental technical open security challenges related to CPS or IoT. It particularly focuses on future sensor and actuator technologies in the context of smart cities, intelligent transport and healthcare. It also solicits contributions on secure communication technologies and protocols for artificial intelligence-enabled systems.

Topics of interest include the following:

  1. Secure design and implementation of methodologies of CPS and IoT systems;
  2. Secure communication protocols for machines, actuators, sensors and control systems;
  3. Counter measures to emerging threats to CPS and IoT;
  4. Multi-sensor data fusion to counter sensor data injection attacks;
  5. Predictive data analytics for threat detection in CPS and IoT systems;
  6. Security challenges in SCADA systems;
  7. Security challenges in smart environments;
  8. Secure middleware, frameworks and services for CPS and IoT networks;
  9. Communication security and privacy for IoT and CPS systems;
  10. Artificial intelligence and machine learning for smart CPS and IoT security;
  11. Surveys on security threats and countermeasures in IoT and CPS;
  12. Security in Tactile Internet;
  13. Blockchain applications to CPS and IoT.

Prof. Paul Watters
Dr. Gregory Epiphaniou
Dr. Pedro Pinto
Dr. Mohammad Hammoudeh
Dr. A.S.M. Kayes
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Journal of Sensor and Actuator Networks is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • security
  • threats
  • vulnerabilities
  • cyber-physical systems
  • Internet of Things
  • industrial IoT
  • smart environments

Published Papers (6 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Review

Open AccessArticle
An Approach for Stego-Insider Detection Based on a Hybrid NoSQL Database
J. Sens. Actuator Netw. 2021, 10(2), 25; https://doi.org/10.3390/jsan10020025 - 30 Mar 2021
Viewed by 234
Abstract
One of the reasons for the implementation of information security threats in organizations is the insider activity of its employees. There is a big challenge to detect stego-insiders-employees who create stego-channels to secretly receive malicious information and transfer confidential information across the organization’s [...] Read more.
One of the reasons for the implementation of information security threats in organizations is the insider activity of its employees. There is a big challenge to detect stego-insiders-employees who create stego-channels to secretly receive malicious information and transfer confidential information across the organization’s perimeter. Especially presently, with great popularity of wireless sensor networks (WSNs) and Internet of Things (IoT) devices, there is a big variety of information that could be gathered and processed by stego-insiders. Consequently, the problem arises of identifying such intruders and their transmission channels. The paper proposes an approach to solving this problem. The paper provides a review of the related works in terms of insider models and methods of their identification, including techniques for handling insider attacks in WSN, as well methods of embedding and detection of stego-embeddings. This allows singling out the basic features of stego-insiders, which could be determined by their behavior in the network. In the interests of storing these attributes of user behavior, as well as storing such attributes from large-scale WSN, a hybrid NoSQL database is created based on graph and document-oriented approaches. The algorithms for determining each of the features using the NoSQL database are specified. The general scheme of stego-insider detection is also provided. To confirm the efficiency of the approach, an experiment was carried out on a real network. During the experiment, a database of user behavior was collected. Then, user behavior features were retrieved from the database using special SQL queries. The analysis of the results of SQL queries is carried out, and their applicability for determining the attribute is justified. Weak points of the approach and ways to improve them are indicated. Full article
(This article belongs to the Special Issue Security Threats and Countermeasures in Cyber-Physical Systems)
Show Figures

Figure 1

Open AccessFeature PaperArticle
Distributed Architecture to Enhance Systems Protection against Unauthorized Activity via USB Devices
J. Sens. Actuator Netw. 2021, 10(1), 19; https://doi.org/10.3390/jsan10010019 - 02 Mar 2021
Viewed by 332
Abstract
Cyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device’s firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a [...] Read more.
Cyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device’s firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a target system. The countermeasures against this type of attack can be grouped into two strategies: phyiscal blocking of USB ports and software blocking. This paper proposes a distributed architecture that uses software blocking to enhance system protection against BadUSB attacks. This architecture is composed of multiple agents and external databases, and it is designed for personal or corporate computers using Microsoft Windows Operating System. When a USB device is connected, the agent inspects the device, provides filtered information about its functionality and presents a threat assessment to the user, based on all previous user choices stored in external databases. By providing valuable information to the user, and also threat assessments from multiple users, the proposed distributed architecture improves system protection. Full article
(This article belongs to the Special Issue Security Threats and Countermeasures in Cyber-Physical Systems)
Show Figures

Figure 1

Open AccessArticle
Blockchain and IoMT against Physical Abuse: Bullying in Schools as a Case Study
J. Sens. Actuator Netw. 2021, 10(1), 1; https://doi.org/10.3390/jsan10010001 - 29 Dec 2020
Viewed by 698
Abstract
By law, schools are required to protect the well-being of students against problems such as on-campus bullying and physical abuse. In the UK, a report by the Office for Education (OfE) showed 17% of young people had been bullied during 2017–2018. This problem [...] Read more.
By law, schools are required to protect the well-being of students against problems such as on-campus bullying and physical abuse. In the UK, a report by the Office for Education (OfE) showed 17% of young people had been bullied during 2017–2018. This problem continues to prevail with consequences including depression, anxiety, suicidal thoughts, and eating disorders. Additionally, recent evidence suggests this type of victimisation could intensify existing health complications. This study investigates the opportunities provided by Internet of Medical Things (IoMT) data towards next-generation safeguarding. A new model is developed based on blockchain technology to enable real-time intervention triggered by IoMT data that can be used to detect stressful events, e.g., when bullying takes place. The model utilises private permissioned blockchain to manage IoMT data to achieve quicker and better decision-making while revolutionising aspects related to compliance, double-entry, confidentiality, and privacy. The feasibility of the model and the interaction between the sensors and the blockchain was simulated. To facilitate a close approximation of an actual IoMT environment, we clustered and decomposed existing medical sensors to their attributes, including their function, for a variety of scenarios. Then, we demonstrated the performance and capabilities of the emulator under different loads of sensor-generated data. We argue to the suitability of this emulator for schools and medical centres to conduct feasibility studies to address sensor data with disruptive data processing and management technologies. Full article
(This article belongs to the Special Issue Security Threats and Countermeasures in Cyber-Physical Systems)
Show Figures

Figure 1

Open AccessArticle
Fault Detection Based on Parity Equations in Multiple Lane Road Car-Following Models Using Bayesian Lane Change Estimation
J. Sens. Actuator Netw. 2020, 9(4), 52; https://doi.org/10.3390/jsan9040052 - 19 Nov 2020
Viewed by 590
Abstract
One of the current topics of interest in transportation science is the use of intelligent computation and IoT (Internet of Things) technologies. Researchers have proposed many approaches using these concepts, but the most widely used concept in road traffic modeling at the microscopic [...] Read more.
One of the current topics of interest in transportation science is the use of intelligent computation and IoT (Internet of Things) technologies. Researchers have proposed many approaches using these concepts, but the most widely used concept in road traffic modeling at the microscopic level is the car-following model. Knowing that the standard car-following model is single lane-oriented, the purpose of this paper is to present a fault detection analysis of the extension to a multiple lane car-following model that uses the Bayesian reasoning concept to estimate lane change behavior. After the application of the latter model on real traffic data retrieved from inductive loops placed on a road network, fault detection using parity equations was used. The standard car-following model applied separately for each lane showed the ability to perform a lane change action and to incorporate a new vehicle into the current lane. The results will highlight the advantages and the critical points of influence in the use of a multiple lane car-following model based on probabilistic estimated lane changes. Additionally, this research applied fault detection based on parity equations for the proposed model. The purpose was to deliver an overview of the faults introduced by the behavior of vehicles in adjacent lanes on the behavior of the target vehicle. Full article
(This article belongs to the Special Issue Security Threats and Countermeasures in Cyber-Physical Systems)
Show Figures

Figure 1

Open AccessFeature PaperArticle
Cyber–Physical Systems Forensics: Today and Tomorrow
J. Sens. Actuator Netw. 2020, 9(3), 37; https://doi.org/10.3390/jsan9030037 - 05 Aug 2020
Cited by 2 | Viewed by 1558
Abstract
Cyber–Physical Systems (CPS) connect the physical world (systems, environments, and humans) with the cyber world (software, data, etc.) to intelligently enhance the operational environment they serve. CPS are distributed software and hardware components embedded in the physical world and possibly attached to humans. [...] Read more.
Cyber–Physical Systems (CPS) connect the physical world (systems, environments, and humans) with the cyber world (software, data, etc.) to intelligently enhance the operational environment they serve. CPS are distributed software and hardware components embedded in the physical world and possibly attached to humans. They offer smart features, such as enhancing and optimizing the reliability, quality, safety, health, security, efficiency, operational costs, sustainability, and maintainability of physical systems. CPS are also very vulnerable to security attacks and criminal activities. In addition, they are very complex and have a direct impact on their environment. Therefore, it is hard to detect and investigate security attacks, while such attacks may have a catastrophic impact on the physical world. As a result, CPS must incorporate security measures in addition to suitable and effective forensics capabilities. When the security measures fail and an attack occurs, it becomes imperative to perform thorough forensics analysis. Adding effective forensics tools and capabilities will support the investigations of incidents. This paper defines the field of CPS forensics and its dimensions: Technical, Organizational, and Legal. Then, it reviews examples of current research efforts in the field and the types of tools and methods they propose for CPS forensics. In addition, it discusses the issues and challenges in the field that need to be addressed by researchers and developers of CPS. The paper then uses the review outcomes to discuss future research directions to address challenges and create a more effective, efficient, and safe forensics tools and for CPS. This discussion aims to create a starting point for researchers where they can identify the gaps and challenges and create suitable solutions through their research in CPS forensics. Full article
(This article belongs to the Special Issue Security Threats and Countermeasures in Cyber-Physical Systems)
Show Figures

Figure 1

Review

Jump to: Research

Open AccessReview
CNA Tactics and Techniques: A Structure Proposal
J. Sens. Actuator Netw. 2021, 10(1), 14; https://doi.org/10.3390/jsan10010014 - 10 Feb 2021
Viewed by 455
Abstract
Destructive and control operations are today a major threat for cyber physical systems. These operations, known as Computer Network Attack (CNA), and usually linked to state-sponsored actors, are much less analyzed than Computer Network Exploitation activities (CNE), those related to intelligence gathering. While [...] Read more.
Destructive and control operations are today a major threat for cyber physical systems. These operations, known as Computer Network Attack (CNA), and usually linked to state-sponsored actors, are much less analyzed than Computer Network Exploitation activities (CNE), those related to intelligence gathering. While in CNE operations the main tactics and techniques are defined and well structured, in CNA there is a lack of such consensuated approaches. This situation hinders the modeling of threat actors, which prevents an accurate definition of control to identify and to neutralize malicious activities. In this paper, we propose the first global approach for CNA operations that can be used to map real-world activities. The proposal significantly reduces the amount of effort need to identify, analyze, and neutralize advanced threat actors targeting cyber physical systems. It follows a logical structure that can be easy to expand and adapt. Full article
(This article belongs to the Special Issue Security Threats and Countermeasures in Cyber-Physical Systems)
Show Figures

Figure 1

Back to TopTop