NATIONAL AND INTERNATIONAL SECURITY

IIoT and cyber security in industrial enterprises

  • 1 Technical University of Varna, Bulgaria

Abstract

Digital transformation and sustainable development are key concepts that are actively developing in modern business and society. They go hand in hand, creating opportunities to improve efficiency, reduce the negative impact on the environment and increase people’s quality of life. The Industrial Internet of Things is a powerful tool for connecting industrial devices, sensors, and equipment to a network to improve monitoring, analysis, and process automation. With the increasing digitization of business in recent years, cyber-attacks are also on the rise. To protect against such actions, organizations need cybersecurity technology solutions, as well as reliable tools to detect, prevent, and respond to cybersecurity breaches. This publication presents an exploration of the combination and interconnectedness of IIoT and cybersecurity in industrial enterprises, which are necessary to keep these systems secure and protected from cyber threats. A conceptual framework for multi-layered cyberattack defense designed for industrial enterprises is proposed.

Keywords

References

  1. A. Orebaugh, B. Pinkard, Nmap in the Enterprise: Your Guide to Network Scanning, Elsevier, (2011), ISBN 0080558747, 780080558745
  2. A. Sadeghian, M. Zamani and S. M. Abdullah, "A Taxonomy of SQL Injection Attacks," (2013) International Conference on Informatics and Creative Multimedia, Kuala Lumpur, Malaysia, (2013), pp. 269-273, doi: 10.1109/ICICM.2013.53
  3. B. Caswell, J. Beale, A. Baker, Snort Intrusion Detection and Prevention Toolkit, Syngress, (2007), ISBN 0080549276, 9780080549279
  4. B. B Gupta, A.Tewari, Jain, et al. Fighting against phishing attacks: state of the art A.K. and future challenges. Neural Comput & Applic 28, 3629–3654 (2017). https://doi.org/10.1007/s00521-016-2275-y
  5. B. Vaidya, D. Makrakis and H. T. Mouftah, "Authentication and authorization mechanisms for substation automation in smart grid network," in IEEE Network, vol. 27, no. 1, pp. 5-11, January-February (2013), doi: 10.1109/MNET.2013.6423185
  6. C. Douligeris, A. Mitrokotsa, DDoS attacks and defense mechanisms: classification and state-of-the-art, Computer Networks Volume 44, Issue 5, 5 April (2004), pp 643-666, https://doi.org/10.1016/j.comnet.2003.10.003
  7. E. Baray and N. Kumar Ojha, "‘WLAN Security Protocols and WPA3 Security Approach Measurement Through Aircrack-ng Technique’," (2021) 5th International Conference on Computing Methodologies and Communication (ICCMC), Erode, India, (2021), pp. 23-30, doi: 10.1109/ICCMC51019.2021.9418230
  8. F. Arat, S. Akleylek, (2023), Attack Path Detection for IIoT Enabled Cyber Physical Systems: Revisited, Computers & Security, Volume 128, May (2023), 103174, https://doi.org/10.1016/j.cose.2023.103174
  9. G. C. Kane, D. Palmer, A. N. Phillips, D. Kiron, N. Buckley. (2015). Technology, drives digital transformation - becoming a digitally mature enterprise. MIT Sloan Management Review . Retrieved January 24, (2018), from https://sloanreview.mit.edu/projects/strategy-drives-digital-transformation/)
  10. G. Li, H. Liu, X. Chen, H.S. Gunawi, S. Lu (2019) Dfix: automatically fixing timing bugs in distributed systems. PLDI (2019): Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation pp 994 – 1009, https://doi.org/10.1145/3314221.3314620
  11. G. Najera-Gutierrez, J. Ansari, Web Penetration Testing with Kali Linux: Explore the methods and tools of ethical hacking with Kali Linux, 3rd Edition, Packt Publishing Ltd, (2018), ISBN 1788623800, 9781788623803
  12. G. J. Popek, C. S. Kline, Encryption and Secure Computer Networks, ACM Computing Surveys (CSUR), Volume 11, Issue 4, pp 331 – 356, https://doi.org/10.1145/356789.356794
  13. J. Sachs, C. Kroll, G. Lafortune, G. Fuller, F. Woelm – (2022). Sustainable Development Report (2022), Cambridge University Press, ISBN 978-1-009-21003-4,
  14. M. Baykara, U. Gurturk and R. Das, "An overview of monitoring tools for real-time cyber-attacks," (2018) 6th International Symposium on Digital Forensic and Security (ISDFS), Antalya, Turkey, (2018), pp. 1-6, doi: 10.1109/ISDFS.2018.8355339
  15. M. H. Bhuyan, D. K. Bhattacharyya and J. K. Kalita, "Network Anomaly Detection: Methods, Systems and Tools," in IEEE Communications Surveys & Tutorials, vol. 16, no. 1, pp. 303- 336, First Quarter (2014), doi: 10.1109/SURV.2013.052213.00046
  16. M. Moore, "Penetration testing and metasploit", (2017), https://www.researchgate.net/profile/Michael-Moore- 22/publication/318710609_Penetration_Testing_and_Metasplo it/links/5978fddda6fdcc30bdc32be2/Penetration-Testing-and- Metasploit.pdf
  17. N. Shinde, P. Kulkarni, Cyber incident response and planning: a flexible approach, https://doi.org/10.1016/S1361- 3723(21)00009-9
  18. O. Or-Meir, N. Nissim, Yuval Elovici, Lior Rokach, Dynamic Malware Analysis in the Modern Era—A State of the Art Survey, ACM Computing Surveys (CSUR), Volume 52, Issue 5 Article No.: 88, pp 1 – 48, https://doi.org/10.1145/3329786
  19. R. A. Mouha, Internet of Things (IoT), Journal of Data Analysis and Information Processing, Vol.09 No.02(2021), Article ID:108574,25 pages, 10.4236/jdaip.2021.92006
  20. R. Rogers, Nessus Network Auditing, Elsevier, (2011), ISBN 0080558658, 9780080558653
  21. S. Gupta, B.B Gupta, Cross-Site Scripting (XSS) attacks and defense mechanisms: classification and state-of-the-art. International Journal of System Assurance Engineering and Management Volume 8, pp 512–530, (2017), https://doi.org/10.1007/s13198-015-0376-0
  22. S. Wear, Burp Suite Cookbook: Practical recipes to help you master web penetration testing with Burp Suite, Packt Publishing Ltd, (2018), ISBN 1789539277, 9781789539271
  23. V. Ndatinya, Z. Xiao, V. Rao Manepalli, K.Meng and Y. Xiao, Network forensics analysis using Wireshark, International Journal of Security and NetworksVol. 10, No. 2, ISSN: 1747- 8405, eISSN: 1747-8413, https://doi.org/10.1504/IJSN.2015.070421
  24. W. R. Simpson, K. E. Foltz, Network Segmentation and Zero Trust Architectures, Proceedings of the World Congress on Engineering (2021) WCE 2021, July 7-9, (2021), London, U.K., ISBN: 978-988-14049-2-3, ISSN: 2078-0958 (Print); ISSN: 2078-0966 (Online)
  25. Fortinet, Global Threat Landscape Report 2H (2023); https://www.fortinet.com/resources/cyberglossary/types-of-cyber-attacks

Article full text

Download PDF