TY - GEN
T1 - A Lightweight Compound Defense Framework Against Injection Attacks in IIoT
AU - Chi, Po Wen
AU - Wang, Ming Hung
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2019/1/23
Y1 - 2019/1/23
N2 - Industrial Internet of Things (IIoT) is a trend of the smart industry. By collecting field data from sensors, the industry can make decisions dynamically in time for better performance. In most cases, IIoT is built on private networks and cannot be reached from the Internet. Currently, data transmission in most of IIoT network protocols is in plaintext without encryption protection. Once an attacker breaks into the field, the attacker can intercept data and injects malicious commands to field agents. In this paper, we propose a compound approach for defending command injection attacks in IIOT. First, we leverage the power of Software Defined Networking (SDN) to detect the injection attack. When the injection attack event is detected, the system owner is alarmed that someone tries to pretend a controller or a field agent to deceive the other entity. Second, we develop a lightweight authentication scheme to ensure the identity of the command sender. Command receiver can verify commands first before processing commands.
AB - Industrial Internet of Things (IIoT) is a trend of the smart industry. By collecting field data from sensors, the industry can make decisions dynamically in time for better performance. In most cases, IIoT is built on private networks and cannot be reached from the Internet. Currently, data transmission in most of IIoT network protocols is in plaintext without encryption protection. Once an attacker breaks into the field, the attacker can intercept data and injects malicious commands to field agents. In this paper, we propose a compound approach for defending command injection attacks in IIOT. First, we leverage the power of Software Defined Networking (SDN) to detect the injection attack. When the injection attack event is detected, the system owner is alarmed that someone tries to pretend a controller or a field agent to deceive the other entity. Second, we develop a lightweight authentication scheme to ensure the identity of the command sender. Command receiver can verify commands first before processing commands.
KW - IIoT Security
KW - Injection attack
KW - Lightweight Authentication
UR - http://www.scopus.com/inward/record.url?scp=85062516413&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85062516413&partnerID=8YFLogxK
U2 - 10.1109/DESEC.2018.8625150
DO - 10.1109/DESEC.2018.8625150
M3 - Conference contribution
AN - SCOPUS:85062516413
T3 - DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing
BT - DSC 2018 - 2018 IEEE Conference on Dependable and Secure Computing
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2018 IEEE Conference on Dependable and Secure Computing, DSC 2018
Y2 - 10 December 2018 through 13 December 2018
ER -