The Experts below are selected from a list of 1296 Experts worldwide ranked by ideXlab platform
Kyoung Son Jhang - One of the best experts on this subject based on the ideXlab platform.
-
Whitelists Based Multiple Filtering Techniques in SCADA Sensor Networks
Journal of Applied Mathematics, 2014Co-Authors: Dongho Kang, Jungchan Na, Kyoung Son JhangAbstract:Internet of Things (IoT) consists of several tiny devices connected together to form a collaborative computing environment. Recently IoT technologies begin to merge with supervisory control and data acquisition (SCADA) sensor networks to more efficiently gather and analyze real-time data from sensors in industrial environments. But SCADA sensor networks are becoming more and more vulnerable to cyber-attacks due to increased connectivity. To safely adopt IoT technologies in the SCADA environments, it is important to improve the security of SCADA sensor networks. In this paper we propose a multiple filtering technique based on Whitelists to detect illegitimate packets. Our proposed system detects the traffic of network and application protocol attacks with a set of Whitelists collected from normal traffic.
-
FCC - Whitelist Generation Technique for Industrial Firewall in SCADA Networks
Lecture Notes in Electrical Engineering, 2014Co-Authors: Dongho Kang, Jungchan Na, Kyoung Son JhangAbstract:The use of SCADA systems has been increased since the 1960s as a need arose to more efficiently monitor and control the status of remote equipment. But, they are becoming more and more vulnerable to cyber-attacks due to utilize standard protocols and increase connectivity. The purpose of this paper is to introduce our work and confirm the validity of our approach for identifying network and application protocol attacks in SCADA networks.
-
Whitelists based multiple filtering techniques in SCADA sensor networks
Journal of Applied Mathematics, 2014Co-Authors: Dongho Kang, Byoungkoo Kim, Jungchan Na, Kyoung Son JhangAbstract:Internet of Things (IoT) consists of several tiny devices connected together to form a collaborative computing environment. Recently IoT technologies begin to merge with supervisory control and data acquisition (SCADA) sensor networks to more efficiently gather and analyze real-time data from sensors in industrial environments. But SCADA sensor networks are becoming more and more vulnerable to cyber-attacks due to increased connectivity. To safely adopt IoT technologies in the SCADA environments, it is important to improve the security of SCADA sensor networks. In this paper we propose a multiple filtering technique based on Whitelists to detect illegitimate packets. Our proposed system detects the traffic of network and application protocol attacks with a set of Whitelists collected from normal traffic. © 2014 DongHo Kang et al.
-
Whitelist generation technique for industrial firewall in scada networks
FCC, 2014Co-Authors: Dongho Kang, Jungchan Na, Kyoung Son JhangAbstract:The use of SCADA systems has been increased since the 1960s as a need arose to more efficiently monitor and control the status of remote equipment. But, they are becoming more and more vulnerable to cyber-attacks due to utilize standard protocols and increase connectivity. The purpose of this paper is to introduce our work and confirm the validity of our approach for identifying network and application protocol attacks in SCADA networks.
Dongho Kang - One of the best experts on this subject based on the ideXlab platform.
-
Whitelists Based Multiple Filtering Techniques in SCADA Sensor Networks
Journal of Applied Mathematics, 2014Co-Authors: Dongho Kang, Jungchan Na, Kyoung Son JhangAbstract:Internet of Things (IoT) consists of several tiny devices connected together to form a collaborative computing environment. Recently IoT technologies begin to merge with supervisory control and data acquisition (SCADA) sensor networks to more efficiently gather and analyze real-time data from sensors in industrial environments. But SCADA sensor networks are becoming more and more vulnerable to cyber-attacks due to increased connectivity. To safely adopt IoT technologies in the SCADA environments, it is important to improve the security of SCADA sensor networks. In this paper we propose a multiple filtering technique based on Whitelists to detect illegitimate packets. Our proposed system detects the traffic of network and application protocol attacks with a set of Whitelists collected from normal traffic.
-
FCC - Whitelist Generation Technique for Industrial Firewall in SCADA Networks
Lecture Notes in Electrical Engineering, 2014Co-Authors: Dongho Kang, Jungchan Na, Kyoung Son JhangAbstract:The use of SCADA systems has been increased since the 1960s as a need arose to more efficiently monitor and control the status of remote equipment. But, they are becoming more and more vulnerable to cyber-attacks due to utilize standard protocols and increase connectivity. The purpose of this paper is to introduce our work and confirm the validity of our approach for identifying network and application protocol attacks in SCADA networks.
-
Whitelists based multiple filtering techniques in SCADA sensor networks
Journal of Applied Mathematics, 2014Co-Authors: Dongho Kang, Byoungkoo Kim, Jungchan Na, Kyoung Son JhangAbstract:Internet of Things (IoT) consists of several tiny devices connected together to form a collaborative computing environment. Recently IoT technologies begin to merge with supervisory control and data acquisition (SCADA) sensor networks to more efficiently gather and analyze real-time data from sensors in industrial environments. But SCADA sensor networks are becoming more and more vulnerable to cyber-attacks due to increased connectivity. To safely adopt IoT technologies in the SCADA environments, it is important to improve the security of SCADA sensor networks. In this paper we propose a multiple filtering technique based on Whitelists to detect illegitimate packets. Our proposed system detects the traffic of network and application protocol attacks with a set of Whitelists collected from normal traffic. © 2014 DongHo Kang et al.
-
Whitelist generation technique for industrial firewall in scada networks
FCC, 2014Co-Authors: Dongho Kang, Jungchan Na, Kyoung Son JhangAbstract:The use of SCADA systems has been increased since the 1960s as a need arose to more efficiently monitor and control the status of remote equipment. But, they are becoming more and more vulnerable to cyber-attacks due to utilize standard protocols and increase connectivity. The purpose of this paper is to introduce our work and confirm the validity of our approach for identifying network and application protocol attacks in SCADA networks.
Shu Hosokawa - One of the best experts on this subject based on the ideXlab platform.
-
IECON - Model Verification and Exhaustive Testing for Whitelist Function of Industrial Control System
IECON 2019 - 45th Annual Conference of the IEEE Industrial Electronics Society, 2019Co-Authors: Shintaro Fujita, Kenji Sawada, Seiichi Shin, Shu HosokawaAbstract:This paper considers a verification problem of the Whitelist function applicable to the Programmable Logic Controller (PLC). The PLC of the industrial control system is an important controller to control sensors and actuators and requires security functions because PLCs are becoming targets for cyber-attacks such as malware and zero-day attacks. One of the PLC security functions is a Whitelisting system that registers normal operations as a safety list and detects the operations not registered in the list as abnormal operations. The detection performance of the Whitelist depends on how accurately the normal operation of PLC is modeled via Petri net. Therefore, it is necessary to verify the consistency of the normal operation and Whitelist of the PLC. Verification of the consistency allows us to evaluate the detection range and to suppress false detection. The previous work of the current authors demonstrates that the Petri net model allows us to generate the Whitelist from the control program of PLC. The Whitelist generation is composed of two processes: The first is to convert a control program to a Petri net and the second is to convert a Petri net model to a Whitelist. Thus, this paper proposes two Whitelist verification methods. The first is a model verification method to verify the Petri net model using reachability of the Petri net. The second is an exhaustive test method to verify the Whitelist operation. Furthermore, it is expected that the proposed methods are applicable for evaluation and verification of detection performance when the Whitelist is compressed to reduce the load on the PLC.
-
Model Verification and Exhaustive Testing for Whitelist Function of Industrial Control System
IECON 2019 - 45th Annual Conference of the IEEE Industrial Electronics Society, 2019Co-Authors: Shintaro Fujita, Kenji Sawada, Seiichi Shin, Shu HosokawaAbstract:This paper considers a verification problem of the Whitelist function applicable to the Programmable Logic Controller (PLC). The PLC of the industrial control system is an important controller to control sensors and actuators and requires security functions because PLCs are becoming targets for cyber-attacks such as malware and zero-day attacks. One of the PLC security functions is a Whitelisting system that registers normal operations as a safety list and detects the operations not registered in the list as abnormal operations. The detection performance of the Whitelist depends on how accurately the normal operation of PLC is modeled via Petri net. Therefore, it is necessary to verify the consistency of the normal operation and Whitelist of the PLC. Verification of the consistency allows us to evaluate the detection range and to suppress false detection. The previous work of the current authors demonstrates that the Petri net model allows us to generate the Whitelist from the control program of PLC. The Whitelist generation is composed of two processes: The first is to convert a control program to a Petri net and the second is to convert a Petri net model to a Whitelist. Thus, this paper proposes two Whitelist verification methods. The first is a model verification method to verify the Petri net model using reachability of the Petri net. The second is an exhaustive test method to verify the Whitelist operation. Furthermore, it is expected that the proposed methods are applicable for evaluation and verification of detection performance when the Whitelist is compressed to reduce the load on the PLC.
-
IECON - On Experimental validation of Whitelist Auto-Generation Method for Secured Programmable Logic Controllers
IECON 2018 - 44th Annual Conference of the IEEE Industrial Electronics Society, 2018Co-Authors: Shintaro Fujita, Kenji Sawada, Seiichi Shin, Kosuke Rata, Akinori Mochizuki, Shu HosokawaAbstract:This paper considers a Whitelisting system for programmable logic controllers (PLCs). In control systems, controllers are final fortresses to continues the operation of field devices (actuators/sensors), but they are fragile with respect to malware and zero-day attacks. One of the countermeasures applicable for controllers is a Whitelisting system which registers normal operations of controller behavior in a “Whitelist” to detect abnormal operations via a Whitelist. The previous research of the current author proposed a PLC Whitelisting system with a control via a ladder diagram (LD). LD representations have a wide applicability because LDs can be implemented for all PLCs and security functions without hardware/firmware updates. However, the current status requires that all instances are manually entered in the Whitelist. In this talk, we show how the setting up of the can be automatized Whitelist from the PLC behavior. This paper introduces an auto-generation approach for the Whitelist using sequential function chart (SFC) instead of the LD. SFC and LD are compatible representations for the PLC. Using Petri Net modeling, this paper proposes how to generate the Whitelist from the SFC and how to detect abnormal operations via the Whitelist. We call the SFC-based approach the model-based Whitelist, the Petri Net based approach the model-based detection. Further, this paper carries out an experimental validation of the algorithms using an OpenPLC based testbed system.
-
On Experimental validation of Whitelist Auto-Generation Method for Secured Programmable Logic Controllers
IECON 2018 - 44th Annual Conference of the IEEE Industrial Electronics Society, 2018Co-Authors: Shintaro Fujita, Kenji Sawada, Seiichi Shin, Kosuke Rata, Akinori Mochizuki, Shu HosokawaAbstract:This paper considers a Whitelisting system for programmable logic controllers (PLCs). In control systems, controllers are final fortresses to continues the operation of field devices (actuators/sensors), but they are fragile with respect to malware and zero-day attacks. One of the countermeasures applicable for controllers is a Whitelisting system which registers normal operations of controller behavior in a “Whitelist” to detect abnormal operations via a Whitelist. The previous research of the current author proposed a PLC Whitelisting system with a control via a ladder diagram (LD). LD representations have a wide applicability because LDs can be implemented for all PLCs and security functions without hardware/firmware updates. However, the current status requires that all instances are manually entered in the Whitelist. In this talk, we show how the setting up of the can be automatized Whitelist from the PLC behavior. This paper introduces an auto-generation approach for the Whitelist using sequential function chart (SFC) instead of the LD. SFC and LD are compatible representations for the PLC. Using Petri Net modeling, this paper proposes how to generate the Whitelist from the SFC and how to detect abnormal operations via the Whitelist. We call the SFC-based approach the model-based Whitelist, the Petri Net based approach the model-based detection. Further, this paper carries out an experimental validation of the algorithms using an OpenPLC based testbed system.
Jaehyun Park - One of the best experts on this subject based on the ideXlab platform.
-
FPGA-based Real-time Abnormal Packet Detector for Critical Industrial Network
2019 IEEE Symposium on Computers and Communications (ISCC), 2019Co-Authors: Jiwoong Kang, Jaehyun ParkAbstract:As the information technology plays an important role in the smart factories, Ethernet-based industrial network has rapidly replaced the traditional field buses. To maintain this critical network secure, it is important to develop the realtime network intrusion detection system (NIDS). The widely used NIDS was developed for the general Internet environment where the average throughput to protect attacks from the large number of unknown network nodes is more important than the real-time detection capability. However, in the critical industrial network, the real-time protection is more important than the average throughput. In this paper, a FPGA-based abnormal Ethernet packet detector is proposed. Since it is designed for the closed industry network, packet detection is based on the Whitelist that consists of the allowed network address and protocol numbers. The prototype system has been implemented using the Xilinx Zynq-7030 SoC running at 250MHz. The network header of the Ethernet packet is compared to the 256 Whitelist ruleset within 0.032μsec, which means that the malicious packets from the abnormal network nodes are filtered out even before the whole packets arrives. This real-time packet filtering feature is useful in protecting highly secure network systems like the critical industrial control systems.
Matthias Egger - One of the best experts on this subject based on the ideXlab platform.
-
Blacklists and Whitelists To Tackle Predatory Publishing: a Cross-Sectional Comparison and Thematic Analysis
Mbio, 2019Co-Authors: Michaela Strinzel, Anna Severin, Katrin Milzow, Matthias EggerAbstract:ABSTRACT We aimed to develop an in-depth understanding of quality criteria for scholarly journals by analyzing journals and publishers indexed in blacklists of predatory journals and Whitelists of legitimate journals and the lists’ inclusion criteria. To quantify content overlaps between blacklists and Whitelists, we employed the Jaro-Winkler string metric. To identify topics addressed by the lists’ inclusion criteria and to derive their concepts, we conducted qualitative coding. We included two blacklists (Beall’s and Cabells Scholarly Analytics’) and two Whitelists (the Directory of Open Access Journals’ and Cabells Scholarly Analytics’). The number of journals per list ranged from 1,404 to 12,357, and the number of publishers ranged from 473 to 5,638. Seventy-two journals and 42 publishers were included in both a blacklist and a Whitelist. Seven themes were identified in the inclusion criteria: (i) peer review; (ii) editorial services; (iii) policy; (iv) business practices; (v) publishing, archiving, and access; (vi) website; and (vii) indexing and metrics. Business practices accounted for almost half of the blacklists’ criteria, whereas Whitelists gave more emphasis to criteria related to policy. Criteria could be allocated to four concepts: (i) transparency, (ii) ethics, (iii) professional standards, and (iv) peer review and other services. Whitelists gave most weight to transparency. Blacklists focused on ethics and professional standards. Whitelist criteria were easier to verify than those used in blacklists. Both types gave little emphasis to quality of peer review. Overall, the results show that there is overlap of journals and publishers between blacklists and Whitelists. Lists differ in their criteria for quality and the weight given to different dimensions of quality. Aspects that are central but difficult to verify receive little attention. IMPORTANCE Predatory journals are spurious scientific outlets that charge fees for editorial and publishing services that they do not provide. Their lack of quality assurance of published articles increases the risk that unreliable research is published and thus jeopardizes the integrity and credibility of research as a whole. There is increasing awareness of the risks associated with predatory publishing, but efforts to address this situation are hampered by the lack of a clear definition of predatory outlets. Blacklists of predatory journals and Whitelists of legitimate journals have been developed but not comprehensively examined. By systematically analyzing these lists, this study provides insights into their utility and delineates the different notions of quality and legitimacy in scholarly publishing used. This study contributes to a better understanding of the relevant concepts and provides a starting point for the development of a robust definition of predatory journals.
-
"Blacklists" and "Whitelists" to tackle predatory publishing : A cross-sectional comparison and thematic analysis
2019Co-Authors: Michaela Strinzel, Anna Severin, Katrin Milzow, Matthias EggerAbstract:Background. Despite growing awareness of predatory publishing and research on its market characteristics, the defining attributes of fraudulent journals remain controversial. We aimed to develop a better understanding of quality criteria for scholarly journals by analysing journals and publishers indexed in blacklists of predatory journals and Whitelists of legitimate journals and the lists’ inclusion criteria. Methods. We searched for blacklists and Whitelists in early 2018. Lists that included journals across disciplines were eligible. We used a mixed methods approach, combining quantitative and qualitative analyses. To quantify overlaps between lists in terms of indexed journals and publishers we employed the Jaro-Winkler string metric and Venn diagrams. To identify topics addressed by the lists’ inclusion criteria and to derive their broader conceptual categories, we used a qualitative coding approach. Results. Two blacklists (Beall’s and Cabell’s) and two Whitelists (DOAJ and Cabell’s) were eligible. The number of journals per list ranged from 1404 to 12357 and the number of publishers from 473 to 5638. Seventy-three journals and 42 publishers were included both in a blacklist and Whitelist. A total of 198 inclusion criteria were examined. Seven thematic themes were identified: (i) peer review, (ii) editorial services, (iii) policy, (iv) business practices, (v) publishing, archiving and access, (vi) website and (vii) indexing and metrics. Business practices accounted for almost half of blacklists’ criteria, whereas Whitelists gave more emphasis to criteria related to policy and guidelines. Criteria were grouped into four broad concepts: (i) transparency, (ii) ethics, (iii) professional standards and (iv) peer review and other services. Whitelists gave more weight to transparency whereas blacklists focused on ethics and professional standards. The criteria included in Whitelists were easier to verify than those used in blacklists. Both types of list gave relatively little emphasis to the quality of peer review. Conclusions. There is overlap between journals and publishers included in blacklists and Whitelists. Blacklists and Whitelists differ in their criteria for quality and the weight given to different dimensions of quality. Aspects that are central but difficult to verify receive insufficient attention.
