Cysecure.org



Security and the Industrial Internet of ThingsIASP 470 CapstoneDr. YoonDaniel RogersTable of Contents1. Introduction2. PreliminariesArtificial IntelligenceInfonomics Data Broking Shifting from Intelligent Edge to Intelligent Mesh Architecture IIoT GovernanceSensor Innovation Trusted Hardware and Operating Systems3. Problem Descriptiona. Drawbacks of the previous approachesArticle 1Article 2Article 3Article 4Article 5b. Cyber Threat(s) to ResolveAging legacy systemsMulti-Vendor EnvironmentsPoor Network VisibilityCosts of protecting individual devices4. My Approach to Cyber DefenseLeveraging Artificial Intelligence to Secure the IIotUnified Threat AnalysisComprehensive VisibilityAutomated Threat Containment5. Implementation/Proof6. Conclusion7. References9. Embedded Slide Show10. Embedded Video PresentationIntroduction:Now more than ever, technology and the internet plays a critical part of our lives. This is because both technology and the internet are engrained into every aspect of our lives. With smart devices i.e., cars, tv’s, phones, security systems as well as other devices like Amazons Alexa, doorbell cameras and Google Home—we are all constantly connected. This interconnectivity of devices and technology has led to the creation of what we know as the Internet of Things (IoT). “The internet of Things, is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers (UID’s) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction” (Rouse, Internet of Things (IoT). Despite the many benefits of the Internet of Things (IoT), users can often be left vulnerable and susceptible to various attacks. However, this interconnectivity is not limited to consumers. Major industries and Fortune 500 companies are even more connected than our home-lives creating what is also known as the Industrial Internet of Things (IIoT). The Industrial Internet of Things and the Internet of Things are very different in comparison. The Industrial Internet of Things focuses on connecting machines and devices in industries such as oil and gas, power utilities and healthcare compared to the Internet of Things which focuses on connecting consumer level devices. In other words, the Industrial Internet of Things refers to “the extension and use of the internet of things (IoT) to industrial sectors and applications. With a strong focus on machine-to-machine (M2M) communication, big data, and machine learning, the IIoT enables industries and enterprises to have better efficiency and reliability in their operations. The IIoT encompasses industrial applications, including robotics, medical devices, and software-defined production processes” (Trend Solutions, IIoT). Why does this matter? It is estimated that over “forty-six billion devices will be connected to the Industrial Internet of Things (IIoT) by the year 2023” (Valerio, Industrial IoT connections will reach 46 billion by 2023) and this number will only continue to grow as time progresses. With an increase in connected devices, there will also be an increase in sensors and actuators—increasing the potential attack surfaces of large industries and corporations.Preliminaries:With the technology currently expanding at an exponential rate and the concepts of both the Internet of Things (IoT) and the Industrial Internet of Thing (IIoT) being fairly new concepts, there are dozens of current concepts and technologies. Gartner states that some of these concepts and trends are: “Artificial Intelligence, Infonomics, Data Broking, Shifting from Intelligent Edge to Intelligent Mesh Architecture, IIoT Governance, Sensor Innovation as well as Trusted Hardware and Operating Systems” (Omale, Gartner Identifies Top 10 Strategic IIoT Technologies and Trends). Artificial Intelligence (AI): Data fuels Information Technology, Industrial Internet of Things and an Organizations. Their abilities in terms of deriving meaning from that data will fuel their success. Currently, many vendors are exploring and investing in AI as well as different AI variants. With this technology it will be possible to achieve results in a wide range of IIoT things. Infonomics: Infonomics is the social science that involves the studying of the consumption and production of information. Infonomics revolves around the concept of economics of information. Data Broking: Data brokers are essentially their own business entity. Data brokers can license another company’s data directly, and/or process another organizations data to provide them with enhanced analytics.Intelligent Edge vs Intelligent Mesh Architecture: Intelligent Mesh Architecture will enable corporations operating within the realm of the IIoT to operate more flexible, intelligent and responsively through connecting architecture layers in a dynamic mesh. IIoT Governance: IIoT Governance is a very broad term in relation to Information Technology. IIot Governance can range from simple technical tasks such as auditing or firmware updates to more large scale complex issues such as the control of devices to include the information they generate. Sensor Innovation: An increase in sensor innovation will result in a surplus of data collection. Trusted Hardware and Operating Systems: Security is the most significant area of concern for organizations when deploying IoT/IIoT. It is expected to see the deployment of hardware and software combinations that together create an increased trustworthy and secure IoT systems. Problem Description:As the Industrial Internet of Things continues to grow, the wide range of functions and components will result in significant privacy and security challenges that will need to be addressed. Draw Backs of the previous approachesArticle 1: Title: Growing Cyber Security Concerns within the Industrial IoT (IIoT). Author: Tanner JohnsonSummary: The industrial Internet of Things (IIoT) has remained a consistent target due to several characteristics that are unique to critical infrastructure. The primary security concerns souring the IIoT are numerous:The overall age of the underlying legacy components of our critical infrastructure poses a unique security challengeIncreased demands for consistent, uninterrupted operation of the variety of legacy systems that comprise the infrastructure are growingIn the absence of any fully developed and mature security standards, much of our critical infrastructure is run on makeshift solutions comprised of an assortment of hardware and software products that present security concerns due to their unique configurations. Article 2: Securing the IIoT. Author: Jonathon NewellSummary: Given the security industries track record for securing information in the comparatively simple office IT environment, things do not bode too well for the industrial system security. In order to tackle the IIoT and differentiate it from IT, professionals coined the term OT for “Operational Technology”—which presents the same ricks and challenges as regular IT networks. In order to protect this new technology, IT and OT are treated the same in most enterprises. Due to the vast number of OT devices in the IIoT, companies take an agentless approach. Meaning that the individual devices being connected to the network do not have security software loaded onto them in order to be protected. Instead, the security comes from the physical network and not the device. However, an organization must understand their network topography and architecture before they can understand the policies to be setup to protect them. Article 3: 3 Cyber Security Challenges for IIoT Devices in 2018 Author: Kayne McGladreySummary: In contrast to the Internet of Things, the Industrial Internet of Things (IIoT) has a much longer device lifespan ranging from 7-10 years. Which means that security exploits in the Industrial Internet of Things also have a much longer lifespan than its counterpart—the Internet of Things. For example, a ransomware campaign aimed at disabling offshore oil pump sensors could repeatedly be used against companies for almost a decade. In order to protect against this large life span of exploitation, companies must add encryption to manufactured Industrial Devices. However, adding encryption to devices will shorten their battery life. However, this would sky rocket costs in one of two ways: 1.) Forcing companies to spend more money on production costs or 2.) Forcing obsolescence in order to update the IIoT environment.Article 4: The Role of Artificial Intelligence in IIoT and OT Security. Author: Aamir LakhaniSummary: Due to the potential attack capabilities posed by AI, cyber criminals are utilizing AI to bolster and enhance their agile software development, automation and machine learning in order to leverage themselves and exploit vulnerable IIoT networks. There is currently an AI arms race between either effectively securing or attacking the IIoT between cybersecurity professionals and cybercriminals. Cybercriminals can pose a threat to machine learning by interjecting during the “learning” process. “Many organizations still rely on legacy point product solutions, incorporating more than 30 different isolated products into their network on average, rendering their ability to adequately detect and respond to today’s advanced attack strategies obsolete” (Lakhani, The Role of Artificial Intelligence in the IIot). In other words, with the dramatic progress being made by cybercriminals with malware and exploitation—it is no longer a question of if an attack will affect an organization but when. Article 5: Managing the Security Issues & Risks of Industrial IoT Author: David MonahanSummary: In the last decade, the impacts of IIoT exploitations can be felt. IIoT devices can at times exist for up to a decade working to control and maintain day-to-day operations of machines. In many cases these machines include: “safety controllers, boilers, power relays, Industrial Control Systems (ICS)/Supervisory Control and Data Acquisition (SCADA) systems, nuclear power plants, and management monitoring tools in systems that include things like air quality management and pumps in water treatment facilities” (Monahan, Managing the Security Issues & Risks of the IIoT). Some recent examples of IIoT attacks and exploitations on older outdated devices are:Worldwide between 2011 and 2016, multiple water supply plants were hacked and sabotaged, tainting or stopping the water supply to tens of thousands of homes.Between 2013 and 2014, hackers successfully infiltrated the US power grid 17 times. In 2015, state-sponsored attackers took down the power grid in the Ukraine.Between 2009 and 2015, multiple nuclear plants in countries including Iraq, North Korea and Germany were attacked and at least two were confirmed successful. (Monahan, Managing the Security Issues & Risks of the IIoT).Cyber Threat(s) to resolveAging legacy systemsMulti-Vendor EnvironmentsPoor Network VisibilityCosts of protecting individual devicesMy Approach to Cyber Defense:With the Industrial Internet of Things (IIoT) pushing the cyber boundaries, it is important that companies across all industries work to further harden the ever expanding attack surfaces. The AV-TEST Institute estimates that “the number of new malware variations that pop up each day runs somewhere between 390,000 and one million” (Musthaler, How to use deep learning AI to detect and prevent malware). In order to combat these issues, we must first address and solve current cyber vulnerabilities within the IIoT realm: Aging Legacy Systems, Multi-Vendor Environments, Poor Network Visibility, and Costs of Protecting Individual Devices. In order to proactively mitigate threats to Industrial Internet of Things (IIoT) and OT devices organizations must actively seek to secure them. In order to do this, organizations should use a couple of tools: Artificial Intelligence and DevOps (Infrastructure as Code). Using DevOps in conjunction with AI could enabled organizations to script patching or replace outdated software/operating systems with the most current ones. With Artificial Intelligence acting as the primary workhorse of the defense, the cybersecurity and risk management personnel would be able to leverage more time into the integrity of the IIoT. With most enterprises moving to the cloud, it is not uncommon for a singular company to have multiple cloud computing vendors. For example, a company might be utilizing Oracles OCI or OMCS while simultaneously using AWS or Azure. With devices all over the place, teams could have trouble achieving clear visibility of their network architecture. Utilizing Artificial Intelligence in network access control, organizations would be able to achieve clear visibility into every device accessing a network at any given time or location. This would allow every device to be properly inventoried, tracked, secured as well as segmented properly. Also, as organizations continue to digital transform themselves, an effort must be made to continue to expand their networks. This applies to both physical and cloud-based. However, this becomes increasingly difficult to conduct threat analysis as well as risk mitigation across such vast networks. On top of that, organizations have to do all of the above at a pace that can keep up with that of modern cyber threats. AI can allow IT organizations to collect the latest threat data, identify the vulnerabilities apparent in their networks and deploy the security solutions to stop the attacks. In conjunction with this, organizations should leverage AI to automate threat containment—“with AI in place, IIoT and OT containment procedures can be automated, allowing infected devices to be properly segmented or taken offline before they have a chance to spread to additional areas throughout the network” (Lakhani, The Role of Artificial Intelligence in IIoT).Implementation/Proof: Below is a flow chart of how an AI based security platform can help protect an Industrial Internet of Things (IIoT) Wireless Sensor Network (WSN).This model is focused on securing the various sensor and nodes that can be found within an organizations IIoT—which solves all four of the original Cyber threats identified in the previous step. This model is assuming that the various wireless sensors and nodes are acting as “agentless” devices.-552450-40005002714625276225SECURITYPROCEDURELAYER00SECURITYPROCEDURELAYER114300238125Build Routing Algorithm00Build Routing Algorithmright219074Sensor Node Limitations00Sensor Node Limitations2638425-285750Return recommendations for update AI Implement or Sec procedures00Return recommendations for update AI Implement or Sec procedures2143125-742315Check Security Procedures00Check Security Procedures2047875-2381253257550257175003705225-209550002638425200025-419100-161925-9525059690Choose network architecture00Choose network architecture2114550138430Update Algorithm00Update Algorithm43815005080WSN limitations00WSN limitations19050462280Determine Security Requirements 00Determine Security Requirements left5080Explore existing algorithms00Explore existing algorithms4381500188595Possibility of real execution00Possibility of real execution6286504439285Project Solution Template for an AI Wireless Sensor Network IIoT Routing protocol0Project Solution Template for an AI Wireless Sensor Network IIoT Routing protocol32861251705610Test Appropriate actions00Test Appropriate actions2095500856615Updated Version00Updated Versionleft867411Apply AI Algorithm00Apply AI Algorithm-857251381760Explore AI Technique00Explore AI Technique-857251686560Choose technique00Choose technique666752010410Execute Algorithm on the WSN Architecture00Execute Algorithm on the WSN Architecture-2857505172710SecurityIssuesDB00SecurityIssuesDB8096253801110Threat Countermeasures00Threat Countermeasures38957255791835Internal/External Threats00Internal/External Threats40195505391785Challenges00Challenges40957504972685Measure of Security00Measure of Security50863503715385Same AI00Same AI49911003201035Routing without AI00Routing without AI51625502762885Compare existing algorithms00Compare existing algorithms29146503686810Routing objectives00Routing objectives29051253220085Routing time00Routing time29622752772410Routing performance00Routing performance276225229235145732529591020764503873520859757816851971675186753500-1143003934460453326529051250039052494401184004905375434403555911757816844638675107696032575507816853609340462978500476250024199850025527002314575002514601226758400-4286254959355810253686810-4381504753610Conclusion:With the Industrial Internet of Things still in its infant phase, it is only going to continue to grow with an estimated forty-six billion devices expected to be connected to the Industrial Internet of Things by 2023. With this increase of connected devices, it is also estimated that “by the year 2021, cybercrime will cost the world upwards of $6 trillion annually” (Schroer, 14 Cyber Security Examples to Know). With this increase, the Artificial Intelligence Market is expected to grow to a $190 billion industry by 2025. In addition, “27% of executives say their organization plans to invest this year in cyber security safeguards that use AI and machine learning” (PWC Solutions, 2018 AI predictions). Also, as of 2018 a survey commissioned by MemSQL reports that out of a survey of over 1,600 respondents “61 percent, regardless of company size, indicated ML and AI as their companies’ most significant security initiative for the next year when asked to pick from several options likely to be important concerns in today’s climate” (Lewandowski, Survey Finds Machine Learning and Artificial Intelligence are Top Business Priorities). In conclusion, it is prevalent that as the Industrial Internet of Things (IIoT) continues to grow, there will be an increase of cyber threats related to the large number of interconnect devices. In order to combat this lurking threat, the industry is making a large push to utilize Artificial Intelligence and Machine Learning in order to protect their critical infrastructure. References:Assaderaghi, Fari, and Lars Reger. “NXP Home >” NXP Blog, 24 Oct. 2018, blog.enabling-technologies/ai-implications-for-iot-security.Hajdarbegovic, Nermin. “Are We Creating An Insecure Internet of Things (IoT)? Security Challenges and Concerns.” Toptal Engineering Blog, Jan. 2016, it/are-we-creating-an-insecure-internet-of-things.Johnson, Tanner. “Growing Cybersecurity Within the Industrial IoT (IIoT).” Growing Cybersecurity Concerns Within the Industrial IoT (IIoT) - IHS Technology, 7 Oct. 2018, technology.607003/growing-cybersecurity-concerns-within-the-industrial-iot-iiot.Labs, Trend. “Industrial Internet of Things (IIoT).” Definition - Trend Micro USA, 2017, vinfo/us/security/definition/industrial-internet-of-things-iiot.Lakhani, Aamir. “The Role of Artificial Intelligence in IoT and OT Security.” CSO Online, 30 Oct. 2018, article/3317836/the-role-of-artificial-intelligence-in-iot-and-ot-security.html.McGladrey, Kayne. “IIoT Devices: 3 Cybersecurity Challenges to Solve for 2018.” Robotics Business Review, Robotics Business Review, 2018, security/iiot-devices-3-cybersecurity-challenges/.MEMSql. “Survey Finds Machine Learning and Artificial Intelligence Are Top Business Priorities.” Global News Wire, 2018, news-release/2018/02/07/1335563/0/en/Survey-Finds-Machine-Learning-and-Artificial-Intelligence-are-Top-Business-Priorities.html.Monohan, David. “Managing the Security Issues & Risks of Industrial IoT.” Create a Culture of Innovation with IIoT World!, 23 Oct. 2017, cybersecurity/managing-the-security-issues-risks-of-industrial-iot/.Musthaler, Linda. “How to Use Deep Learning AI to Detect and Prevent Malware and APTs in Real-Time ?.” Network World, Network World, 11 Mar. 2016, article/3043202/how-to-use-deep-learning-ai-to-detect-and-prevent-malware-and-apts-in-real-time.html.Newell, Jonathon. “Securing the IIoT.” Industrial Cyber Security, Oct. 2017, pp. 49–51.Omale, Gloria. “Gartner Identifies Top 10 Strategic IoT Technologies and Trends.” Gartner, 2018, en/newsroom/press-releases/2018-11-07-gartner-identifies-top-10-strategic-iot-technologies-and-trends.Rouse, Margaret. “What Is Internet of Things (IoT)?” IoT Agenda, 2017, internetofthingsagenda.definition/Internet-of-Things-IoT.Schroer, Alyssa. “14 Artificial Intelligence Cybersecurity Examples To Know | Built In.” 14 Artificial Intelligence Cybersecurity Examples To Know | Built In, 2018, artificial-intelligence/artificial-intelligence-cybersecurity.Solutions, PWC. “2018 AI Predictions.” , 2018, us/en/advisory-services/assets/ai-predictions-2018-report.pdf.Valerio, Pablo. “Industrial IoT Connections Will Reach 46 Billion by 2023.” IIoT Times, 20 July 2018, iot.industrial-iot-connections-will-reach-46-billion-by-2023/.Slide Show Presentation:Oral Presentation:Link to video on Wistia: to video on youtube: ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download