Content area
The present paper presents the architecture and requirements necessary to develop an intelligent simulating platform tailored to the IIoT smart city environment, with an emphasis on resilience to different type of security attacks. Specifically, we intend to detect malicious traffic in Intelligent IoT (IIoT) radio networks, based on the initial radio fingerprint of the IIoT devices. The solution proposed in this paper will offer security and will facilitate the interoperability between different communication protocols used in IIoT for smart city applications. We intend to evaluate the proposed solution using both real network attacks traces in order to provide the proof of concept, and using simulation tools in order to proof its scalability.
Abstract: The present paper presents the architecture and requirements necessary to develop an intelligent simulating platform tailored to the IIoT smart city environment, with an emphasis on resilience to different type of security attacks. Specifically, we intend to detect malicious traffic in Intelligent IoT (IIoT) radio networks, based on the initial radio fingerprint of the IIoT devices. The solution proposed in this paper will offer security and will facilitate the interoperability between different communication protocols used in IIoT for smart city applications. We intend to evaluate the proposed solution using both real network attacks traces in order to provide the proof of concept, and using simulation tools in order to proof its scalability.
Keywords: IIoT devices; cyber-attacks; IoT; security; platform.
INTRODUCTION
The Internet of Things (IoT) is one of the key elements of the ICT infrastructure for sustainable smart cities as the urban development advances to higher potential and environmental sustainability. As an ICT vision, the IoT is associated with big data analytics, necessary in many urban domains for reducing energy consumption, the energy waste as well as big cities decongesting, thus mitigate the environmental effects. This implies effective use of natural resource, intelligent management of infrastructures and facilities, and enhanced delivery of services in support of the environment. As such, the IoT and related big data applications can play a key role in improving the process of environmentally sustainable development. Recent studies tend to deal largely with the IoT and related big data applications in connection with economic growth and the quality of life in the realm of smart cities, but largely ignore their role in improving environmental sustainability in the context of smart sustainable cities of the future. In1 a number of challenges affecting to the Intelligent IoT Systems (IIoT) and the associated data base management and analysis, as well as some of the open issues are conferred. The paper discusses also the prospect and implications of complementing the informational data bases associated to sustainable smart cities with additional big data and associated applications necessary to achieve a mandatory level of sustainability.
The numerous advancements mixed communication technologies that arise during the last decade enabled the IIoT devices that coexists in smart cities to interact one another through different type of networks2. We are currently existing in the era of 5G networks, in which smartphones, tablets or other wireless devices are shifting our life environment, making it more flexible, interactive and adaptive3. The Internet of Things (IoT) evolved towards Internet of Everything, that implies the development of a new ecosystem that includes evolved wireless networks, sensors, cloud and fog computing, other interactive technologies, as well as associated smart devices, to offer technical solutions in which the smart objects are connected to the existing networks and are assigned identifier to make possible object-toobject interactions. Innovation in wired and wireless networks, as well as in IIoT, offers a large range of solutions or applications. From e-transport to e-health, from smart houses to emanufacturing and many other e-solutions. In this new intelligent-environment, the effects of cyber attacks on the systems or on particular devices, combined with the system or devices inherent vulnerabilities rise increasing concern to clients but manufacturers and vendors as well, and needs to be solved in order to increase the client confidence4.
However, these communication technologies cannot provide flawless connectivity in smart cities due to the coexistence of thousands of devices, which brings about several problems. In5 several communication and networking systems used in smart cities there are presented a number of case studies, as well as the challenges associated to each of them, from which there can be mentioned: mobility management, interference management, interoperability between diverse wireless networks, scalable wireless solutions, and so on.
When a cyber-security incident implying one or several critical components of the smart city infrastructure happens, appropriate measures needs to be taken in order to identify and enumerate tangible evidence necessary to aid the forensic investigation process. Such forensic experience gained from past events might help defend the environment against future such incidents. In6 the authors present a comprehensive view of the security overall-scene of a smart city environment, identifying security threats. In7 the authors evaluate the taxonomy of different types of system vulnerabilities which affect the infrastructure of IoT systems and applications to different cyber attacks and a case-study has been established in this technologies that are under development. In8 the authors propose a framework to increase the security and protect the citizen's privacy for a smart city environment while in9 different cyber security approaches are studied and analysed in based on smart city infrastructure. In10 the authors propose cognitive and scalable IoT structure oriented towards a smart city network architecture, in which the data are collected from a number of sensors, while in11 an extensive literature review that addresses the topic of Smart Cities is performed, and a comprehensive analysis of the concept and existing platforms is achieved. Moreover, the authors offer an architecture model that that uses a multilayer platform developed in order to offer a number of service services that can be installed in such an environment, like energy management, healthcare, leisure, employability, etc. The architecture has been validated with the three case studies presented.
According to Horizon Europe (2021-2027) presentation12, two of the key focus area are Climate-neutral and smart cities that uses Key digital and enabling technologies as well as Cybersecurity. A special cluster for Civil security for society, that includes the Cybersecurity, is included in the second pillar with a total budget of 52.7 billion €. Even in H2020 a large number of projects have been proposed and several has been founded. The REPLICATE research project13 is trying to accelerate the development of new technologies as well as organisational and economic keys necessary to increase the resource and energy efficiency, to improve the quality of urban transportation system, and reduce the gas emissions in urban areas. The project aims to enhance the transition process to a smart city in three areas: energy efficiency, sustainable mobility and integrated ICT infrastructures in the cities of Bristol (UK), Florence (Italy) and San-Sebastian (Spain). However, the security issues are only briefly covered. Enact14 is a project that started in 2018 and is still under development, whose main technical goal is to develop novel IoT platform, that uses smart IIoT devices and to augment them with novel concepts in order to ensure an end-to-end security and privacy, resilience and robustness taking into account the challenges related to "collaborative" actuation and actuation conflicts.
The remainder of the paper is organized as follows: in chapter 1 are presented a number of security issues in IoT systems for the existing transmission protocols, in chapter 2 is presented the proposed solution and a system architecture with its' main blocks and functionality, and in the final chapter are presented a number of conclusions regarding the utility of such platform and possible applications.
1.Security issues in IIoT Systems
The inter-connected computer systems or intelligent devices are extremely vulnerable to cyber attackers for a number of reasons, from which there can be mentioned:
1) Most IIoT devices operate independently, without human supervision, thus being relatively easy for an attacker to gain access to them either physically or remotely.
2) Most IIoT components are interconnected via different types of wired and wireless networks, such that an attacker could use eavesdropping technique in order to obtain confidential.
3) Most IIoT components are unable to support complicated security devices of software, since most of them use low power and have limited computing resource capabilities.
In addition, cyber-attacks can be performed on any IIoT devices, causing possible damage or disfunction of the overall network, jeopardising the system users or producing important economic damage to their owners15. Examples of such attacks might be the ones on home automation systems, like taking control of the central heating systems or air conditioning, or extracting information regarding the activity in such intelligent house using the available smart devices. Also, such cyber-attacks can also be launched against important public infrastructure, like the utility systems (like power, gas distribution or water distribution systems) to break the water, gas or electricity sources access for the inhabitants.
In fact, the critical IIoT systems, networks and even individual devices should be guarded against any threats that can affect a good functionality. Generally, most IIoT devices are vulnerable to different types of attacks due to their characteristics. Especially in smart cities, even before identifying the possible security threats, the most vulnerable system components (assets) of the IIoT system must first be identified. It is important to understand the critical asset inventory, including all IIoT components, devices and services and their importance for the end user. The most vulnerable assets of any IIoT system are the hardware components (from buildings to computer networks) as well as the associated software which offers services to the end-user.
Communication requirements vary widely among the different types of IIoT networks, depending on their purpose and resource constraints. The selection of protocols to be used in a particular deployment of IIoT ecosystems depends on the requirements of the use-case. The combination of different protocols within IIoT ecosystems is a common practice, using gateways to ensure interoperability.
IIoT communication systems rely on the ability to both transmit and receive information in a structured manner, with services located either nearby or in a distant location, using different, but interoperable kinds of network types and protocols. These networks have different set of properties such as QoS, resilience, security and management. The communication protocols within IIoT ecosystems can be either wireless or wireline-based.
There exists an excess of wireless communication protocols, including short-range radio protocols such as ZigBee, Bluetooth/Bluetooth Low Energy (BLE), Wi-Fi/Wi-Fi HaLow, Near Field Communication (NFC) or Radio Frequency Identification (RFID); mobile networks and longer-range radio protocols such as LoRaWAN, SigFox NarrowBand-IoT (NB-IoT), or LTE-M.
Wireless technologies have different characteristics, such as a specific signal range, bandwidth, etc. and can be classified as Wireless Personal Area Networks (WPAN), Wireless Local Area Networks (WLAN) or Wireless Wide Area Networks (WWAN).
2.Proposed solution and System Architecture
Within this paper we propose an architecture for an intelligent simulating platform tailored to the IIoT smart city environment based on LoRa technology with an emphasis on resilience to different type of security attacks. Specifically, we intend to use deep-learning algorithms to identify malicious data traffic in IIoT radio networks based on the initial radio fingerprint of the IIoT devices. This solution will provide "security as a service" and might facilitate the interoperability between different communication protocols used in IIoT. We evaluate the proposed detection framework using both real-network attack traces for providing a proof of concept, and using simulation for providing evidence of its scalability. Our experimental results will, hopefully, confirm that the proposed intrusion-detection system can detect real-world intrusions efficiently.
Our solution will monitor the radio activity of different type of IIoT devices, on those frequencies known to be used by IIoT communications in a smart city virtual network using LoRa technology. The test platform will evaluate only the intensity of the received signal, regardless protocol specifications. Also, the platform does not require any modification of the existing devices. This process will be performed in two stages. In stage one, a reference model will be created, including the radio finger-print of the IIoT under study, considering that no cyber-attack has been performed to alter their functionality. In the second stage we will detect the behavioural changes of the devices with respect to the initial fingerprint. It consists in:
1) capture of the radio activity of the sensitive IIoT devices (like automatic reading of the energy, water or power consumption)
2) compare of the data captured with the initial fingerprints created using well known patterns.
3) generate specific alerts any time there is identified a deviation from the original pattern.
The signal detected will be processed with GNU Radio toolkit that provides a free open-source software that implements the main signal processing blocks necessary to implement software-defined radios16. It can be easily used and with relatively low-cost external hardware to implement "software-defined" radio devices, or without additional hardware, in a simulation platform.
GNU Radio performs all the data processing necessary to recover the signal. It can be used it to write applications to transmit and receive data with existing RF hardware, or to create simulate the RF chain, from transmitter to receiver end. GNU Radio has implemented different types of filters, channel encoders/decoder, synchronization blocks, channel equalizers, demodulators and many other types of blocks, which are typically found in signal processing systems. More importantly, it allows software interconnecting these blocks and data transfer towards the virtual radio system. The purpose of our work is to provide a mean to recognize devices based on their network behaviour. Therefore, we need to define features that will appropriately describe the network activity. The purpose of our work is to provide a mean to recognize devices based on their network behaviour. Therefore, we intend to define features that will appropriately describe the network activity. The purpose of our work is to provide a mean to recognize devices based on their network behaviour. Therefore, we need to define features that will appropriately describe the network activity.
Using a popular SDR HackRF One which has a number of robust features and it is well supported by a large variety of open-source software on most standard computer like SDR sharp, our platform can identify most common IIoT device connected in a LoRaWAN. The basic SDR# includes a standard FFT display, a frequency manager, a digital recording tool and a noise reduction software instruments. SDR# can also decode RDS signals from broadcast FM.
At first we will record the radio activities generated by the IIoT devices that operates unaffected by malware or other type of attacks. These data will be used as training set to validate a reference model. In a second phase we will simulate some attacks cyber-attacks on identified IIoT devices. The attack injection campaign is composed of two steps:
1) Definition and simulation of the attack: since our detection relies only on the analysis of RF activities, it is sufficient to simulate these attacks by generating radio activity behaviour similar RF behaviour with the IIoT devices under attack.
2) Injection of the attack: in which the virtual attacks are injected into the system using a software attack generator tool.
In the present work we developed an architecture, named SyIIOT that will include the following modules/functionalities, as presented in Figure 1.
(A) The radio spectrum scanning of the IIoT devices module - that will be accomplished using SDR platforms, that h
(B) Have a large flexibility with respect to the gain and frequency bandwidth that is desired to be analysed. The SDR platforms available CO can cover a frequency range between 100Hz to 6 GHz and can accommodate bandwidths of about 25 MHz.
(C) The radio processing module - the data received via different SDR platforms will be processed using a GNU Radio module that will contain specific data processing chains, depending on the specificity of the IIoT device identified by the platform.
(D) The IIoT device identification module - based on the radio processing module, this block will identify the IIoT devices accessible in the area analysed by the system. This module will provide specific capabilities for retrieving the data from sensors and recording them in the database, will be able manage the IIoT devices in real time and to access the data associated to each such device.
(E) The simulating module - simulate different attacks on IIoT devices, used in critical industrial environment, like the ones used in intelligent metering of water, electrical current or gas and analyse the security risks of the different IIoT devices under the coverage area, presents them to an evaluation system and generates recommendations regarding the possible cyber-attacks, the probability of occurrence and the associated risks. Machine Learning and Data Mining techniques will be used to implement this module. Different behavioural and traffic anomalies will be identified, like port ID changes, protocol changes, behaviour change from the initial communication footprint of each IoT device, etc. The results will be used to establish the electromagnetic compatibility in a given space, in order to reduce the radio interference areas and to avoid collisions or harmful effects on the existing RF systems, and will offer the possibility to establish the technical or organizational measures necessary to minimize / eliminate the induced effects.
(F) The user interface module - will offer a friendly, accessible and configurable web interface for all the system users, with minimum response delay.
Such platform is an innovative product, since, in present, there is no similar offer on the market, and has a potential impact both on the national and on the international market. Among its benefits there can be mentioned:
* efficient identification of possible cyber-attacks on IIoT networked devices;
* identification of the principal functionalities of the IIoT devices and of the possible threats;
* efficient finding of the IIoT devices that coexists in a given perimeter and of their radio communication parameters and protocol used for data transmission
* implementation of "Machine Learning" and "Data Mining" functionalities to identify behavioural and traffic anomalies of the IIoT devices with respect to their initial footprint.
The test platform resulted and the results obtained based on simulation of different type of attacks is a laboratory prototype to evaluate the behaviour, the potential risks and to offer recommendations for such a IIoT interconnected system. The resulting platform will validate the components and the ensemble in laboratory conditions, and it can be patented and used further in industrial development. It is useful to increase the security level of the IIoT devices that are interconnected using different radio protocols, identify unusual behaviour of such devices and generates recommendation regarding the security risks of such networks.
CONCLUSIONS
The platform architecture proposed within the paper aims to solve the security issues related to the IIoT devices in the domestic environment by scanning and inspecting network traffic, real-time identification of anomalies behaviour and traffic of IoT devices in the home environment and sending alerts to users/administrator. After the implementation and testing of the above-mentioned platform in laboratory environment, it will be further used as basis for laboratory experiments or it can be further developed by interested industrial partners in developing it as a product.
Such a platform will be a novelty in the domain in Romania and one of the very few existing in Europe, some of them still under development17,18. Moreover, the platform is designed to be accessed either locally or remotely, giving an increased degree of flexibility from the user point of view, thus offering a novelty even at European level. Such platform can also be used for training IoT specialists in security aspects for IIoT devices in smart city environment, oriented towards control and protection systems in critical infrastructures, where there is a massive lack of personnel on labour market.
1 S. E. Bibri, The IoT for smart sustainable cities of the future "An analytical framework for sensor-based big data applications for environmental sustainability. Sustainable Cities and Society", 2018 Apr 1, 38:230-53.
2 I. Yaqoob, I.A.T. Hashem, Y. Mehmood, A. Gani, S. Mokhtar, and S. Guizani, 2017, "Enabling communication technologies for smart cities", IEEE Communications Magazine, 55(1), pp. 112-120.
3 M. Witti, and D. Konstantas, 2018, December, "A Secure and Privacy-preserving Internet of Things Framework for Smart City", in Proceedings of the 6th International Conference on Information Technology: IoT a nd Smart City, ACM, pp. 145-150.
4 S. Tweneboah-Koduah, K.E. Skouby and R. Tadayoni, 2017, "Cyber security threats to IoT applications and service domains", Wireless Personal Communications, 95(1), pp. 169-185.
5 I. Yaqoob, Hashem, Mehmood I.A.T., Gani Y., S. A. Mokhtar and S. Guizani, 2017, "Enabling communication technologies for smart cities", IEEE Communications Magazine, 55(1), pp. 112-120.
6 Z.A. Baig, P. Szewczyk, C. Valli, P. Rabadia, P. Hannay, M. Chernyshev, M. Johnstone, P. Kerai, A. Ibrahim, K. Sansurooah and N. Syed, 2017, "Future challenges for smart cities: Cyber-security and digital forensics", Digital Investigation, 22, pp. 3-13.
7 S.Tweneboah-Koduah, K.E. Skouby and R. Tadayoni, 2017, "Cyber security threats to IoT applications and service domains", Wireless Personal Communications, 95(1), pp. 169-185.
8 M. Witti and D. Konstantas, 2018, December, "A Secure and Privacy-preserving Internet of Things Framework for Smart City" in Proceedings of the 6th International Conference on Information Technology: IoT and Smart City, ACM, pp. 145-150.
9 B. Hyman, Z. Alisha and S. Gordon, 2019, "Secure Controls for Smart Cities; Applications in Intelligent Transportation Systems and Smart Buildings Applications", International Journal of Science and Engineering Applications, 2019, 8 (6), pp.167-171.
10 J. H. Park, M. M. Salim, J.H. Jo, J.C.S. Sicato, S. Rathore and J.H. Park, 2019, "CIoT-Net: a scalable cognitive IoT based smart city network architecture", Human-centric Computing and Information Sciences, 9(1), p. 29.
11 P. Chamoso, A. González-Briones, S. Rodríguez and J.M. Corchado, 2018, "Tendencies of technologies and platforms in smart cities: a state-of-the-art review", Wireless Communications and Mobile Computing, 2018.
12 URL: https://ec.europa.eu/info/sites/info/files/research_and_innovation/strategy_on_research_and_innovation/ presentations /horizon_europe_en_investing_to_shape_our_future.pdf, accessed on Oct. 10, 2019.
13 URL: http://www.replicate-project.eu, accessed on Oct. 15, 2019.
14 URL: https://www.enact-project.eu/, accessed on Sept. 10, 2019.
15 M. Abomhara, "Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks", Journal of Cyber Security and Mobility, 2015 Jan 31, pp. 65-88.
16 URL: https://bestestredteam.com/2018/10/16/gnuradio-introduction/, accessed on Oct. 13, 2019.
17 URL:http://www.replicate-project.eu, accessed on Oct 10, 2019.
18 URL: https://www.enact-project.eu/, accessed on Sept 11, 2019.
BIBLIOGRAPHY:
1. ABOMHARA M., "Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks". Journal of Cyber Security and Mobility. 2015 Jan 31; 4(1):65-88.
2. BAIG, Z.A.; SZEWCZYK, P.; Valli, C.; RABADIA, P.; HANNAY, P.; CHERNYSHEV, M.; JOHNSTONE, M.; KERAI, P.; IBRAHIM, A.; SANSUROOAH, K. and Syed, N., 2017, "Future challenges for smart cities: Cyber-security and digital forensics", Digital Investigation, 22, pp. 3-13.
3. BIBRI, S.E., 2018, "The IoT for smart sustainable cities of the future: An analytical framework for sensor-based big data applications for environmental sustainability", Sustainable Cities and Society, 38, pp. 230-253.
4. CHAMOSO, P.; GONZÁLEZ-BRIONES, A.; RODRÍGUEZ, S; CORCHADO, J.M.; Tendencies of technologies and platforms in smart cities: a state-of-the-art review, Wireless Communications and Mobile Computing, 2018.
5. Enact Project, URL:https://www.enact-project.eu/
6. HYMAN, B.; ALISHA, Z.; GORDON, S., Secure Controls for Smart Cities; Applications in Intelligent Transportation Systems and Smart Buildings Applications, International Journal of Science and Engineering Applications, 2019.
7. PARK, J.H.; SALIM, M.M.; JO, J.H.; SICATO, J.C.S.; RATHORE, S. and PARK, J.H., 2019, CIoT-Net: a scalable cognitive IoT based smart city network architecture. Human-centric Computing and Information Sciences.
8. Replicate Project, URL:http://www.replicate-project.eu
9. TWENEBOAH-KODUAH, S.; SKOUBY, K.E.; TADAYONI, R., "Cyber security threats to IoT applications and service domains, Wireless Personal Communications, 95(1), 2017.
10. URL: https://bestestredteam.com/2018/10/16/gnuradio-introduction/
11. URL: https://ec.europa.eu/info/sites/info/files/research_and_innovation/strategy_on_research_ and_innovation/presentations/horizon_europe_en_investing_to_shape_our_ future.
12. WITTI, M. and KONSTANTAS, D., A Secure and Privacy-preserving Internet of Things Framework for Smart City. In Proceedings of the 6th International Conference on Information Technology: IoT and Smart City, ACM, 2018, December.
13. WITTI, M.; KONSTANTAS, D., A Secure and Privacy-preserving Internet of Things Framework for Smart City. In Proceedings of the 6th International Conference on Information Technology: IoT and Smart City, ACM, December, 2018.
14. YAQOOB, I.; HASHEM, I.A.T.; MEHMOOD, Y.; GANI, A.; MOKHTAR, S; GUIZANI, S., 2017. Enabling communication technologies for smart cities. IEEE Communications Magazine.
Acknowledgement: This work was partially supported by the UEFISCDI-fundedproject no.8 Sol/2018 "Integrated Informatic System for Activities Management" (SIIMA).
Copyright "Carol I" National Defence University 2019