Publications
PUBLICATIONS
2021 |
|
1. | Siniosoglou, Ilias; Argyriou, Vasileios; Lagkas, Thomas; Tsiakalos, Apostolos; Sarigiannidis, Antonios; Sarigiannidis, Panagiotis Covert Distributed Training of Deep Federated Industrial Honeypots (Inproceedings) In: 2021 IEEE Globecom Workshops (GC Wkshps), pp. 1–6, IEEE 2021. (Abstract | Links | BibTeX | Tags: Data Generation, Deep Learning, Honeypots, Industrial Control System, SCADA) @inproceedings{siniosoglou2021covert, Since the introduction of automation technologies in the Industrial field and its subsequent scaling to horizontal and vertical extents, the need for interconnected industrial systems, supporting smart interoperability is ever higher. Due to this scaling, new and critical vulnerabilities have been created, notably in legacy systems, leaving Industrial infrastructures prone to cyber attacks, that can some times have catastrophic results. To tackle the need for extended security measures, this paper presents a Federated Industrial Honeypot that takes advantage of decentralized private Deep Training to produce models that accumulate and simulate real industrial devices. To enhance their camouflage, SCENT, a new custom and covert protocol is proposed, to fully immerse the Federated Honeypot to its industrial role, that handles the communication between the server and honeypot during the training, to hide any clues of operation of the honeypot other that its supposed objective to the eye of the attacker. |
2020 |
|
2. | Radoglou-Grammatikis, Panagiotis; Sarigiannidis, Panagiotis; Efstathopoulos, George; Karypidis, Paris-Alexandros; Sarigiannidis, Antonios DIDEROT: An Intrusion Detection and Prevention System for DNP3-Based SCADA Systems (Inproceedings) In: Proceedings of the 15th International Conference on Availability, Reliability and Security, Association for Computing Machinery, Virtual Event, Ireland, 2020, ISBN: 9781450388337. (Abstract | Links | BibTeX | Tags: Anomaly Detection, Autonencoder, Intrusion detection, Machine Learning, SCADA, SDN, Smart Grid) @inproceedings{10.1145/3407023.3409314, In this paper, an Intrusion Detection and Prevention System (IDPS) for the Distributed Network Protocol 3 (DNP3) Supervisory Control and Data Acquisition (SCADA) systems is presented. The proposed IDPS is called DIDEROT (Dnp3 Intrusion DetEction pReventiOn sysTem) and relies on both supervised Machine Learning (ML) and unsupervised/outlier ML detection models capable of discriminating whether a DNP3 network flow is related to a particular DNP3 cyberattack or anomaly. First, the supervised ML detection model is applied, trying to identify whether a DNP3 network flow is related to a specific DNP3 cyberattack. If the corresponding network flow is detected as normal, then the unsupervised/outlier ML anomaly detection model is activated, seeking to recognise the presence of a possible anomaly. Based on the DIDEROT detection results, the Software Defined Networking (SDN) technology is adopted in order to mitigate timely the corresponding DNP3 cyberattacks and anomalies. The performance of DIDEROT is demonstrated using real data originating from a substation environment. |
3. | Pliatsios, Dimitrios; Sarigiannidis, Panagiotis; Lagkas, Thomas; Sarigiannidis, Antonios G A Survey on SCADA Systems: Secure Protocols, Incidents, Threats and Tactics (Journal Article) In: IEEE Communications Surveys Tutorials, vol. 22, no. 3, pp. 1942-1976, 2020. (Abstract | Links | BibTeX | Tags: Cybersecurity, Protocols, SCADA, Security, Smart Grid, Trends) @article{9066892, Supervisory Control and Data Acquisition (SCADA) systems are the underlying monitoring and control components of critical infrastructures, such as power, telecommunication, transportation, pipelines, chemicals and manufacturing plants. Legacy SCADA systems operated on isolated networks, that made them less exposed to Internet threats. However, the increasing connection of SCADA systems to the Internet, as well as corporate networks, introduces severe security issues. Security considerations for SCADA systems are gaining higher attention, as the number of security incidents against these critical infrastructures is increasing. In this survey, we provide an overview of the general SCADA architecture, along with a detailed description of the SCADA communication protocols. Additionally, we discuss certain high-impact security incidents, objectives, and threats. Furthermore, we carry out an extensive review of the security proposals and tactics that aim to secure SCADA systems. We also discuss the state of SCADA system security. Finally, we present the current research trends and future advancements of SCADA security. |