Publications – SIDROCO Holdings Ltd

PublicationsadminMay 18, 2021May 24, 2021

Publications

PUBLICATIONS

2021
1.	Radoglou-Grammatikis, Panagiotis; Liatifis, Athanasios; Grigoriou, Elisavet; Saoulidis, Theocharis; Sarigiannidis, Antonios; Lagkas, Thomas; Sarigiannidis, Panagiotis TRUSTY: A solution for threat Hunting Using Data Analysis in Critical Infrastructures (Conference) IEEE International Conference on Cyber Security and Resilience (CSR), IEEE, 2021. (Abstract \| Links \| BibTeX \| Tags: Anomaly Detection, Intrusion detection, Privacy, Telemetry) @conference{Radoglou-Grammatikis2021, title = {TRUSTY: A solution for threat Hunting Using Data Analysis in Critical Infrastructures}, author = {Radoglou-Grammatikis, Panagiotis and Liatifis, Athanasios and Grigoriou, Elisavet and Saoulidis, Theocharis and Sarigiannidis, Antonios and Lagkas, Thomas and Sarigiannidis, Panagiotis}, url = {https://ieeexplore.ieee.org/document/9527936/keywords#keywords}, doi = {10.1109/CSR51186.2021.9527936}, year = {2021}, date = {2021-07-28}, urldate = {2021-07-28}, booktitle = {IEEE International Conference on Cyber Security and Resilience (CSR)}, publisher = {IEEE}, abstract = {The rise of the Industrial Internet of Things (IIoT) plays a crucial role in the era of hyper-connected digital economies. Despite the valuable benefits, such as increased resiliency, self-monitoring and pervasive control, IIoT raises severe cybersecurity and privacy risks, allowing cyberattackers to exploit a plethora of vulnerabilities and weaknesses that can lead to disastrous consequences. Although the Intrusion Detection and Prevention Systems (IDPS) constitute valuable solutions, they suffer from several gaps, such as zero-day attacks, unknown anomalies and false positives. Therefore, the presence of supporting mechanisms is necessary. To this end, honeypots can protect the real assets and trap the cyberattackers. In this paper, we provide a web-based platform called TRUSTY , which is capable of aggregating, storing and analysing the detection results of multiple industrial honeypots related to Modbus/Transmission Control Protocol (TCP), IEC 60870-5-104, BACnet, Message Queuing Telemetry Transport (MQTT) and EtherNet/IP. Based on this analysis, we provide a dataset related to honeypot security events. Moreover, this paper provides a Reinforcement Learning (RL) method, which decides about the number of honeypots that can be deployed in an industrial environment in a strategic way. In particular, this decision is converted into a Multi-Armed Bandit (MAB), which is solved with the Thompson Sampling (TS) method. The evaluation analysis demonstrates the efficiency of the proposed method.}, keywords = {Anomaly Detection, Intrusion detection, Privacy, Telemetry}, pubstate = {published}, tppubtype = {conference} } Close The rise of the Industrial Internet of Things (IIoT) plays a crucial role in the era of hyper-connected digital economies. Despite the valuable benefits, such as increased resiliency, self-monitoring and pervasive control, IIoT raises severe cybersecurity and privacy risks, allowing cyberattackers to exploit a plethora of vulnerabilities and weaknesses that can lead to disastrous consequences. Although the Intrusion Detection and Prevention Systems (IDPS) constitute valuable solutions, they suffer from several gaps, such as zero-day attacks, unknown anomalies and false positives. Therefore, the presence of supporting mechanisms is necessary. To this end, honeypots can protect the real assets and trap the cyberattackers. In this paper, we provide a web-based platform called TRUSTY , which is capable of aggregating, storing and analysing the detection results of multiple industrial honeypots related to Modbus/Transmission Control Protocol (TCP), IEC 60870-5-104, BACnet, Message Queuing Telemetry Transport (MQTT) and EtherNet/IP. Based on this analysis, we provide a dataset related to honeypot security events. Moreover, this paper provides a Reinforcement Learning (RL) method, which decides about the number of honeypots that can be deployed in an industrial environment in a strategic way. In particular, this decision is converted into a Multi-Armed Bandit (MAB), which is solved with the Thompson Sampling (TS) method. The evaluation analysis demonstrates the efficiency of the proposed method. Close https://ieeexplore.ieee.org/document/9527936/keywords#keywords doi:10.1109/CSR51186.2021.9527936 Close
2020
2.	Grammatikis, Panagiotis Radoglou; Sarigiannidis, Panagiotis; Iturbe, Eider; Rios, Erkuden; Sarigiannidis, Antonios; Nikolis, Odysseas; Ioannidis, Dimosthenis; Machamint, Vasileios; Tzifas, Michalis; Giannakoulias, Alkiviadis; Angelopoulos, Michail; Papadopoulos, Anastasios; Ramos, Francisco Secure and Private Smart Grid: The SPEAR Architecture (Inproceedings) In: 2020 6th IEEE International Conference on Network Softwarization (NetSoft), pp. 450-456, 2020. (Abstract \| Links \| BibTeX \| Tags: Anomaly Detection, Anonymity, Cybersecurity, Forensics, Honeypots, Intrusion detection, Privacy, Smart Grid) @inproceedings{inproceedingsb, title = {Secure and Private Smart Grid: The SPEAR Architecture}, author = {Panagiotis Radoglou Grammatikis and Panagiotis Sarigiannidis and Eider Iturbe and Erkuden Rios and Antonios Sarigiannidis and Odysseas Nikolis and Dimosthenis Ioannidis and Vasileios Machamint and Michalis Tzifas and Alkiviadis Giannakoulias and Michail Angelopoulos and Anastasios Papadopoulos and Francisco Ramos}, url = {https://www.researchgate.net/publication/343621502_Secure_and_Private_Smart_Grid_The_SPEAR_Architecture}, doi = {10.1109/NetSoft48620.2020.9165420}, year = {2020}, date = {2020-01-01}, booktitle = {2020 6th IEEE International Conference on Network Softwarization (NetSoft)}, pages = {450-456}, abstract = {Information and Communication Technology (ICT) is an integral part of Critical Infrastructures (CIs), bringing both significant pros and cons. Focusing our attention on the energy sector, ICT converts the conventional electrical grid into a new paradigm called Smart Grid (SG), providing crucial benefits such as pervasive control, better utilisation of the existing resources, self-healing, etc. However, in parallel, ICT increases the attack surface of this domain, generating new potential cyberthreats. In this paper, we present the Secure and PrivatE smArt gRid (SPEAR) architecture which constitutes an overall solution aiming at protecting SG, by enhancing situational awareness, detecting timely cyberattacks, collecting appropriate forensic evidence and providing an anonymous cybersecurity information-sharing mechanism. Operational characteristics and technical specifications details are analysed for each component, while also the communication interfaces among them are described in detail.}, keywords = {Anomaly Detection, Anonymity, Cybersecurity, Forensics, Honeypots, Intrusion detection, Privacy, Smart Grid}, pubstate = {published}, tppubtype = {inproceedings} } Close Information and Communication Technology (ICT) is an integral part of Critical Infrastructures (CIs), bringing both significant pros and cons. Focusing our attention on the energy sector, ICT converts the conventional electrical grid into a new paradigm called Smart Grid (SG), providing crucial benefits such as pervasive control, better utilisation of the existing resources, self-healing, etc. However, in parallel, ICT increases the attack surface of this domain, generating new potential cyberthreats. In this paper, we present the Secure and PrivatE smArt gRid (SPEAR) architecture which constitutes an overall solution aiming at protecting SG, by enhancing situational awareness, detecting timely cyberattacks, collecting appropriate forensic evidence and providing an anonymous cybersecurity information-sharing mechanism. Operational characteristics and technical specifications details are analysed for each component, while also the communication interfaces among them are described in detail. Close https://www.researchgate.net/publication/343621502_Secure_and_Private_Smart_Grid[...] doi:10.1109/NetSoft48620.2020.9165420 Close

We’d love to hear about your projectStart a Project