• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.1-12
• /
• 2023

Ensuring the security of Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) is paramount to safeguarding the reliability and safety of critical infrastructure. This paper addresses the significant threat posed by reconnaissance attacks on SCADA/ICS networks and presents an innovative methodology for enhancing their protection. The proposed approach strategically employs imbalance dataset handling techniques, ensemble methods, and feature engineering to enhance the resilience of SCADA/ICS systems. Experimentation and analysis demonstrate the compelling efficacy of our strategy, as evidenced by excellent model performance characterized by good precision, recall, and a commendably low false negative (FN). The practical utility of our approach is underscored through the evaluation of real-world SCADA/ICS datasets, showcasing superior performance compared to existing methods in a comparative analysis. Moreover, the integration of feature augmentation is revealed to significantly enhance detection capabilities. This research contributes to advancing the security posture of SCADA/ICS environments, addressing a critical imperative in the face of evolving cyber threats.

• Journal of the Korea Society for Simulation
• /
• v.16 no.4
• /
• pp.57-65
• /
• 2007

In many sensor network applications, sensor nodes are deployed in open environments, and hence are vulnerable to physical attacks, potentially compromising the node's cryptographic keys. False sensing report can be injected through compromised nodes, which can lead to not only false alarms but also the depletion of limited energy resource in battery powered networks. Fan Ye et al. proposed that statistical en-route filtering scheme(SEF) can do verify the false report during the forwarding process. In this scheme, the choice of a partition value represents a trade off between resilience and energy where the partition value is the total number of partitions which global key pool is divided. If every partition are compromised by an adversary, SEF disables the filtering capability. Also, when an adversary has compromised a very small portion of keys in every partition, the remaining uncompromised keys which take a large portion of the total cannot be used to filter false reports. We propose a fuzzy-based adaptive partitioning method in which a global key pool is adaptively divided into multiple partitions by a fuzzy rule-based system. The fuzzy logic determines a partition value by considering the number of compromised partitions, the energy and density of all nodes. The fuzzy based partition value can conserve energy, while it provides sufficient resilience.

• Journal of Korea Water Resources Association
• /
• v.57 no.4
• /
• pp.277-287
• /
• 2024

Water distribution system (WDS) is exposed to various water quality incidents during its operation. This study utilized Quantitative Microbial Risk Assessment (QMRA) to analyze the risk associated with potential virus intrusion in WDSs. Additionally, the study determined the location and operation of rechlorination facilities to minimize potential risk. In addition, water quality resilience was calculated to confirm that the chlorine concentration maintains within the target range (0.1-1.0 mg/L) during normal operation. Hydraulic analysis was performed using EPANET, while EPANET-MSX was linked to simulate the reactions between viruses and chlorine. The proposed methodology was applied to the Bellingham network in the United States, where rechlorination facilities capable of injecting chlorine concentrations ranging from 0.5 mg/L to 1.0 mg/L were considered. Results indicated that without rechlorination facilities, the Average risk was 0.0154. However, installing rechlorination facilities and injecting chlorine at a concentration of 1.0 mg/L could reduce the Average risk to 39.1%. It was observed that excessive chlorine injection through rechlorination facilities reduced water quality resilience. Consequently, a rechlorination facility with a concentration of 0.5 mg/L was selected, resulting in a reduction of approximately 20% in average risk. This study provides insights for designing rechlorination facilities to enhance preparedness against potential virus ingress in the future.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.2 no.2
• /
• pp.82-94
• /
• 2007

Wireless sensor networking technology is one of the basic infrastructures for ubiquitous environment. It enables us to gather various sensory data such as temperature, humidity, gas leakage, and speed from the remote sensor devices. To support these networking functions, IEEE WPAN working group makes standards for PHY and MAC, while ZigBee Alliance defines the standards for the network, security, and applications. The low-rate WPAN was emerged to have the characteristics of network resilience, low cost, and low power consumption. It has a broad range of applications including, but not limit to industrial control and monitoring, home automation, disaster forecast and monitoring, health care. In order to provide more intelligent and robust services, users want voice-based solutions to accommodate to low-rate WPAN. In this paper, we have evaluated voice quality of an IEEE 802.15.4 standard compliant voice node. Specifically, it includes the design of a voice node and experiments based on the prediction of voice quality using the E-model suggested by ITU-T G.107, and the network communication mechanisms considering beacon-enabled and nonbeacon-enabled networks for real-time voice communications.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.35-42
• /
• 2012

Increase of data traffic and the advent of new real-time services require to change from the traditional TDM-based (Time Division Multiplexing) networks to the optical networks that soft and dynamic configuration. Voice and lease line services are main service area of the traditional TDM-based networks. This optical network became main infrastructure that offer many channel that can convey data, video, and voice. To provide high resilience against failures, Packet-optical networks must have an ability to maintain an acceptable level of service during network failures. Fast and resource optimized lightpath restoration strategies are urgent requirements for the near future Packet-optical networks with a Generalized Multi-Protocol Label Switching(GMPLS) control plane. The goal of this paper is to provide packet-optical network with a hierarchical multi-layer recovery in order to fast and coordinated restoration in packet-optical network/GMPLS, focusing on new implementation information. The proposed schemes do not need an extension of optical network signaling (routing) protocols for support.

• International conference on construction engineering and project management
• /
• 2024.07a
• /
• pp.127-136
• /
• 2024

Flooding presents a significant threat to infrastructure, and climate change is exacerbating these risks. High-speed rail (HSR) infrastructure, designed based on historical data, may struggle to cope with future extreme flood events. Infrastructure stakeholders require forecasting capabilities to predict the intensity and frequency of future floods so they can develop adaptive strategies to mitigate flood risks and impacts. Floods can cause significant damage to HSR infrastructure networks, disrupting their operations. Traditional network theory-based frameworks are insufficient for analyzing the three-dimensional effects of floods on HSR networks. To address this issue, this study proposes a comprehensive approach to assess flood risk and vulnerability under future climate scenarios for HSR networks. The method consists of three components. (i) Generate flood inundation data by utilizing global climate models, Shared Socioeconomic Pathways(SSPs), and the CaMa-Flood model. (ii) Fit extreme flood depths to the Gumbel distribution to generate flood inundation scenarios. (iii) Overlay flood scenarios on the HSR network and quantitatively assess network vulnerability based on topology network. When applied to the HSR system in mainland China, the results indicate that flood severity does not necessarily increase under higher SSPs, but may worsen over time. The minimum flood return period that causes HSR disruptions is decreasing, with Hubei Province showing a significant increase in HSR segment failure probability. Discontinuous phase transitions in HSR network topology metrics suggest potential nationwide collapses under future infrequent floods. These findings can inform preventive measures for the HSR sector and flood-resistant standards for HSR infrastructure. The method used in this study can be extended to analyze the vulnerability of other transportation systems to natural disasters, serving as a quantitative tool for improving resilience in a changing climate.

• Journal of Broadcast Engineering
• /
• v.16 no.3
• /
• pp.530-541
• /
• 2011

In this paper, we propose an effective network-adaptive ARQ based error control scheme to provide video streaming services through IP networks where packet error usually occurs. If time delay and feedback channel are allowed, client can request server to retransmit lost packets through IP networks. However, if retransmission is unconditionally requested without considering network condition and number of simultaneous feedback messages, retransmitted packets may not arrive in a timely manner so that decoding may not occur. In the proposed ARQ, a client conditionally requests retransmission based on assumed network condition, and it further determines valid retransmission time so that effective ARQ can be applied. In order to verify the performance of the proposed adaptive ARQ based error control, NIST-Net is used to emulate packet-loss network environment. It is shown by simulations that the proposed scheme provides noticeable error resilience with significantly reduced traffics required for ARQ.

• Journal of Advanced Navigation Technology
• /
• v.16 no.5
• /
• pp.879-884
• /
• 2012

In accelerating the industrialization, human being have been frequently experiencing man-made crisis such as technology failures, financial problem as well as natural disaster. Emergency management system based on international standard can provide an organization with a framework for continual improvement to increase the possibility of enhancing anticipation, prevention and response as well. In this paper, we introduced the emergency management system design of various organizations for societal security network. In the first, the main role of ISO/TC223 is reviewed and then, current issues of under going standardization in ISO are also addressed. Finally, we have designed a efficient disaster prevention system to minimize the potential risk as well as to improve the organizational resilience.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.12
• /
• pp.4661-4676
• /
• 2014

In Wireless Mesh Networks (WMN), an authentication technique can be compromised due to the distributed network architecture, the broadcast nature of the wireless medium and dynamic network topology. Several vulnerabilities exist in different protocols for WMNs. Hence, in this paper, we propose trust based authentication and key establishment for secure routing in WMN. Initially, a trust model is designed based on Ant Colony Optimization (ACO) to exchange the trust information among the nodes. The routing table is utilized to select the destination nodes, for which the link information is updated and the route verification is performed. Based on the trust model, mutual authentication is applied. When a node moves from one operator to another for accessing the router, inter-authentication will be performed. When a node moves within the operator for accessing the router, then intra-authentication will be performed. During authentication, keys are established using identity based cryptography technique. By simulation results, we show that the proposed technique enhances the packet delivery ratio and resilience with reduced drop and overhead.

• ETRI Journal
• /
• v.33 no.5
• /
• pp.791-801
• /
• 2011

Security in wireless sensor networks (WSNs) is an upcoming research field which is quite different from traditional network security mechanisms. Many applications are dependent on the secure operation of a WSN, and have serious effects if the network is disrupted. Therefore, it is necessary to protect communication between sensor nodes. Key management plays an essential role in achieving security in WSNs. To achieve security, various key predistribution schemes have been proposed in the literature. A secure key management technique in WSN is a real challenging task. In this paper, a novel approach to the above problem by making use of elliptic curve cryptography (ECC) is presented. In the proposed scheme, a seed key, which is a distinct point in an elliptic curve, is assigned to each sensor node prior to its deployment. The private key ring for each sensor node is generated using the point doubling mathematical operation over the seed key. When two nodes share a common private key, then a link is established between these two nodes. By suitably choosing the value of the prime field and key ring size, the probability of two nodes sharing the same private key could be increased. The performance is evaluated in terms of connectivity and resilience against node capture. The results show that the performance is better for the proposed scheme with ECC compared to the other basic schemes.