@article{Muhlbauer2020,

title = {Open-Source OPC UA Security and Scalability},

author = {Nikolas M\"{u}hlbauer and Erkin Kirdan and Marc Oliver Pahl and Georg Carle},

doi = {10.1109/ETFA46521.2020.9212091},

issn = {19460759},

year  = {2020},

date = {2020-01-01},

journal = {IEEE International Conference on Emerging Technologies and Factory Automation, ETFA},

volume = {2020-Septe},

pages = {262--269},

abstract = {OPC UA is widely adopted for remote-control in industrial environments. It has a central role for industrial control systems as it enables remote management. Compromising OPC UA can lead to compromising entire production facilities. Consequently, OPC UA requires a high level of security. Major commercial OPC UA implementations have compliance certificates ensuring that their security models obey the specification. However, open-source OPC UA implementations that have wide deployment mostly lack these certificates. In this work, we investigate the security models of the four most commonly used open-source implementations: open62541, node-opcua, UA-.NETStandard, and python-opcua. Furthermore, their scalabilities for the number of clients and OPC UA nodes are also analyzed.},

keywords = {OPC UA, open-source, scalability, Security},

pubstate = {published},

tppubtype = {article}

}

@article{Navas2020,

title = {IANVS: A Moving Target Defense Framework for a Resilient Internet of Things},

author = {Renzo E Navas and Hr{a}kon Sandaker and Fr\'{e}d\'{e}ric Cuppens and Nora Cuppens and Laurent Toutain and Georgios Z Papadopoulos},

doi = {10.1109/ISCC50000.2020.9219728},

issn = {15301346},

year  = {2020},

date = {2020-01-01},

journal = {Proceedings - IEEE Symposium on Computers and Communications},

volume = {2020-July},

abstract = {The Internet of Things (IoT) is more and more present in fundamental aspects of our societies and personal life. Billions of objects now have access to the Internet. This networking capability allows for new beneficial services and applications. However, it is also the entry-point for a wide variety of cyber-attacks that target these devices. The security measures present in real IoT systems lag behind those of the standard Internet. Security is sometimes completely absent. Moving Target Defense (MTD) is a 10-year-old cyber-defense paradigm. It proposes to randomize components of a system. Reasonably, an attacker will have a higher cost attacking an MTD-version of a system compared with a static-version of it. Even if MTD has been successfully applied to standard systems, its deployment for IoT is still lacking. In this paper, we propose a generic MTD framework suitable for IoT systems: IANVS (pronounced Janus). Our framework has a modular design. Its components can be adapted according to the specific constraints and requirements of a particular IoT system. We use it to instantiate two concrete MTD strategies. One that targets the UDP port numbers (port-hopping), and another a CoAP resource URI. We implement our proposal on real hardware using Pycom LoPy4 nodes. We expose the nodes to a remote Denial-of-Service attack and evaluate the effectiveness of the IANVS-based port-hopping MTD proposal.},

keywords = {attack, ChaCha20, CoAP, design, framework, hping3, IoT, LoPy4, Moving Target Defense, MTD, port-hopping, reconnaissance, Security, stream-cipher},

pubstate = {published},

tppubtype = {article}

}

@article{Pahl2019,

title = {Giving IoT services an identity and changeable attributes},

author = {Marc Oliver Pahl and Lorenzo Donini},

isbn = {9783903176157},

year  = {2019},

date = {2019-01-01},

journal = {2019 IFIP/IEEE Symposium on Integrated Network and Service Management, IM 2019},

number = {section II},

pages = {455--461},

abstract = {The Internet of Things (IoT) pervades our surroundings. It softwarizes our physical environments. Software controls devices that interface their physical environments. The IoT is often privacy, safety, and security critical. Consequently, it requires adequate mechanisms for securing its services. For reasons such as heterogeneity, complexity, and lack of deployment there is little research on IoT service security.Our work creates a base for IoT service security. We give IoT services secure identities and attributes. Using site-local X.509v3 certificates with short lifetimes, we show how service attributes can securely be changed at runtime. This enables enforcing security policies even on distributed, loosely coupled IoT nodes. Our central mechanisms are pinning certificates to service executables, and autonomously managing the short certificate lifetimes. We assess the resulting renewal traffic and power consumption. textcopyright 2019 IFIP.},

keywords = {Autonomous service management, Certificates, IoT, Metadata, Microservices, Security, Unattended nodes, X.509},

pubstate = {published},

tppubtype = {article}

}

@article{Kome2018,

title = {CoAP Enhancement for a better IoT centric protocol: CoAP 2.0},

author = {Marco Lobe Kome and Frederic Cuppens and Nora Cuppens-Boulahia and Vincent Frey},

doi = {10.1109/IoTSMS.2018.8554494},

isbn = {9781538695852},

year  = {2018},

date = {2018-01-01},

journal = {2018 5th International Conference on Internet of Things: Systems, Management and Security, IoTSMS 2018},

pages = {139--146},

publisher = {IEEE},

abstract = {The need to connect things is skyrocketing and the Internet of Things is drawing a clear pattern of the need for smarter things. We are proposing an upgrade of Constrained Application Protocol (CoAP) built upon the 3 main networking needs of a connecting thing: The discovery, the synchronous and asynchronous communications and the publish/subscribe. CoAP 2.0 as we call it, will allow building smart things independently of the use-case, with a single protocol, fewer lines of codes and with less impact on the memory.},

keywords = {CoAP, Discovery, IoT, Publish/Subscribe, Security},

pubstate = {published},

tppubtype = {article}

}

@article{Rooney2018b,

title = {What You Can Change and What You Can't: Human Experience in Computer Network Defenses},

author = {Vivien M Rooney and Simon N Foley},

doi = {10.1007/978-3-030-03638-6_14},

issn = {16113349},

year  = {2018},

date = {2018-01-01},

journal = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)},

volume = {11252 LNCS},

pages = {219--235},

abstract = {The work of Computer Network Defense conducted, for instance, in Security Operations Centers and by Computer Security Incident Teams, is dependent not alone on technology, but also on people. Understanding how people experience these environments is an essential component toward achieving optimal functioning. This paper describes a qualitative research study on the human experience of working in these environments. Using Grounded Theory, a psychological understanding of the experience is developed. Results suggest that positive and negative aspects of the work are either amenable or not amenable to change. Areas of tension are identified, and posited as the focus for improving experience. For this purpose, psychological theories of Social Identity Theory, Relational Dialectics, and Cognitive Dissonance, provide a way of understanding and interpreting these components of Computer Network Defence work, and can be used to assess the experience of staff.},

keywords = {CSIRT Human experience, psychology, Security, SOC},

pubstate = {published},

tppubtype = {article}

}

@article{Pahl2018c,

title = {Securing IoT microservices with certificates},

author = {Marc Oliver Pahl and Lorenzo Donini},

doi = {10.1109/NOMS.2018.8406189},

isbn = {9781538634165},

year  = {2018},

date = {2018-01-01},

journal = {IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018},

pages = {1--5},

abstract = {The Internet of Things (IoT) consists of distributed computing nodes. With increasing processor power such nodes can be used as hosts for microservices. IoT services routinely processes security critical data that affects the privacy, safety, and security of users. However, suitable security mechanisms remain missing. Fundamental open challenges are the authentication of services, securing the metadata of services, and validating the correct functioning of security mechanisms on distributed entities under different authorities. In this paper we present a certificate- based methodology for authenticating services, securely adding information to their executables, and validating the correct functioning of distributed entities of our design. We add X.509 certificates with extended attributes to the service executables. By introducing different trust anchors, services and their metadata are protected through their entire life cycle from developers to the computing nodes running them. Our solution enables distributed nodes to verify the security properties locally. It enables reliably changing certificate properties across the distributed IoT nodes. It features autonomous certificate management. We evaluate the traffic caused by our autonomous certificate management process quantitatively. The presented solution is churn tolerant and applicable to diverse distributed systems.},

keywords = {Autonomous certificate management, Certificates, IoT, Microservices, Security, Unattended nodes, X.509},

pubstate = {published},

tppubtype = {article}

}

@article{Pahl2018b,

title = {Graph-based IoT microservice security},

author = {Marc Oliver Pahl and Fran\c{c}ois Xavier Aubet and Stefan Liebald},

doi = {10.1109/NOMS.2018.8406118},

isbn = {9781538634165},

year  = {2018},

date = {2018-01-01},

journal = {IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018},

pages = {1--3},

abstract = {The Internet of Things (IoT) can be considered as Service Oriented Architecture (SOA) of Microservices ($mu$S). The $mu$Ss inherently process data that affects the privacy, safety, and security of its users. IoT service security is a key challenge. Most state of the art providing IoT system security is policy based. We showcase a graph-based access control that runs as module on IoT nodes, or in the network. Our solution intercepts and firewalls inter-service communication. It automatically creates a model of legitimate communication relationships. The model is interactively updated via a simple-to-understand interface. Our solution adds inevitable IoT security to existing IoT systems .},

keywords = {Autonomous service management, firewall, IoT, Mi-croservices, Passive monitoring, Security, Unattended nodes},

pubstate = {published},

tppubtype = {article}

}

@article{Foley2017,

title = {Getting security objectives wrong: A cautionary tale of an industrial control system},

author = {Simon N Foley},

doi = {10.1007/978-3-319-71075-4_3},

issn = {16113349},

year  = {2017},

date = {2017-01-01},

journal = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)},

volume = {10476 LNCS},

pages = {18--29},

abstract = {We relate a story about an Industrial Control System in order to illustrate that simple security objectives can be deceptive: there are many things that can and do go wrong when deploying the system. Rather than trying to define security explicitly, this paper takes the position that one should consider the security of a system by comparing it against others whose security we consider to be acceptable: Alice is satisfied if her system is no less secure than Bob's system.},

keywords = {cyber physical system, firewall, ind, SCADA, Security},

pubstate = {published},

tppubtype = {article}

}

@article{Foley2017a,

title = {Getting security objectives wrong: A cautionary tale of an industrial control system},

author = {Simon N Foley},

doi = {10.1007/978-3-319-71075-4_3},

issn = {16113349},

year  = {2017},

date = {2017-01-01},

journal = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)},

volume = {10476 LNCS},

pages = {18--29},

abstract = {We relate a story about an Industrial Control System in order to illustrate that simple security objectives can be deceptive: there are many things that can and do go wrong when deploying the system. Rather than trying to define security explicitly, this paper takes the position that one should consider the security of a system by comparing it against others whose security we consider to be acceptable: Alice is satisfied if her system is no less secure than Bob's system.},

keywords = {cyber physical system, firewall, ind, SCADA, Security},

pubstate = {published},

tppubtype = {article}

}

@article{Kome2017,

title = {DIscovery and registration protocol: For device and person identity management in IoT},

author = {Marco Lobe Kome and Mariem Graa and Nora Cuppens-Boulahia and Fr\'{e}d\'{e}ric Cuppens and Vincent Frey},

doi = {10.1007/978-3-319-72598-7_15},

issn = {16113349},

year  = {2017},

date = {2017-01-01},

journal = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)},

volume = {10717 LNCS},

pages = {243--262},

abstract = {With connected things, one service can be used with more than one device, all sharing the same user identity. In this context, the need to figure out whether the service is being used through a desktop computer, a smartphone, or a more constrained device is essential in order to better manage user identity. Given that constrained devices are less tamper resistant, they are more vulnerable to attacks than other appliances. We identified two challenges which make it difficult to apply robusts security mechanisms: the limited resources available on devices and the sharing of a user's identity with the device. To address these challenges, we propose, a DIscovery and REgistration (DIRE) protocol that ensures secure device and person identities management. Our protocol has been formally proven and implemented. The runtime of the whole protocol is short and the code the device must embed is lightweight. As a result of our experiment, we produced a command line client for a user, a device firmware and a server handling the filiation of a user and its devices.},

keywords = {Identity management, IoT, MQTT, OAuth, Security},

pubstate = {published},

tppubtype = {article}

}