Skip to main content
SpringerLink
Log in

Who’s There? Evaluating Data Source Integrity and Veracity in IIoT Using Multivariate Statistical Process Control

  • Chapter
  • First Online:
Security and Privacy Trends in the Industrial Internet of Things

  • 1750 Accesses

Abstract

The security landscape in Industrial settings has completely changed in the last decades. From the initial primitive setups, industrial networks have evolved into massively interconnected environments, thus developing the Industrial Internet of Things (IIoT) paradigm. In IIoT, multiple, heterogeneous devices collaborate by collecting, sending and processing data. These data-driven environments have made possible to develop added-value services based on data that improve industrial process operation. However, it is necessary to audit incoming data to determine that the decisions are made based on correct data. In this chapter, we present an IIoT Anomaly Detection System (ADS), that audits the integrity and veracity of the data received from incoming connections. For this end, the ADS includes field data (physical qualities based on data) and connection metadata (interval between incoming connections and packet size) in the same anomaly detection model. The approach is based on multivariate statistical process Control and has been validated using data from a real water distribution plant.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 159.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Normalized to zero mean and unit variance.

  2. 2.

    https://bitbucket.org/danzsecurity/dataforwarder

  3. 3.

    https://bitbucket.org/danzsecurity/modifiedkafkarest

References

  1. Falliere N, Murchu LO, Chien E (2011) W32.Stuxnet dossier. White paper, Symantec Corporation, Security Response

    Google Scholar 

  2. Homan J, McBride S, Caldwell R (2016) Irongate ICS Malware: nothing to see here… masking malicious activity on SCADA systems [Online]. Available: https://www.fireeye.com/blog/threat-research/2016/06/irongate_ics_malware.html (Retrieved: 2018-07-13)

  3. Cheminod M, Durante L, Valenzano A (2013) Review of security issues in industrial networks. IEEE Trans Ind Inf 9(1):277–293

    Article  Google Scholar 

  4. Ding D, Han QL, Xiang Y, Ge X, Zhang XM (2018) A survey on security control and attack detection for industrial cyber-physical systems. Neurocomputing 275:1674–1683

    Article  Google Scholar 

  5. Urbina DI, Giraldo J, Cardenas AA, Valente J, Faisal M, Tippenhauer NO, Ruths J, Candell R, Sandberg H (2016) Survey and new directions for physics-based attack detection in control systems. NIST GCR 16–010. Technical report, National Institute of Standards and Technology

    Google Scholar 

  6. Sadeghi AR, Wachsmann C, Waidner M (2015) Security and privacy challenges in industrial internet of things. In: 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC), pp 1–6

    Google Scholar 

  7. Sajid A, Abbas H, Saleem K (2016) Cloud-assisted IoT-based SCADA systems security: a review of the state of the art and future challenges. IEEE Access 4:1375–1384

    Article  Google Scholar 

  8. Rajasegarar S, Leckie C, Palaniswami M (2014) Hyperspherical cluster based distributed anomaly detection in wireless sensor networks. J Parall Distrib Comput 74(1):1833–1847

    Article  Google Scholar 

  9. Thanigaivelan NK, Nigussie E, Kanth RK, Virtanen S, Isoaho J (2016) Distributed internal anomaly detection system for internet-of-things. In: 2016 13th IEEE annual consumer communications networking conference (CCNC), pp 319–320

    Google Scholar 

  10. Summerville DH, Zach KM, Chen Y (2015) Ultra-lightweight deep packet anomaly detection for internet of things devices. In: 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC), pp 1–8

    Google Scholar 

  11. Stiawan D, Idris MY, Malik RF, Nurmaini S, Budiarto R (2016) Anomaly detection and monitoring in internet of things communication. In: 2016 8th International Conference on Information Technology and Electrical Engineering (ICITEE), pp 1–4

    Google Scholar 

  12. Sicari S, Rizzardi A, Grieco L, Coen-Porisini A (2015) Security, privacy and trust in internet of things: the road ahead. Comput Netw 76:146–164

    Article  Google Scholar 

  13. Bao F, Chen IR (2012) Dynamic trust management for internet of things applications. In: Proceedings of the 2012 International Workshop on Self-Aware Internet of Things. Self-IoT’12, New York. ACM, pp 1–6

    Google Scholar 

  14. Mahalle PN, Thakre PA, Prasad NR, Prasad R (2013) A fuzzy approach to trust based access control in internet of things. In: Wireless VITAE 2013, pp 1–5

    Google Scholar 

  15. Wang JP, Bin S, Yu Y, Niu XX (2013) Distributed trust management mechanism for the internet of things. Appl Mech Mater 347:2463–2467

    Google Scholar 

  16. Liu Y, Chen Z, Xia F, Lv X, Bu F (2012) An integrated scheme based on service classification in pervasive mobile services. Int J Commun Syst 25(9):1178–1188

    Article  Google Scholar 

  17. Liu WM, Yin LH, Fang B, Zhang HL (2012) A hierarchical trust model for the internet of things. Chin J Comput Phys 35(5):846–855

    Article  Google Scholar 

  18. Saied YB, Olivereau A, Zeghlache D, Laurent M (2013) Trust management system design for the internet of things: a context-aware and multi-service approach. Comput Secur 39:351–365

    Article  Google Scholar 

  19. Liu Y, Gong X, Feng Y (2014) Trust system based on node behavior detection in internet of things. J Commun 35:8–15

    Google Scholar 

  20. Tormo GD, Mármol FG, Pérez GM (2015) Dynamic and flexible selection of a reputation mechanism for heterogeneous environments. Futur Gener Comput Syst 49:113–124

    Article  Google Scholar 

  21. MacGregor JF, Kourti T (1995) Statistical process control of multivariate processes. Control Eng Pract 3(3):403–414

    Article  Google Scholar 

  22. Camacho J, Pérez Villegas A, García Teodoro P, Maciá Fernández G (2016) PCA-based multivariate statistical network monitoring for anomaly detection. Comput Secur 59:118–137

    Article  Google Scholar 

  23. Iturbe M, Camacho J, Garitano I, Zurutuza U, Uribeetxeberria R (2016) On the feasibility of distinguishing between process disturbances and intrusions in process control systems using multivariate statistical process control. In: 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop (DSN-W), Toulouse, pp 155–160

    Google Scholar 

  24. Stoumbos ZG, Reynolds MR Jr, Ryan TP, Woodall WH (2000) The state of statistical process control as we proceed into the twenty-first century. J Am Stat Assoc 95(451):992–998

    Article  Google Scholar 

  25. Kourti T (2002) Process analysis and abnormal situation detection: from theory to practice. Control Syst IEEE 22(5):10–25

    Article  Google Scholar 

  26. Camacho J, Pérez Villegas A, Rodríguez Gómez RA, Jiménez Mañas E (2015) Multivariate exploratory data analysis (MEDA) toolbox for matlab. Chemometrics Intell Lab Syst 143:49–57

    Article  Google Scholar 

  27. Hotelling H (1947) Multivariate quality control. In: Eisenhart C, Hastay MW, Wallis WA (eds) Techniques of statistical analysis. McGraw-Hill, New York

    Google Scholar 

  28. Jackson JE, Mudholkar GS (1979) Control procedures for residuals associated with principal component analysis. Technometrics 21(3):341–349

    Article  Google Scholar 

  29. Ramaker HJ, Van Sprang EN, Westerhuis JA, Gurden SP, Smilde AK, Van Der Meulen FH (2006) Performance assessment and improvement of control charts for statistical batch process monitoring. Statistica Neerlandica 60(3):339–360

    Article  MathSciNet  Google Scholar 

  30. Alcala CF, Qin SJ (2011) Analysis and generalization of fault diagnosis methods for process monitoring. J Process Control 21(3):322–330

    Article  Google Scholar 

  31. Camacho J (2011) Observation-based missing data methods for exploratory data analysis to unveil the connection between observations and variables in latent subspace models. J Chemometrics 25(11):592–600

    Article  Google Scholar 

  32. Zaharia M, Xin RS, Wendell P, Das T, Armbrust M, Dave A, Meng X, Rosen J, Venkataraman S, Franklin MJ et al (2016) Apache spark: a unified engine for big data processing. Commun ACM 59(11):56–65

    Article  Google Scholar 

  33. The Linux Foundation: Iproute2. https://wiki.linuxfoundation.org/networking/iproute2. Accessed 18 Aug 2018

  34. Confluent: Confluent rest proxy. https://docs.confluent.io/current/kafka-rest/docs. Accessed 18 Aug 2018

Download references

Acknowledgements

This work has been developed by the intelligent systems for industrial systems group supported by the Department of Education, Language policy and Culture of the Basque Government. This work has been partially funded by the European Unions Horizon 2020 research and innovation programme project PROPHESY, under Grant Agreement no. 766994, and the Basque Government’s Economic Development and Infrastructure departments Elkartek program project Cyberprest under agreement KK-2018/00076. Author Iñaki Garitano is partially supported by the INCIBE grant “INCIBEC-2015-02495” corresponding to the “Ayudas para la Excelencia de los Equipos de Investigación avanzada en ciberseguridad”.

Author information

Authors and Affiliations

  1. Mondragon Unibertsitatea, Mondragón, Gipuzkoa, Spain

    Iñaki Garitano, Mikel Iturbe, Enaitz Ezpeleta & Urko Zurutuza

Authors
  1. Iñaki Garitano
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mikel Iturbe
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Enaitz Ezpeleta
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Urko Zurutuza
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Iñaki Garitano .

Editor information

Editors and Affiliations

  1. Computer Science Department, University of Malaga, Malaga, Spain

    Cristina Alcaraz

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Garitano, I., Iturbe, M., Ezpeleta, E., Zurutuza, U. (2019). Who’s There? Evaluating Data Source Integrity and Veracity in IIoT Using Multivariate Statistical Process Control. In: Alcaraz, C. (eds) Security and Privacy Trends in the Industrial Internet of Things. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-12330-7_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-12330-7_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-12329-1

  • Online ISBN: 978-3-030-12330-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation