Hunting Network Anomalies in a Railway Axle Counter System.

This paper presents a comprehensive investigation of machine learning-based intrusion detection methods to reveal cyber attacks in railway axle counting networks. In contrast to the state-of-the-art works, our experimental results are validated with testbed-based real-world axle counting components. Furthermore, we aimed to detect targeted attacks on axle counting systems, which have higher impacts than conventional network attacks. We present a comprehensive investigation of machine learning-based intrusion detection methods to reveal cyber attacks in railway axle counting networks. According to our findings, the proposed machine learning-based models were able to categorize six different network states (normal and under attack). The overall accuracy of the initial models was ca. 70-100% for the test data set in laboratory conditions. In operational conditions, the accuracy decreased to under 50%. To increase the accuracy, we introduce a novel input data-preprocessing method with the denoted gamma parameter. This increased the accuracy of the deep neural network model to 69.52% for six labels, 85.11% for five labels, and 92.02% for two labels. The gamma parameter also removed the dependence on the time series, enabled relevant classification of data in the real network, and increased the accuracy of the model in real operations. This parameter is influenced by simulated attacks and, thus, allows the classification of traffic into specified classes.

Protection Schemes in HPON Networks Based on the PWFBA Algorithm.

In this paper, possibilities for network traffic protection in future hybrid passive optical networks are presented, and reasons for realizing and utilizing advanced network traffic protection schemes for various network traffic classes in these networks are analyzed. Next, principles of the Prediction-based Fair Wavelength and Bandwidth Allocation (PFWBA) algorithm are introduced in detail, focusing on the Prediction-based Fair Excessive Bandwidth Reallocation (PFEBR) algorithm with the Early Dynamic Bandwidth Allocation (E-DBA) mechanism and subsequent Dynamic Wavelength Allocation (DWA) scheme. For analyzing various wavelength allocation possibilities in Hybrid Passive Optical Networks (HPON) networks, a simulation program with the enhancement of the PFWBA algorithm is realized. Finally, a comparison of different methods of the wavelength allocation in conjunction with specific network traffic classes is executed for future HPON networks with considered protection schemes. Subsequently, three methods are presented from the viewpoint of HPON network traffic protection possibilities, including a new approach for the wavelength allocation based on network traffic protection assumptions.

LoRaWAN Physical Layer-Based Attacks and Countermeasures, A Review.

As LoRaWAN is one of the most popular long-range wireless protocols among low-power IoT applications, more and more focus is shifting towards security. In particular, physical layer topics become relevant to improve the security of LoRaWAN nodes, which are often limited in terms of computational power and communication resources. To this end, e.g., detection methods for wireless attacks improve the integrity and robustness of LoRaWAN access. Further, wireless physical layer techniques have potential to enhance key refreshment and device authentication. In this work, we aim to provide a comprehensive review of various vulnerabilities, countermeasures and security enhancing features concerning the LoRaWAN physical layer. Afterwards, we discuss the impact of the reviewed topics on LoRaWAN security and, subsequently, we identify research gaps as well as promising future research directions.

Insights into the Issue of Deploying a Private LoRaWAN.

The last decade has transformed wireless access technologies and crystallized a new direction for the internet of things (IoT). The modern low-power wide-area network (LPWAN) technologies have been introduced to deliver connectivity for billions of devices while keeping the costs and consumption low, and the range of communication high. While the 5G (fifth generation mobile network) LPWAN-like radio technologies, namely NB-IoT (narrowband internet of things) and LTE-M (long-term evolution machine type communication) are emerging, the long-range wide-area network (LoRaWAN) remains extremely popular. One unique feature of this technology, which distinguishes it from the competitors, is the possibility of supporting both public and private network deployments. In this paper we focus on this aspect and deliver original results comparing the performance of the private and public LoRAWAN deployment options; these results should help understand the LoRaWAN technology and give a clear overview of the advantages and disadvantages of the private versus public approaches. Notably, we carry the comparison along the three dimensions: the communication performance, the security, and the cost analysis. The presented results illustratively demonstrate the differences of the two deployment approaches, and thus can support selection of the most efficient deployment option for a target application.

Application Perspective on Cybersecurity Testbed for Industrial Control Systems.

In recent years, the Industry 4.0 paradigm has accelerated the digitalization process of the industry, and it slowly diminishes the line between information technologies (IT) and operational technologies (OT). Among the advantages, this brings up the convergence issue between IT and OT, especially in the cybersecurity-related topics, including new attack vectors, threats, security imperfections, and much more. This cause raised new topics for methods focused on protecting the industrial infrastructure, including monitoring and detection systems, which should help overcome these new challenges. However, those methods require high quality and a large number of datasets with different conditions to adapt to the specific systems effectively. Unfortunately, revealing field factory setups and infrastructure would be costly and challenging due to the privacy and sensitivity causes. From the lack of data emerges the new topic of industrial testbeds, including sub-real physical laboratory environments, virtual factories, honeynets, honeypots, and other areas, which helps to deliver sufficient datasets for mentioned research and development. This paper summarizes related works in the area of industrial testbeds. Moreover, it describes best practices and lessons learned for assembling physical, simulated, virtual, and hybrid testbeds. Additionally, a comparison of the essential parameters of those testbeds is presented. Finally, the findings and provided information reveal research and development challenges, which must be surpassed.

Generator of Slow Denial-of-Service Cyber Attacks.

In today's world, the volume of cyber attacks grows every year. These attacks can cause many people or companies high financial losses or loss of private data. One of the most common types of attack on the Internet is a DoS (denial-of-service) attack, which, despite its simplicity, can cause catastrophic consequences. A slow DoS attack attempts to make the Internet service unavailable to users. Due to the small data flows, these attacks are very similar to legitimate users with a slow Internet connection. Accurate detection of these attacks is one of the biggest challenges in cybersecurity. In this paper, we implemented our proposal of eleven major and most dangerous slow DoS attacks and introduced an advanced attack generator for testing vulnerabilities of protocols, servers, and services. The main motivation for this research was the absence of a similarly comprehensive generator for testing slow DoS vulnerabilities in network systems. We built an experimental environment for testing our generator, and then we performed a security analysis of the five most used web servers. Based on the discovered vulnerabilities, we also discuss preventive and detection techniques to mitigate the attacks. In future research, our generator can be used for testing slow DoS security vulnerabilities and increasing the level of cyber security of various network systems.

Investigation of the Performance of TDoA-Based Localization Over LoRaWAN in Theory and Practice.

The paper deals with the localization in a low-power wide-area-network (LPWAN) operating long-range wide-area-network (LoRaWAN) technology. The LoRaWAN is, today, one of the most widely used connectivity-enabling technologies for the battery-powered smart devices employed in a broad range of applications. Many of these applications either require or can benefit from the availability of geolocation information. The use of global positioning system (GPS) technology is restrained by the bad propagation of the signal when the device is hidden indoors, and by energy consumption such a receiver would require. Therefore, this paper focuses on an alternative solution implying the use of the information readily available in the LoRaWAN network and application of the time difference of arrival (TDoA) method for the passive geolocation of end-devices in the network. First, the limits of geolocation services in networks that use narrow-band communication channels are discussed, as well as the relevant challenges faced by the TDoA approach. Then, we select five classic TDoA algorithms and evaluate their performance using simulation. Based on these results, we select the two providing the best accuracy (i.e., Chan's and Foy's). These algorithms were tested by the field measurements, using the specially designed low-cost gateways and test devices to estimate their real-life performance.

A Harmonized Perspective on Transportation Management in Smart Cities: The Novel IoT-Driven Environment for Road Traffic Modeling.

The unprecedented growth of today's cities together with increased population mobility are fueling the avalanche in the numbers of vehicles on the roads. This development led to the new challenges for the traffic management, including the mitigation of road congestion, accidents, and air pollution. Over the last decade, researchers have been focusing their efforts on leveraging the recent advances in sensing, communications, and dynamic adaptive technologies to prepare the deployed road traffic management systems (TMS) for resolving these important challenges in future smart cities. However, the existing solutions may still be insufficient to construct a reliable and secure TMS that is capable of handling the anticipated influx of the population and vehicles in urban areas. Along these lines, this work systematically outlines a perspective on a novel modular environment for traffic modeling, which allows to recreate the examined road networks in their full resemblance. Our developed solution is targeted to incorporate the progress in the Internet of Things (IoT) technologies, where low-power, embedded devices integrate as part of a next-generation TMS. To mimic the real traffic conditions, we recreated and evaluated a practical traffic scenario built after a complex road intersection within a large European city.