Splunk-Based Threat Intelligence of Cyber-Physical System: A Case Study with Smart Healthcare

Kundankumar Rameshwar  Saraf; P.  Malathi

Authors

Kundankumar Rameshwar Saraf Department of Electronics and Telecommunication Engineering, D. Y. Patil College of Engineering, Pune, Maharashtra, India https://orcid.org/0000-0002-9085-0660
P. Malathi Department of Electronics and Telecommunication Engineering, D. Y. Patil College of Engineering, Pune, Maharashtra, India https://orcid.org/0000-0003-3345-540X

Keywords:

Cyber-attack, Cyber-Physical System (CPS), Cyber Security, Denial-of-Service attacks, Eavesdropping attacks, Replay attacks, smart healthcare CPS, Zero-day attack

Abstract

Cyber-Physical Systems (CPS) have been proven for many industrial applications like health monitoring, driverless cars, etc. CPS uses computer-based algorithms to monitor and control the IT infrastructure. CPS establishes a cyber-world connection with the physical world. This connection increases the risk of cyber-attacks. Risk assessment methods of traditional IT systems are not enough to assess the risk of CPS. Proper risk assessment and cyber Security of CPS are essential to overcome cyber threats at the very primary stage of their occurrence. This study has taken an effort to synthesize a secure and smart healthcare CPS system using Distributed Parallel Processing of Map Reduce (DPPMR) algorithm. This system monitors the health of remotely located patients as well as detects cyber-attacks on CPS in a short time to safeguard the sensor-based autonomous health monitoring system. This system sends cyber-attack notifications to CPS admin and emergency health condition notifications to the physician through a phone call, message, and email. This system has tested against specified cyber-attacks and monitors the health of 700+ patients for 50 days. This study has concluded that the detection time for cyber-attack and emergency health conditions is 60 seconds and the notification time is less than 90 seconds. Major cyber-attacks such as Zero-Day attack, Eavesdropping attack, Denial-of-Service attack, Brute Force attack, and Replay attack are considered in this study. Finally, a comparative analysis of developed security system with existing systems proved that security measures used by the developed system are more specific, accurate, and concentrated for CPS protection.

Downloads

Download data is not yet available.

References

Abioye, Temitope Elizabeth, Oluwasefunmi Tale Arogundade, Sanjay Misra, Kayode Adesemowo, and Robertas Damaševičius (2021) ‘Cloud-Based Business Process Security Risk Management: A Systematic Review, Taxonomy, and Future Directions, Computers 10, no. 12:160.

Kozák, S., Ruzicky` , E., Kozáková, A., Stefano vic, J., Kozák, V. (2019) ‘ICT for Advaned Manufacturing’, In Proceedings of the 21st International Conference on Enterprise Information Systems (ICEIS 2019), pages 682-688 ISBN: 978-989-758-372-8.

Griffor, Edward R., Christopher Greer, David A. Wollman, and Martin J. Burns (2017) ‘Framework for cyber-physical systems: Volume 1, overview’, NIST Special Publication 1500-201.

Haque, Shah Ahsanul, Syed Mahfuzul Aziz, and Mustafizur Rahman (2014) ‘Review of cyber-physical system in healthcare’, International Journal of Distributed Sensor Networks 10, no. 4 (2014): 217415.

Gelenbe, Erol, Gokce Gorbil, and Fang-Jing Wu (2012) ‘Emergency cyber-physical-human systems’, In 2012 21st International Conference on Computer Communications and Networks (ICCCN), pp. 1-7. IEEE.

Xiong, Gang, Fenghua Zhu, Xiwei Liu, Xisong Dong, Wuling Huang, Songhang Chen, and Kai Zhao (2015) ‘Cyber-physical-social system in intelligent transportation’, IEEE/CAA Journal of Automatica Sinica 2, no. 3: 320-333.

Lee, Jay, Behrad Bagheri, and Hung-An Kao (2015) ‘A cyber-physical systems architecture for industry 4.0-based manufacturing systems’, Manufacturing letters 3: 18-23.

Khalid, Azfar, Pierre Kirisci, Zeashan Hameed Khan, Zied Ghrairi, Klaus-Dieter Thoben, and Jürgen Pannek (2018) ‘Security framework for industrial collaborative robotic cyber-physical systems’, Computers in Industry 97: 132-145.

Clark, Robert M., and Simon Hakim (2017) ‘Protecting critical infrastructure at the state, provincial, and local level: issues in cyber-physical security’, In Cyber-Physical Security, pp. 1-17. Springer, Cham.

Kumar, Rajesh, Bhavesh Narra, Rohan Kela, and Siddhant Singh (2022) ‘AFMT: Maintaining the safety-security of industrial control systems’ Computers in Industry 136: 103584.

Ying, Zijian, Qianmu Li, Shunmei Meng, Zhen Ni, and Zhe Sun (2019) ‘A Survey of Information Intelligent System Security Risk Assessment Models, Standards and Methods’, In Cloud Computing, Smart Grid and Innovative Frontiers in Telecommunications, pp. 603-611. Springer, Cham.

Goyal, Manish (2022) ‘Behavioral validation in Cyber-physical systems: Safety violations and beyond’, A dissertation submitted to the faculty of the University of North Carolina at Chapel Hill in partial fulfillment of Doctor of Philosophy in the Department of Computer Science.

Ananda, Tulasi K., T. Sukumara, D. Sasikala, and Ramakanth Kumar (2019) ‘Robustness Evaluation of Cyber-Physical Systems through Network Protocol Fuzzing’ In 2019 International Conference on Advances in Computing and Communication Engineering (ICACCE), pp. 1-6. IEEE.

Lezzi, Marianna, Mariangela Lazoi, and Angelo Corallo (2018) ‘Cybersecurity for Industry 4.0 in the current literature: A reference framework’ Computers in Industry 103: 97-110.

Brewer, Tanya L. (2012) ‘Proceedings of the Cybersecurity in Cyber-Physical Workshop, April 23–24, 2012.

Mahoney, Thomas C., and Jim Davis (2017) ‘Cybersecurity for Manufacturers: Securing the Digitized and Connected Factory’, CYBERSECURITY FOR MANUFACTURERS.

Lu, Yang, and Li Da Xu (2018) ‘Internet of Things (IoT) cybersecurity research: A review of current research topics’, IEEE Internet of Things Journal 6, no. 2: 2103-2115.

Lezzi, Marianna, Mariangela Lazoi, and Angelo Corallo (2018) ‘Cybersecurity for Industry 4.0 in the current literature: A reference framework’ Computers in Industry 103: 97-110.

Horowitz, B.M. and Pierce, K. (2012) ‘System Aware Cyber Security Application of Dynamic System Models and State Estimation Technology to the Cyber Security of Physical Systems’, Objectives for System Aware Cyber Security Research. In NIST (Ed.).Cybersecurity in Cyber-Physical Systems Workshop (96–97). NISTIR 7916. 10.6028/NIST .IR.79 16.

Wenbo Wu, Rui Kang, Zi Li (2015) ‘Risk Assessment Method for Cyber Security of Cyber Physical Systems’, The First International Conference on Reliability Systems Engineering, 978-1-4673-8557-2/15/$31.00, IEEE.

Ananthapadmanabhan, A., and Krishnashree Achuthan (2022) ‘Threat Modeling and Threat Intelligence System for Cloud using Splunk’, In 2022 10th International Symposium on Digital Forensics and Security (ISDFS), pp. 1-6. IEEE.

Cersosimo, Michelle, and Adrian Lara (2022) ‘Detecting Malicious Domains using the Splunk Machine Learning Toolkit’, In NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, pp. 1-6. IEEE.

Zhao, Liguo, Derong Zhu, Wasswa Shafik, S. Mojtaba Matinkhah, Zubair Ahmad, Lule Sharif, and Alisa Craig (2022) ‘Artificial intelligence analysis in cyber domain: A review’, International Journal of Distributed Sensor Networks 18, no. 4: 15501329221084882.

Prakash, G., M. Ganeshan, A. Shenbagavalli, M. Satheesh Kumar, K. Srujan Raju, and K. Suthendran (2022) ‘A Proactive Threat Hunting Model to Detect Concealed Anomaly in the Network’ In Smart Intelligent Computing and Applications, Volume 2, pp. 553-565. Springer, Singapore.

Saraf, K.R. and Malathi, P. (2020) ‘Cyber Physical System Security by Splunk’ i-Manager's Journal on Communication Engineering and Systems, 9(2), p.41.

Saraf, Kundankumar Rameshwar, and P. Malathi. (2022) ‘Intelligent Learning Analytics in the Healthcare Sector Using Machine Learning and IoT’, In Machine Learning, Deep Learning, Big Data, and Internet of Things for Healthcare, pp. 37-53. Chapman and Hall/CRC.

Saraf, Kundan Kumar Rameshwar, P. Malathi, and Kailash Shaw (2021) ‘Security Enhancement of Contactless Tachometer-Based Cyber-Physical System’, In Machine Learning Approaches for Urban Computing, pp. 165-187. Springer, Singapore.

Guo, Yang (2022) ‘A review of machine learning-based zero-day attack detection: Challenges and future directions’, Computer Communications.

Xu, Xiaoyu, Hao Hu, Yuling Liu, Jinglei Tan, Hongqi Zhang, and Haotian Song (2022) ‘Moving target defense of routing randomization with deep reinforcement learning against eavesdropping attack’ Digital Communications and Networks.

Splunk documentation 9.0.2 (2022), https://docs.splunk.com/Documentation/Splunk/9.0.2/Security/ConfigureS2Sonnewcipher

Splunk documentation 9.0.2 (2022), https://docs.splunk.com/Documentation/Splunk/9.0.2/Security/Updates

Chen, Xia, Jianyu Zhou, Mengxuan Shi, Yin Chen, and Jinyu Wen (2022) ‘Distributed resilient control against denial of service attacks in DC microgrids with constant power load’, Renewable and Sustainable Energy Reviews 153: 111792.

Naha, Arunava, Andre MH Teixeira, Anders Ahlen, and Subhrakanti Dey (2022) ‘Sequential detection of replay attacks’, IEEE Transactions on Automatic Control.

India, Oxfam (2021) ‘Inequality Report 2021: India’s Unequal Healthcare Story” Available at: https://www.oxfamindia.org/knowledgehub/workingpaper/inequality-report-2021-indias-unequal-healthcare-story

(2021) ‘Govt aims to achieve WHO doctor-patient ratio of 1:1000 by 2024’ https://www.livemint.com/news/india/govt-aims-to-achieve-who-doctor-patient-ratio-of-1-1000-by-2024-11635432454203.html

Tyagi, Amit Kumar, and N. Sreenath (2021) ‘Cyber-Physical Systems: Analyses, challenges, and possible solutions’ Internet of Things and Cyber-Physical Systems: 22-33.

Haleem, Abid, Mohd Javaid, Ravi Pratap Singh, and Rajiv Suman (2022) ‘Medical 4.0 technologies for healthcare: Features, capabilities, and applications’ Internet of Things and Cyber-Physical Systems.

Chen, Fulong, Yuqing Tang, Canlin Wang, Jing Huang, Cheng Huang, Dong Xie, Taochun Wang, and Chuanxin Zhao (2021) ‘Medical cyber-physical systems: A solution to smart health and the state of the art’, IEEE Transactions on Computational Social Systems.

Dash, Sabyasachi, Sushil Kumar Shakyawar, Mohit Sharma, and Sandeep Kaushik (2019) ‘Big data in healthcare: management, analysis, and future prospects’ Journal of Big Data 6, no. 1: 1-25.

Shah, Tejal, Ali Yavari, Karan Mitra, Saguna Saguna, Prem Prakash Jayaraman, Fethi Rabhi, and Rajiv Ranjan (2016) ‘Remote health care cyber‐physical system: quality of service (QoS) challenges and opportunities’, IET Cyber‐Physical Systems: Theory & Applications 1, no. 1: 40-48.

Verma, Rupali. (2022) ‘Smart city healthcare cyber-physical system: characteristics, technologies, and challenges." Wireless personal communications 122, no. 2 (2022): 1413-1433.

Caesar, Birte, Florian Grigoleit, and Stephan Unverdorben (2019) ‘(Self-) adaptiveness for manufacturing systems: challenges and approaches’, SICS Software-Intensive Cyber-Physical Systems 34, no. 4: 191-200.

Leung, Carson K., Daryl LX Fung, Saad B. Mushtaq, Owen T. Leduchowski, Robert Luc Bouchard, Hui Jin, Alfredo Cuzzocrea, and Christine Y. Zhang (2020) ‘Data science for healthcare predictive analytics’, In Proceedings of the 24th Symposium on International Database Engineering & Applications, pp. 1-10.

Christoforou, Eftychios G., Sotiris Avgousti, Nacim Ramdani, Cyril Novales, and Andreas S. Panayides (2020) ‘The upcoming role for nursing and assistive robotics: Opportunities and challenges ahead’, Frontiers in Digital Health 2: 585656.

Galetsi, Panagiota, Korina Katsaliaki, and Sameer Kumar (2020) ‘Big data analytics in health sector: Theoretical framework, techniques and prospects’, International Journal of Information Management 50: 206-216.

Fang, Ruogu, Samira Pouyanfar, Yimin Yang, Shu-Ching Chen, and S. S. Iyengar (2016) ‘Computational health informatics in the big data age: a survey’, ACM Computing Surveys (CSUR) 49, no. 1: 1-36.

Padhy, Rabi Prasad (2013) ‘Big data processing with Hadoop-MapReduce in cloud systems’, International Journal of Cloud Computing and Services Science 2, no. 1: 16.

Sahoo, Prasan Kumar, Suvendu Kumar Mohapatra, and Shih-Lin Wu (2016) ‘Analyzing healthcare big data with prediction for future health condition’ IEEE Access 4: 9786-9799.

Kuo, Alex, Dillon Chrimes, Pinle Qin, and Hamid Zamani (2019) ‘A Hadoop/MapReduce Based Platform for Supporting Health Big Data Analytics’, In ITCH, pp. 229-235.

Xian, Lam Ying, and Muhammad Ehsan Rana (2021) ‘Application of Cloud Computing for the Development of Big Data’ In 2021 International Conference on Data Analytics for Business and Industry (ICDABI), pp. 70-75. IEEE.

Tutorial -https://hadoop.apache.org/docs/r1.2.1/ mapred_tutorial.html

Tutorial-https://docs.splunk.com/Documentation/ InfoSec/1.7.0/User/Overview

Tutorial-https://docs.splunk.com/Documentation/ MLApp/5.3.1/User/AboutML