Open Access

ARTICLE

Network Traffic Obfuscation System for IIoT-Cloud Control Systems

Yangjae Lee1, Sung Hoon Baek2, Jung Taek Seo3, Ki-Woong Park1,*
1 SysCore Lab., Sejong University, Seoul, 05006, Korea
2 Department of Computer System Engineering, Jungwon University, Chungcheongbuk-do, 28024, Korea
3 Department of Computer Engineering, Gachon University, Gyeonggi-do, 13120, Korea
* Corresponding Author: Ki-Woong Park. Email:

Computers, Materials & Continua 2022, 72(3), 4911-4929. https://doi.org/10.32604/cmc.2022.026657

Received 31 December 2021; Accepted 11 March 2022; Issue published 21 April 2022

Abstract

One of the latest technologies enabling remote control, operational efficiency upgrades, and real-time big-data monitoring in an industrial control system (ICS) is the IIoT-Cloud ICS, which integrates the Industrial Internet of Things (IIoT) and the cloud into the ICS. Although an ICS benefits from the application of IIoT and the cloud in terms of cost reduction, efficiency improvement, and real-time monitoring, the application of this technology to an ICS poses an unprecedented security risk by exposing its terminal devices to the outside world. An adversary can collect information regarding senders, recipients, and prime-time slots through traffic analysis and use it as a linchpin for the next attack, posing a potential threat to the ICS. To address this problem, we designed a network traffic obfuscation system (NTOS) for the IIoT-Cloud ICS, based on the requirements derived from the ICS characteristics and limitations of existing NTOS models. As a strategy to solve this problem wherein a decrease in the traffic volume facilitates traffic analysis or reduces the packet transmission speed, we proposed an NTOS based on packet scrambling, wherein a packet is split into multiple pieces before transmission, thus obfuscating network analysis. To minimize the ICS modification and downtime, the proposed NTOS was designed using an agent-based model. In addition, for the ICS network traffic analyzer to operate normally in an environment wherein the NTOS is applied, a rule-based NTOS was adopted such that the actual traffic flow is known only to the device that is aware of the rule and is blocked for attackers. The experimental results verified that the same time requested for response and level of difficulty of analysis were maintained by the application of an NTOS based on packet scrambling, even when the number of requests received by the server per second was reduced. The network traffic analyzer of the ICS can capture the packet flow by using the pre-communicated NTOS rule. In addition, by designing an NTOS using an agent-based model, the impact on the ICS was minimized such that the system could be applied with short downtime.

Keywords

Cloud computing system; moving-target defense; container orchestration

Cite This Article

Y. Lee, S. Hoon Baek, J. Taek Seo and K. Park, "Network traffic obfuscation system for iiot-cloud control systems," Computers, Materials & Continua, vol. 72, no.3, pp. 4911–4929, 2022.



This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 554

    View

  • 332

    Download

  • 0

    Like

Share Link

WeChat scan