This is an early access version, the complete PDF, HTML, and XML versions will be available soon.
Open AccessArticle
Leveraging Digital Twins and Intrusion Detection Systems for Enhanced Security in IoT-Based Smart City Infrastructures
by
Mohammed El-Hajj
Mohammed El-Hajj 1,2
1
Department of Semantics, Cybersecurity & Services, University of Twente, 7522 Enschede, The Netherlands
2
Faculty of Computer Studies (FCS), Arab Open University (AOU), Beirut 20584518, Lebanon
Electronics 2024, 13(19), 3941; https://doi.org/10.3390/electronics13193941 (registering DOI)
Submission received: 6 September 2024
/
Revised: 20 September 2024
/
Accepted: 4 October 2024
/
Published: 6 October 2024
Abstract
In this research, we investigate the integration of an Intrusion Detection System (IDS) with a Digital Twin (DT) to enhance the cybersecurity of physical devices in cyber–physical systems. Using Eclipse Ditto as the DT platform and Snort as the IDS, we developed a near-realistic test environment that included a Raspberry Pi as the physical device and a Kali Linux virtual machine to perform common cyberattacks such as Hping3 flood attacks and NMAP reconnaissance scans. The results demonstrated that the IDS effectively detected Hping3-based flood attacks but showed limitations in identifying NMAP scans, suggesting areas for IDS configuration improvements. Furthermore, the study uncovered significant system resource impacts, including high Central Processing Unit (CPU) usage during SYN and ACK flood attacks and persistent memory usage after Network Mapper (NMAP) scans, highlighting the need for enhanced recovery mechanisms. This research presents a novel approach by coupling a Digital Twin with an IDS, enabling real-time monitoring and providing a dual perspective on both system performance and security. The integration offers a holistic method for identifying vulnerabilities and understanding resource impacts during cyberattacks. The work contributes new insights into the use of Digital Twins for cybersecurity and paves the way for further research into automated defense mechanisms, real-world validation of the proposed model, and the incorporation of additional attack scenarios. The results suggest that this combined approach holds significant promise for enhancing the security and resilience of IoT devices and other cyber–physical systems.
Share and Cite
MDPI and ACS Style
El-Hajj, M.
Leveraging Digital Twins and Intrusion Detection Systems for Enhanced Security in IoT-Based Smart City Infrastructures. Electronics 2024, 13, 3941.
https://doi.org/10.3390/electronics13193941
AMA Style
El-Hajj M.
Leveraging Digital Twins and Intrusion Detection Systems for Enhanced Security in IoT-Based Smart City Infrastructures. Electronics. 2024; 13(19):3941.
https://doi.org/10.3390/electronics13193941
Chicago/Turabian Style
El-Hajj, Mohammed.
2024. "Leveraging Digital Twins and Intrusion Detection Systems for Enhanced Security in IoT-Based Smart City Infrastructures" Electronics 13, no. 19: 3941.
https://doi.org/10.3390/electronics13193941
Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details
here.
Article Metrics
Article metric data becomes available approximately 24 hours after publication online.