An Efficient Tool for Industrial Control System Security Analysis

被引:2
|
作者
Xia, Chuangming [1 ]
Tian, Jing [1 ]
Li, Erqing [1 ]
Zhou, Junwei [1 ]
Xiang, Jianwen [1 ]
Wang, Jin [2 ]
Bai, Liang [2 ]
He, Yueying [2 ]
机构
[1] Wuhan Univ Technol, Hubei Key Lab Transportat IoTs, Wuhan, Peoples R China
[2] CNCERT CC, Beijing, Peoples R China
来源
2016 IEEE 14TH INTL CONF ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING, 14TH INTL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING, 2ND INTL CONF ON BIG DATA INTELLIGENCE AND COMPUTING AND CYBER SCIENCE AND TECHNOLOGY CONGRESS (DASC/PICOM/DATACOM/CYBERSC | 2016年
关键词
Industrial Control System (ICS); Attack Tree; Risk assessment; Defense Suggestion;
D O I
10.1109/DASC-PICom-DataCom-CyberSciTec.2016.84
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
With the development of internet, the network connection between Industrial Control System (ICS) and public internet has been becoming more and more closely. What's more, the traditional IT system attacks have been spread to ICS and become more frequently. However, the traditional security analysis of IT system is not enough to be applied to ICS. In this paper, we present a tool called Attack Path Modeling and Analysis System (APMAS), which provides a graphical user interface (GUI) for the user to model and analyze ICS attack interaction. The main four components including network modeling, rule modeling, attack tree modeling and security analysis are briefly described. Moreover, we propose a solution combined with multi-objective optimization to generate a Pareto front consisting of a group of defense suggestions.
引用
收藏
页码:424 / 427
页数:4
相关论文
共 50 条
  • [31] Cyber Security Issues of Critical Components for Industrial Control System
    Yang, Wen
    Zhao, Qianchuan
    2014 IEEE CHINESE GUIDANCE, NAVIGATION AND CONTROL CONFERENCE (CGNCC), 2014, : 2698 - 2703
  • [32] A Survey on Industrial Control System Testbeds and Datasets for Security Research
    Conti, Mauro
    Donadel, Denis
    Turrin, Federico
    IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2021, 23 (04): : 2248 - 2294
  • [33] HOW INDUSTRIAL CONTROL SYSTEM SECURITY TRAINING IS FALLING SHORT
    Butts, Jonathan
    Glover, Michael
    CRITICAL INFRASTRUCTURE PROTECTION IX, 2015, 466 : 135 - 149
  • [34] Security Assessment of Industrial Control System Applying Reinforcement Learning
    Ibrahim, Mariam
    Elhafiz, Ruba
    PROCESSES, 2024, 12 (04)
  • [35] An open virtual testbed for industrial control system security research
    Bradley Reaves
    Thomas Morris
    International Journal of Information Security, 2012, 11 : 215 - 229
  • [36] Teaching Industrial Control System Security Using Collaborative Projects
    Nguyen, Thuy D.
    Gondree, Mark A.
    SECURITY OF INDUSTRIAL CONTROL SYSTEMS AND CYBER PHYSICAL SYSTEMS, 2016, 9588 : 16 - 30
  • [37] Design and Operation Framework for Industrial Control System Security Exercise
    Asai, Haruna
    Aoyama, Tomomi
    Koshijima, Ichiro
    ADVANCES IN HUMAN FACTORS IN CYBERSECURITY, AHFE 2018, 2019, 782 : 171 - 183
  • [38] Industrial Control System Security-Malware Botnet Detection
    Sagala, Albert
    Pardosi, Rudy
    Lumbantobing, Alexander
    Siagian, Pandapotab
    2016 INTERNATIONAL CONFERENCE ON COMPUTER, CONTROL, INFORMATICS, AND ITS APPLICATIONS (IC3INA) - RECENT PROGRESS IN COMPUTER, CONTROL, AND INFORMATICS FOR DATA SCIENCE, 2016, : 125 - 130
  • [39] A Security Scheme for Cloud-assisted Industrial Control System
    Tu Y.-F.
    Yang G.
    Zhang C.-Z.
    Zidonghua Xuebao/Acta Automatica Sinica, 2021, 47 (02): : 432 - 441
  • [40] A Game-Theoretical Framework for Industrial Control System Security
    Colbert, Edward J. M.
    Zhu, Quanyan
    Rieger, Craig G.
    DECISION AND GAME THEORY FOR SECURITY, (GAMESEC 2016), 2016, 9996 : 469 - 470