An Efficient Tool for Industrial Control System Security Analysis

被引：2

作者：

Xia, Chuangming ^{[1
]}

Tian, Jing ^{[1
]}

Li, Erqing ^{[1
]}

Zhou, Junwei ^{[1
]}

Xiang, Jianwen ^{[1
]}

Wang, Jin ^{[2
]}

Bai, Liang ^{[2
]}

He, Yueying ^{[2
]}

机构：

[1] Wuhan Univ Technol, Hubei Key Lab Transportat IoTs, Wuhan, Peoples R China

[2] CNCERT CC, Beijing, Peoples R China

来源：

2016 IEEE 14TH INTL CONF ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING, 14TH INTL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING, 2ND INTL CONF ON BIG DATA INTELLIGENCE AND COMPUTING AND CYBER SCIENCE AND TECHNOLOGY CONGRESS (DASC/PICOM/DATACOM/CYBERSC | 2016年

关键词：

Industrial Control System (ICS); Attack Tree; Risk assessment; Defense Suggestion;

D O I：

10.1109/DASC-PICom-DataCom-CyberSciTec.2016.84

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

With the development of internet, the network connection between Industrial Control System (ICS) and public internet has been becoming more and more closely. What's more, the traditional IT system attacks have been spread to ICS and become more frequently. However, the traditional security analysis of IT system is not enough to be applied to ICS. In this paper, we present a tool called Attack Path Modeling and Analysis System (APMAS), which provides a graphical user interface (GUI) for the user to model and analyze ICS attack interaction. The main four components including network modeling, rule modeling, attack tree modeling and security analysis are briefly described. Moreover, we propose a solution combined with multi-objective optimization to generate a Pareto front consisting of a group of defense suggestions.

引用

页码：424 / 427

页数：4

共 50 条

[31] Cyber Security Issues of Critical Components for Industrial Control System
Yang, Wen
Zhao, Qianchuan
2014 IEEE CHINESE GUIDANCE, NAVIGATION AND CONTROL CONFERENCE (CGNCC), 2014, : 2698 - 2703
[32] A Survey on Industrial Control System Testbeds and Datasets for Security Research
Conti, Mauro
Donadel, Denis
Turrin, Federico
IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2021, 23 (04): : 2248 - 2294
[33] HOW INDUSTRIAL CONTROL SYSTEM SECURITY TRAINING IS FALLING SHORT
Butts, Jonathan
Glover, Michael
CRITICAL INFRASTRUCTURE PROTECTION IX, 2015, 466 : 135 - 149
[34] Security Assessment of Industrial Control System Applying Reinforcement Learning
Ibrahim, Mariam
Elhafiz, Ruba
PROCESSES, 2024, 12 (04)
[35] An open virtual testbed for industrial control system security research
Bradley Reaves
Thomas Morris
International Journal of Information Security, 2012, 11 : 215 - 229
[36] Teaching Industrial Control System Security Using Collaborative Projects
Nguyen, Thuy D.
Gondree, Mark A.
SECURITY OF INDUSTRIAL CONTROL SYSTEMS AND CYBER PHYSICAL SYSTEMS, 2016, 9588 : 16 - 30
[37] Design and Operation Framework for Industrial Control System Security Exercise
Asai, Haruna
Aoyama, Tomomi
Koshijima, Ichiro
ADVANCES IN HUMAN FACTORS IN CYBERSECURITY, AHFE 2018, 2019, 782 : 171 - 183
[38] Industrial Control System Security-Malware Botnet Detection
Sagala, Albert
Pardosi, Rudy
Lumbantobing, Alexander
Siagian, Pandapotab
2016 INTERNATIONAL CONFERENCE ON COMPUTER, CONTROL, INFORMATICS, AND ITS APPLICATIONS (IC3INA) - RECENT PROGRESS IN COMPUTER, CONTROL, AND INFORMATICS FOR DATA SCIENCE, 2016, : 125 - 130
[39] A Security Scheme for Cloud-assisted Industrial Control System
Tu Y.-F.
Yang G.
Zhang C.-Z.
Zidonghua Xuebao/Acta Automatica Sinica, 2021, 47 (02): : 432 - 441
[40] A Game-Theoretical Framework for Industrial Control System Security
Colbert, Edward J. M.
Zhu, Quanyan
Rieger, Craig G.
DECISION AND GAME THEORY FOR SECURITY, (GAMESEC 2016), 2016, 9996 : 469 - 470

← 1 2 3 4 5 →