Proactive Measures for Cyber-Physical Systems Cybersecurity

Abstract

Reactive security measures for cyber-physical systems (CPS) are ineffective. It is imperative for replacing these measures with proactive ones for the sustainability of the CPS cybersecurity. We introduce a novel proactive methodology for CPS cybersecurity. We implemented this methodology in a system called CPM-CPS. The methodology is summarized as follows: (a) clustering the CPS devices with LAN-based network sharing, (b) identifying the influential devices in each cluster, and (c) identifying the central devices at the WAN level that have network sharing with the influential devices in the different clusters. The file sharing of the identified influential devices at both LAN and WAN levels needs to be paid more attention to. Such measures can help in detecting potential security risks and preventing cyber-attacks against these influential devices before they share their infected files with other devices. Security equipment like intrusion detection systems can be provided to these influential devices. We introduce in this paper novel k-clique-based modeling techniques for clustering LAN devices. We introduce novel techniques for identifying LAN and WAN influential devices using coefficient-based and Independent Cascades-based modeling techniques. We experimentally evaluated our system CPM-CPS and compared it with four methods. Results showed marked improvement.