Towards Modeling Attacker’s Opportunity for Improving Cyber Resilience in Energy Delivery Systems

2018 Resilience Week (RWS) Pub Date : 2018-08-01 DOI:10.1109/RWEEK.2018.8473511

Sharif Ullah, S. Shetty, Amin Hassanzadeh

{"title":"Towards Modeling Attacker’s Opportunity for Improving Cyber Resilience in Energy Delivery Systems","authors":"Sharif Ullah, S. Shetty, Amin Hassanzadeh","doi":"10.1109/RWEEK.2018.8473511","DOIUrl":null,"url":null,"abstract":"Cyber resiliency of Energy Delivery Systems (EDS) is critical for secure and resilient cyber infrastructure. Defense-in-depth architecture forces attackers to conduct lateral propagation until the target is compromised. Researchers developed techniques based on graph spectral matrices to model lateral propagation. However, these techniques ignore host criticality which is critical in EDS. In this paper, we model attacker’s opportunity by developing three criticality metrics for each host along the path to the target. The first metric refers the opportunity of attackers before they penetrate the infrastructure. The second metric measure the opportunity a host provides by allowing attackers to propagate through the network. Along with vulnerability we also take into account the attributes of hosts and links within each path. Then, we derive third criticality metric to reflect the information flow dependency from each host to target. Finally, we provide system design for instantiating the proposed metrics for real network scenarios in EDS. We present simulation results which illustrates the effectiveness of the metrics for efficient defense deployment in EDS cyber infrastructure.","PeriodicalId":206638,"journal":{"name":"2018 Resilience Week (RWS)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 Resilience Week (RWS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RWEEK.2018.8473511","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 11

Abstract

Cyber resiliency of Energy Delivery Systems (EDS) is critical for secure and resilient cyber infrastructure. Defense-in-depth architecture forces attackers to conduct lateral propagation until the target is compromised. Researchers developed techniques based on graph spectral matrices to model lateral propagation. However, these techniques ignore host criticality which is critical in EDS. In this paper, we model attacker’s opportunity by developing three criticality metrics for each host along the path to the target. The first metric refers the opportunity of attackers before they penetrate the infrastructure. The second metric measure the opportunity a host provides by allowing attackers to propagate through the network. Along with vulnerability we also take into account the attributes of hosts and links within each path. Then, we derive third criticality metric to reflect the information flow dependency from each host to target. Finally, we provide system design for instantiating the proposed metrics for real network scenarios in EDS. We present simulation results which illustrates the effectiveness of the metrics for efficient defense deployment in EDS cyber infrastructure.

查看原文本刊更多论文

建模攻击者的机会，提高能源输送系统的网络弹性

能源输送系统(EDS)的网络弹性对于安全和弹性的网络基础设施至关重要。纵深防御架构迫使攻击者进行横向传播，直到目标被攻破。研究人员开发了基于图谱矩阵的技术来模拟横向传播。然而，这些技术忽略了主机临界性，这在EDS中是至关重要的。在本文中，我们通过为每个主机开发三个关键指标来模拟攻击者的机会。第一个指标是指攻击者在渗透基础设施之前的机会。第二个指标衡量主机通过允许攻击者通过网络传播而提供的机会。除了漏洞，我们还考虑了每个路径中的主机和链接的属性。然后，我们导出第三个临界度量来反映从每个主机到目标的信息流依赖性。最后，我们提供了在EDS中实例化所提出的度量标准的系统设计。我们给出的仿真结果说明了这些指标在EDS网络基础设施中有效防御部署的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 Resilience Week (RWS)

自引率

0.00%

发文量