Yassine Mekdad, Giuseppe Bernieri, M. Conti, A. E. Fergougui
{"title":"一种针对ICS恶意软件的威胁模型方法:TRISIS案例","authors":"Yassine Mekdad, Giuseppe Bernieri, M. Conti, A. E. Fergougui","doi":"10.1145/3457388.3458868","DOIUrl":null,"url":null,"abstract":"Cyber-physical attacks against plants and Critical Infrastructures (CIs) are among the most significant concerns in the 21st century and can lead to devastating consequences. In particular, with the convergence between the Operational Technology (OT) network and the traditional IT network, malware threats for Industrial Control Systems (ICSs) are gradually increasing. In these scenarios, we need to identify potential cyber threats by developing innovative modeling techniques. However, existing malware-based cyber threats modeling techniques are not fully designed for industrial environment. In this paper, we present a threat modeling framework for Industrial Control Systems malware across two different levels: the Extraction Level and the Modeling Level. We evaluate the effectiveness of our model by analyzing the TRISIS cyber attack as a use case. A complex malware developed to cause operational disruption to industrial plants. Our solution outperforms existing malware threat modeling techniques for the ICS environment, and provides useful mitigation strategies to counter malicious activities.","PeriodicalId":136482,"journal":{"name":"Proceedings of the 18th ACM International Conference on Computing Frontiers","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"A threat model method for ICS malware: the TRISIS case\",\"authors\":\"Yassine Mekdad, Giuseppe Bernieri, M. Conti, A. E. Fergougui\",\"doi\":\"10.1145/3457388.3458868\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber-physical attacks against plants and Critical Infrastructures (CIs) are among the most significant concerns in the 21st century and can lead to devastating consequences. In particular, with the convergence between the Operational Technology (OT) network and the traditional IT network, malware threats for Industrial Control Systems (ICSs) are gradually increasing. In these scenarios, we need to identify potential cyber threats by developing innovative modeling techniques. However, existing malware-based cyber threats modeling techniques are not fully designed for industrial environment. In this paper, we present a threat modeling framework for Industrial Control Systems malware across two different levels: the Extraction Level and the Modeling Level. We evaluate the effectiveness of our model by analyzing the TRISIS cyber attack as a use case. A complex malware developed to cause operational disruption to industrial plants. Our solution outperforms existing malware threat modeling techniques for the ICS environment, and provides useful mitigation strategies to counter malicious activities.\",\"PeriodicalId\":136482,\"journal\":{\"name\":\"Proceedings of the 18th ACM International Conference on Computing Frontiers\",\"volume\":\"7 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-05-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 18th ACM International Conference on Computing Frontiers\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3457388.3458868\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 18th ACM International Conference on Computing Frontiers","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3457388.3458868","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A threat model method for ICS malware: the TRISIS case
Cyber-physical attacks against plants and Critical Infrastructures (CIs) are among the most significant concerns in the 21st century and can lead to devastating consequences. In particular, with the convergence between the Operational Technology (OT) network and the traditional IT network, malware threats for Industrial Control Systems (ICSs) are gradually increasing. In these scenarios, we need to identify potential cyber threats by developing innovative modeling techniques. However, existing malware-based cyber threats modeling techniques are not fully designed for industrial environment. In this paper, we present a threat modeling framework for Industrial Control Systems malware across two different levels: the Extraction Level and the Modeling Level. We evaluate the effectiveness of our model by analyzing the TRISIS cyber attack as a use case. A complex malware developed to cause operational disruption to industrial plants. Our solution outperforms existing malware threat modeling techniques for the ICS environment, and provides useful mitigation strategies to counter malicious activities.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
