小型SCADA控制系统的定量网络风险降低评估方法

Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06) Pub Date : 2006-01-04 DOI:10.1109/HICSS.2006.405

M. McQueen, W. F. Boyer, M. Flynn, G. Beitel

{"title":"小型SCADA控制系统的定量网络风险降低评估方法","authors":"M. McQueen, W. F. Boyer, M. Flynn, G. Beitel","doi":"10.1109/HICSS.2006.405","DOIUrl":null,"url":null,"abstract":"We propose a new methodology for obtaining a quantitative measurement of the risk reduction achieved when a control system is modified with the intent to improve cyber security defense against external attackers. The proposed methodology employs a directed graph called a compromise graph, where the nodes represent stages of a potential attack and the edges represent the expected time-to-compromise for differing attacker skill levels. Time-to-compromise is modeled as a function of known vulnerabilities and attacker skill level. The methodology was used to calculate risk reduction estimates for a specific SCADA system and for a specific set of control system security remedial actions. Despite an 86% reduction in the total number of vulnerabilities, the estimated time-to-compromise was increased only by about 3 to 30% depending on target and attacker skill level.","PeriodicalId":432250,"journal":{"name":"Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"125","resultStr":"{\"title\":\"Quantitative Cyber Risk Reduction Estimation Methodology for a Small SCADA Control System\",\"authors\":\"M. McQueen, W. F. Boyer, M. Flynn, G. Beitel\",\"doi\":\"10.1109/HICSS.2006.405\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We propose a new methodology for obtaining a quantitative measurement of the risk reduction achieved when a control system is modified with the intent to improve cyber security defense against external attackers. The proposed methodology employs a directed graph called a compromise graph, where the nodes represent stages of a potential attack and the edges represent the expected time-to-compromise for differing attacker skill levels. Time-to-compromise is modeled as a function of known vulnerabilities and attacker skill level. The methodology was used to calculate risk reduction estimates for a specific SCADA system and for a specific set of control system security remedial actions. Despite an 86% reduction in the total number of vulnerabilities, the estimated time-to-compromise was increased only by about 3 to 30% depending on target and attacker skill level.\",\"PeriodicalId\":432250,\"journal\":{\"name\":\"Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06)\",\"volume\":\"18 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-01-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"125\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/HICSS.2006.405\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HICSS.2006.405","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 125

摘要

我们提出了一种新的方法，用于对控制系统进行修改以提高对外部攻击者的网络安全防御时所实现的风险降低进行定量测量。提出的方法采用一种称为妥协图的有向图，其中节点表示潜在攻击的阶段，边表示不同攻击者技能水平的预期妥协时间。入侵时间被建模为已知漏洞和攻击者技能水平的函数。该方法用于计算特定SCADA系统和特定控制系统安全补救措施的风险降低估计。尽管漏洞总数减少了86%，但根据目标和攻击者的技能水平，估计的妥协时间仅增加了约3%至30%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Quantitative Cyber Risk Reduction Estimation Methodology for a Small SCADA Control System

We propose a new methodology for obtaining a quantitative measurement of the risk reduction achieved when a control system is modified with the intent to improve cyber security defense against external attackers. The proposed methodology employs a directed graph called a compromise graph, where the nodes represent stages of a potential attack and the edges represent the expected time-to-compromise for differing attacker skill levels. Time-to-compromise is modeled as a function of known vulnerabilities and attacker skill level. The methodology was used to calculate risk reduction estimates for a specific SCADA system and for a specific set of control system security remedial actions. Despite an 86% reduction in the total number of vulnerabilities, the estimated time-to-compromise was increased only by about 3 to 30% depending on target and attacker skill level.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06)

自引率

0.00%

发文量