{"title":"基于MITRE攻击与ICS框架的智能电网系统威胁映射","authors":"Ahmad Balya Izzuddin, Charles Lim","doi":"10.1109/ICARES56907.2022.9993475","DOIUrl":null,"url":null,"abstract":"The smart grid system is an integration between power distribution systems with communication networks. A smart grid offers various benefits, but at the same time inherits various vulnerabilities from the implemented information and communication technology (ICT). Many devices in smart grid systems implement the TCP/IP stack to exchange data, which can lead to significant new cyber attack vectors, such as malware, Denial-of-service (DoS), man-in-the-middle (MITM), and replay attacks, as well as various other cybersecurity threats. One approach to deal with these security issues proactively is through threat modeling. We can utilize some tools to gather the threat data targeting the smart grid, such as using honeypots, then analyze the collected threat data to obtain the threat model in order to study the attackers' behavior. In this paper, we collected threat data targeting the smart grid system by deploying GridPot honeypot and analyzed the collected threat data by mapping them to the MITRE ATT&CK for Industrial Control System (ICS) framework. This experiment shows that the threats targeting the smart grid systems are real, and could harm any smart grid system in the world.","PeriodicalId":252801,"journal":{"name":"2022 IEEE International Conference on Aerospace Electronics and Remote Sensing Technology (ICARES)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Mapping Threats in Smart Grid System Using the MITRE ATT&CK ICS Framework\",\"authors\":\"Ahmad Balya Izzuddin, Charles Lim\",\"doi\":\"10.1109/ICARES56907.2022.9993475\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The smart grid system is an integration between power distribution systems with communication networks. A smart grid offers various benefits, but at the same time inherits various vulnerabilities from the implemented information and communication technology (ICT). Many devices in smart grid systems implement the TCP/IP stack to exchange data, which can lead to significant new cyber attack vectors, such as malware, Denial-of-service (DoS), man-in-the-middle (MITM), and replay attacks, as well as various other cybersecurity threats. One approach to deal with these security issues proactively is through threat modeling. We can utilize some tools to gather the threat data targeting the smart grid, such as using honeypots, then analyze the collected threat data to obtain the threat model in order to study the attackers' behavior. In this paper, we collected threat data targeting the smart grid system by deploying GridPot honeypot and analyzed the collected threat data by mapping them to the MITRE ATT&CK for Industrial Control System (ICS) framework. This experiment shows that the threats targeting the smart grid systems are real, and could harm any smart grid system in the world.\",\"PeriodicalId\":252801,\"journal\":{\"name\":\"2022 IEEE International Conference on Aerospace Electronics and Remote Sensing Technology (ICARES)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-11-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE International Conference on Aerospace Electronics and Remote Sensing Technology (ICARES)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICARES56907.2022.9993475\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE International Conference on Aerospace Electronics and Remote Sensing Technology (ICARES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICARES56907.2022.9993475","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Mapping Threats in Smart Grid System Using the MITRE ATT&CK ICS Framework
The smart grid system is an integration between power distribution systems with communication networks. A smart grid offers various benefits, but at the same time inherits various vulnerabilities from the implemented information and communication technology (ICT). Many devices in smart grid systems implement the TCP/IP stack to exchange data, which can lead to significant new cyber attack vectors, such as malware, Denial-of-service (DoS), man-in-the-middle (MITM), and replay attacks, as well as various other cybersecurity threats. One approach to deal with these security issues proactively is through threat modeling. We can utilize some tools to gather the threat data targeting the smart grid, such as using honeypots, then analyze the collected threat data to obtain the threat model in order to study the attackers' behavior. In this paper, we collected threat data targeting the smart grid system by deploying GridPot honeypot and analyzed the collected threat data by mapping them to the MITRE ATT&CK for Industrial Control System (ICS) framework. This experiment shows that the threats targeting the smart grid systems are real, and could harm any smart grid system in the world.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
