{"title":"基于复杂网络理论和攻击图的CBTC系统网络安全风险评估方法","authors":"Fan Zhang, Bing Bu","doi":"10.1109/ICNISC54316.2021.00011","DOIUrl":null,"url":null,"abstract":"Cyber security risk assessment is very important to quantify the security level of communication-based train control (CBTC) systems. In this paper, a methodology is proposed to assess the cyber security risk of CBTC systems that integrates complex network theory and attack graph method. On one hand, in order to determine the impact of malicious attacks on train control, we analyze the connectivity of movement authority (MA) paths based on the working state of nodes, the connectivity of edges. On the other hand, attack graph is introduced to quantify the probabilities of potential attacks that combine multiple vulnerabilities in the cyber world of CBTC. Experiments show that our methodology can assess the security risks of CBTC systems and improve the security level after implementing reinforcement schemes.","PeriodicalId":396802,"journal":{"name":"2021 7th Annual International Conference on Network and Information Systems for Computers (ICNISC)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A Cyber Security Risk Assessment Methodology for CBTC Systems Based on Complex Network Theory and Attack Graph\",\"authors\":\"Fan Zhang, Bing Bu\",\"doi\":\"10.1109/ICNISC54316.2021.00011\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber security risk assessment is very important to quantify the security level of communication-based train control (CBTC) systems. In this paper, a methodology is proposed to assess the cyber security risk of CBTC systems that integrates complex network theory and attack graph method. On one hand, in order to determine the impact of malicious attacks on train control, we analyze the connectivity of movement authority (MA) paths based on the working state of nodes, the connectivity of edges. On the other hand, attack graph is introduced to quantify the probabilities of potential attacks that combine multiple vulnerabilities in the cyber world of CBTC. Experiments show that our methodology can assess the security risks of CBTC systems and improve the security level after implementing reinforcement schemes.\",\"PeriodicalId\":396802,\"journal\":{\"name\":\"2021 7th Annual International Conference on Network and Information Systems for Computers (ICNISC)\",\"volume\":\"53 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 7th Annual International Conference on Network and Information Systems for Computers (ICNISC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICNISC54316.2021.00011\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 7th Annual International Conference on Network and Information Systems for Computers (ICNISC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICNISC54316.2021.00011","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Cyber Security Risk Assessment Methodology for CBTC Systems Based on Complex Network Theory and Attack Graph
Cyber security risk assessment is very important to quantify the security level of communication-based train control (CBTC) systems. In this paper, a methodology is proposed to assess the cyber security risk of CBTC systems that integrates complex network theory and attack graph method. On one hand, in order to determine the impact of malicious attacks on train control, we analyze the connectivity of movement authority (MA) paths based on the working state of nodes, the connectivity of edges. On the other hand, attack graph is introduced to quantify the probabilities of potential attacks that combine multiple vulnerabilities in the cyber world of CBTC. Experiments show that our methodology can assess the security risks of CBTC systems and improve the security level after implementing reinforcement schemes.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
