Abstract
We exploit Decision Networks (DN) for the analysis of attack/defense scenarios in critical infrastructures. DN extend Bayesian Networks (BN) with decision and value nodes. DN inherit from BN the possibility to naturally address uncertainty at every level, making possible the modeling of situations that are not limited to Boolean combinations of events. By means of decision nodes, DN can include the interaction level of attacks and countermeasures. Inference algorithms can be directly exploited for implementing a probabilistic analysis of both the risk and the importance of the attacks. Thanks to value nodes, a sound decision theoretic analysis has the goal of selecting the optimal set of countermeasures to activate.
- X. An, D. Jutla, and N. Cercone. 2006. Privacy intrusion detection using dynamic Bayesian networks. In Proceedings of the International Conference for Electronic Commerce. 208--215. Google Scholar
Digital Library
- S. Bistarelli, F. Fioravanti, and P. Peretti. 2006. Defense trees for economic evaluation of security investments. In Proceedings of the International Conference on Availability, Reliability and Security. IEEE Computer Society. Google Scholar
Digital Library
- E. Borgonovo. 2007. Differential, criticality, and Birnbaum importance measures: An application to basic event, groups, and SSCs in event trees and binary decision diagrams. Reliabil. Eng. Syst. Safety 92, 10 (2007), 1458--1467.Google Scholar
Cross Ref
- E. Byres, D. Leversage, and N. Kube. 2007. Security incidents and trends in SCADA and process industries. Industr. Ethernet Book 39 (2007), 12--20.Google Scholar
- J. Byres, M. Franz, and D. Miller. 2004. The use of attack trees in assessing vulnerabilities in SCADA systems. In Proceedings of the International Infrastructure Survivability Workshop. Lisbon.Google Scholar
- H. Chan and A. Darwiche. 2002. When do numbers really matter? J. Artific. Intell. Res. 17 (2002), 265--287. Google Scholar
Digital Library
- H. Chan and A. Darwiche. 2004. Sensitivity analysis in bayesian networks: From single to multiple parameters. In Proceedings of the Conference on Uncertainty in Artificial Intelligence. AUAI Press, 67--75. Google Scholar
Digital Library
- Y. Cherdantseva, P. Burnap, A. Blyth, P. Eden, K. Jones, H. Soulsby, and K. Stoddart. 2016. A review of cyber security risk assessment methods for SCADA systems. Comput. Secur. 56 (2016), 1--27. Google Scholar
Digital Library
- D. Codetta. 2013. Generalized fault trees: From reliability to security. In Proceedings of the International Workshop on Quantitative Aspects in Security Assurance. London, UK.Google Scholar
- D. Codetta and R. Nai. 2010. Evaluation of communication scenarios inside the electrical power system. Int. J. Model. Simul. 30 (2010), 345--352. Issue 3.Google Scholar
Cross Ref
- D. Codetta, L. Portinale, and R. Terruggia. 2014. Decision networks for modeling and analysis of attack/defense scenarios in critical infrastructures. In Proceedings of the International Florida Artificial Intelligence Research Society Conference. Pensacola Beach, FL, 24--27.Google Scholar
- D. Codetta, L. Portinale, and R. Terruggia. 2014. Quantitative evaluation of attack/defense scenarios through decision network modelling and analysis. In Proceedings of the International Carnahan Conference on Security Technology. 432--437.Google Scholar
- R. G. Cowell, A. P. Dawid, S. L. Lauritzen, and D. J. Spiegelhalter. 1999. Probabilistic Networks and Expert Systems. Springer. Google Scholar
Digital Library
- M. Dacier and Y. Deswarte. 1994. Privilege graph: An extension to the typed access matrix model. In Computer Security. Springer, 319--334. Google Scholar
Digital Library
- G. C. Dalton, R. F. Mills, J. M. Colombi, and R. A. Raines. 2006. Analyzing attack trees using generalized stochastic Petri nets. In Proceedings of the Information Assurance Workshop. IEEE, 116--123.Google Scholar
- G. Dondossola, F. Garrone, and J. Szanto. 2009. Supporting cyber risk assessment of power control systems with experimental data. In Proceedings of the Power Systems Conference and Exposition. IEEE/PES.Google Scholar
- M. Ekstedt and T. Sommestadt. 2009. Enterprise architecture models for cyber-security analysis. In Proceedings of the Power System Conference and Exposition. IEEE/PES.Google Scholar
- M. Frigault, L. Wang, A. Singhal, and S. Jajodia. 2008. Measuring network security using dynamic Bayesian network. In Proceedings of the ACM Workshop on Quality of Protection. 23--30. Google Scholar
Digital Library
- V. Gupta, V. Lam, H. V. Ramasamy, W. H. Sanders, and S. Singh. 2003. Dependability and performance evaluation of intrusion-tolerant server architectures. In Dependable Computing. Springer, 81--101.Google Scholar
- G. Helmer, J. Wong, M. Slagell, V. Honavar, L. Miller, Y. Wang, X. Wang, and N. Stakhanova. 2007. Software fault tree and coloured Petri net--based specification, design and implementation of agent-based intrusion detection systems. Int. J. Info. Comput. Secur. 1, 1 (2007), 109--142. Google Scholar
Digital Library
- H. M. Henry, R. M. Layer, K. Z. Snow, and D. R. Zaret. 2009. Evaluating the risk of cyber attacks on SCADA systems via Petri net analysis with application to hazardous liquid loading operations. In Proceedings of the Conference on Technologies for Homeland Security. IEEE, 607--614.Google Scholar
- F. V. Jensen and T. D. Nielsen. 2007. Bayesian Networks and Decision Graphs (2nd ed.). Springer. Google Scholar
Digital Library
- U. B. Kjaerulff and A. L. Madsen. 2008. Bayesian Networks and Influence Diagrams: A Guide to Construction and Analysis. Information Science and Statistics. Springer. Google Scholar
Digital Library
- D. Koller and N. Friedman. 2009. Probabilistic Graphical Models: Principles and Techniques. MIT Press. Google Scholar
Digital Library
- B. Kordy, S. Mauw, S. Radomirović, and P. Schweitzer. 2010. Foundations of attack--Defense trees. In International Workshop on Formal Aspects in Security and Trust. Springer, Berlin, Heidelberg, 80--95. Google Scholar
Digital Library
- B. Kordy, L. Piètre-Cambacédès, and P. Schweitzer. 2014. DAG-based attack and defense modeling: Don’t miss the forest for the attack trees. Comput. Sci. Rev. 13 (2014), 1--38. Google Scholar
Digital Library
- S. Kriaa, M. Bouissou, and L. Piétre-Cambacédés. 2012. Modeling the stuxnet attack with BDMP: Towards more formal risk assessments. In Proceedings of the International Conference on Risk and Security of Internet and Systems. IEEE. Google Scholar
Digital Library
- S. L. Lauritzen and D. Nilsson. 2001. Representing and solving decision problems with limited information. Manage. Sci. 47 (2001), 1235--1251.Google Scholar
- E. LeMay, M. D. Ford, K. Keefe, W. H. Sanders, and C. Muehrcke. 2011. Model-based security metrics using adversary view security evaluation (advise). In Proceedings of the International Conference on Quantitative Evaluation of Systems. IEEE, 191--200. Google Scholar
Digital Library
- D. D. Maua, C. P. de Campos, and M. Zaffalon. 2012. Solving limited memory influence diagrams. Int. J. Artific. Intell. Res. 44 (2012), 97--140. Google Scholar
Digital Library
- J. P. McDermott. 2000. Attack net penetration testing. In Proceedings of the Workshop on New Security Paradigms. Google Scholar
Digital Library
- F. C. Meng. 2000. Relationships of fussell--Vesely and birnbaum importance to structural importance in coherent systems. Reliabil. Eng. Syst. Safety 67 (2000), 55--60.Google Scholar
Cross Ref
- L. Portinale and D. Codetta. 2015. Modeling and Analysis of Dependable Systems: A Probabilistic Graphical Model Perspective. World Scientific Publishing. Google Scholar
Digital Library
- S. Pudar, G. Manimaran, and C. Liu. 2009. PENET: A practical method and tool for integrated modeling of security attacks and countermeasures. Comput. Secur. 28, 8 (2009), 754--771. Google Scholar
Digital Library
- X. Qin and W. Lee. 2004. Attack plan recognition and prediction using causal networks. In Proceedings of the Annual Computer Security Application Conference. 370--379. Google Scholar
Digital Library
- A. Roy, D. S. Kim, and K. Trivedi. 2012. Scalable optimal countermeasure selection using implicit enmeration on attack countermeasure trees. In Proceedings of the International Conference on Dependable Systems and Networks. Google Scholar
Digital Library
- J. J. C. H. Ryan and D. J. Ryan. 2006. Expected benefits of information security investments. Comput. Secur. 25, 8 (2006), 579--588. Google Scholar
Digital Library
- O. Scheyner. 2004. Scenario Graphs and Attack Graphs. Ph.D. Dissertation. Carnegie Mellon University. Google Scholar
Digital Library
- B. Schneier. 2000. Secrets and Lies: Digital Security in a Networked World. J. Wiley. Google Scholar
Digital Library
- S. Singh, M. Cukier, and W. H. Sanders. 2003. Probabilistic validation of an intrusion-tolerant replication system. In Proceedings of the International Conference on Dependable Systems and Networks. IEEE Computer Society, 615--624.Google Scholar
- T. Sommestad, M. Ekstedt, and P. Johnson. 2009. Cyber security risks assessment with bayesian defense graphs and architectural models. In Proceedings of the Hawaii International Conference on System Sciences. Google Scholar
Digital Library
- P. Chee-Wooi Ten, Chen-Ching Liu, and M. Govindarasu. 2007. Vulnerability assessment of cybersecurity for SCADA systems using attack trees. In Proceedings of the IEEE Power Engineering Society General Meeting.Google Scholar
- P. Chee-Wooi Ten, G. Manimaran, and C. C. Liu. 2010. Cybersecurity for critical infrastructures: Attack and defense modeling. IEEE Trans. Syst. Man Cybernet., Part A 40 (2010), 853--65. Issue 4. Google Scholar
Digital Library
- V. Verendel. 2009. Quantified security is a weak hypothesis: A critical survey of results and assumptions. In Proceedings of the New Security Paradigms Workshop. ACM, 37--50. Google Scholar
Digital Library
- P. Xie, J. H. Li, X. Ou, P. Liu, and R. Levy. 2010. Using bayesian networks for cyber-security analysis. In Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’10). 211--220.Google Scholar
- S. Zhang and S. Song. 2011. A novel attack graph posterior inference model based on Bayesian network. J. Info. Secur. 2, 1 (2011), 8--27.Google Scholar
Cross Ref
Index Terms
Decision Networks for Security Risk Assessment of Critical Infrastructures
Recommendations
Critical Infrastructures: IT Security and Threats from Private Sector Ownership
The critical infrastructures of industrialized countries depend on an interconnected “system of systems” that physically spans the globe and exists virtually everywhere. Often, the governments and industries responsible for the critical infrastructures ...
Risk assessment and attack graph generation for collaborative infrastructures: a survey
Collaborative infrastructures allow physical, cyber and human elements to be combined and can integrate legacy systems with new technology. As organisations globally continue to take advantage of the benefits collaboration affords, it is vital that the ...
Measuring the risk of cyber attack in industrial control systems
ICS-CSR '16: Proceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research 2016Cyber attacks on industrial control systems (ICS) that underpin critical national infrastructure can be characterised as high-impact, low-frequency events. To date, the volume of attacks versus the overall global footprint of ICS is low, and as a result ...






Comments