Abstract
Characterizing attacker behavior with respect to Cyber-Physical Systems is important to assuring the security posture and resilience of these systems. Classical cyber vulnerability assessment approaches rely on the knowledge and experience of cyber-security experts to conduct security analyses and can be inconsistent where the experts’ knowledge and experience are lacking. This paper proposes a flexible attacker modeling framework that aids in the security analysis process by simulating a diverse set of attacker behaviors to predict attack progression and provide consistent system vulnerability analysis. The model proposes an expanded architecture of vulnerability databases to maximize its effectiveness and consistency in detecting CPS vulnerabilities while being compatible with existing vulnerability databases. The model has the power to be implemented and simulated against an actual or virtual CPS. Execution of the attacker model is demonstrated against a simulated industrial control system architecture, resulting in a probabilistic prediction of attacker behavior.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
SysML Open Source Project. https://sysml.org/
CWE - Common Weakness Enumeration (2018). https://cwe.mitre.org/index.html
CPE - Common Platform Enumeration (2019). https://nvd.nist.gov/products/cpe
ATT&CK for Industrial Control Systems. In: MITRE (2020). https://doi.org/10.1109/isie.2010.5636886, https://collaborate.mitre.org/attackics/index.php/
Adepu, S., Mathur, A.: Generalized attacker and attack models for cyber physical systems. In: Proceedings - International Computer Software and Applications Conference, vol. 1, pp. 283–292. IEEE Computer Society (8 2016). https://doi.org/10.1109/COMPSAC.2016.122
Bakirtzis, G., Simon, B.J., Collins, A.G., Fleming, C.H., Elks, C.R.: Data-driven vulnerability exploration for design phase system analysis. IEEE Syst. J. https://doi.org/10.1109/JSYST.2019.2940145
Carin, L., Cybenko, G., Hughes, J.: Quantitative Evaluation of Risk for Investment Efficient Strategies in Cybersecurity: The QuERIES Methodology. Duke University, Technical Report (2008)
Chen, Y., Hong, J., Liu, C.C.: Modeling of intrusion and defense for assessment of cyber security at power substations. IEEE Trans. Smart Grid 9(4), 2541–2552 (2018). https://doi.org/10.1109/TSG.2016.2614603
Ekelhart, A., Kiesling, E., Grill, B., Strauss, C., Stummer, C.: Integrating attacker behavior in IT security analysis: a discrete-event simulation approach. Inf. Technol. Manag. 16(3), 221–233 (2015). https://doi.org/10.1007/s10799-015-0232-6
Heckman, R.: Attacker Classification to Aid Targeting Critical Systems for Threat Modelling and Security Review. Technical Report, ROCKYH (2005)
Knowles, W., Prince, D., Hutchison, D., Disso, J.F.P., Jones, K.: A survey of cyber security management in industrial control systems. Int. J. Crit. Infrastruct. Prot. 9, 52–80 (2015). https://doi.org/10.1016/j.ijcip.2015.02.002, https://www.sciencedirect.com/science/article/pii/S1874548215000207
Kriaa, S., Bouissou, M., Piètre-Cambacédès, L.: Modeling the stuxnet attack with BDMP: towards more formal risk assessments. In: 7th International Conference on Risks and Security of Internet and Systems, CRiSIS 2012 (2012). https://doi.org/10.1109/CRISIS.2012.6378942
LeMay, E., Ford, M.D., Keefe, K., Sanders, W.H., Muehrcke, C.: Model-based security metrics using ADversary VIew security evaluation (ADVISE). In: Proceedings of the 2011 8th International Conference on Quantitative Evaluation of Systems, QEST 2011, pp. 191–200 (2011). https://doi.org/10.1109/QEST.2011.34
Mili, S., Nguyen, N., Chelouah, R.: Transformation-based approach to security verification for cyber-physical systems. IEEE Syst. J. 13(4), 1–12 (2019). https://doi.org/10.1109/jsyst.2019.2923818
MITRE: CVE - Common Vulnerabilities and Exposures. Common Vulnerabilities and Exposures (2016). https://doi.org/10.1016/0272-7757(91)90035-N, https://cve.mitre.org/
MITRE Corporation: CAPEC - Common Attack Pattern Enumeration and Classification (CAPEC) (2011). http://www.https.com//capec.mitre.org/index.htmlcapec.mitre.org/index.html
Mo, Y., et al.: Cyber-physical security of a smart grid infrastructure. Proc. IEEE 100(1), 195–209 (2012). https://doi.org/10.1109/JPROC.2011.2161428
Orojloo, H., Abdollahi Azgomi, M.: Predicting the behavior of attackers and the consequences of attacks against cyber-physical systems. Secur. Commun. Netw. 9(18), 6111–6136 (2016). https://doi.org/10.1002/sec.1761
Patil, S.K., Kant, R.: A fuzzy AHP-TOPSIS framework for ranking the solutions of knowledge management adoption in supply chain to overcome its barriers. Exp. Syst. Appl. 41(2), 679–693 (2014). https://doi.org/10.1016/j.eswa.2013.07.093
Rocchetto, M., Tippenhauer, N.O.: On attacker models and profiles for cyber-physical systems. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 427–449. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45741-3_22
Acknowledgement
This research was made possible by NPRP 9-005-1-002 grant from the Qatar National Research Fund (a member of The Qatar Foundation). The statements made herein are solely the responsibility of the authors.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Deloglos, C., Elks, C., Tantawy, A. (2020). An Attacker Modeling Framework for the Assessment of Cyber-Physical Systems Security. In: Casimiro, A., Ortmeier, F., Bitsch, F., Ferreira, P. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2020. Lecture Notes in Computer Science(), vol 12234. Springer, Cham. https://doi.org/10.1007/978-3-030-54549-9_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-54549-9_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-54548-2
Online ISBN: 978-3-030-54549-9
eBook Packages: Computer ScienceComputer Science (R0)