Cyber attack detection and mitigation: Software Defined Survivable Industrial Control Systems

Sándor, Hunor; Genge, Béla; Szántó, Zoltán; Márton, Lőrinc; Haller, Piroska

doi:10.1016/j.ijcip.2019.04.002

Cited by 23 publications

(15 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Formula (3) does not take into account the combination of several threats, as well as the internal influence between IPT. Therefore, a more appropriate way to determine the risks for ICS is a method that is based on the preparation of attack profiles [3][4]. With this method, attack profiles are considered as sequences of attacks that consist of a combination of different threats [1][2][3][4].…”

Section: Methods and Modelsmentioning

confidence: 99%

“…These researches are primarily intended to answer questions related to the solution of multi-criteria optimization problems that have such properties as: a complex configuration of the acceptable area of application of individual IPT; multi-extremeness of the considered functions; algorithmic definition of functions, etc. Moreover, in real-life problems of creating effective multi-circuit CS systems [3] - [4], it is rarely customary to evaluate solutions using a single criterion. Therefore, in such problems it is important not only to find acceptable Pareto-optimal solutions, but also to approximate the many variants obtained in order to offer the decision-maker (DM) an objective choice of IPT according to the corresponding CS circuits of ICS.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Decision Support System on Optimization of Information Protection Tools Placement

A¹

2020

IJATCSE

View full text Add to dashboard Cite

The article discusses the possibilities of modifying the genetic algorithm (GA) to solve the problem of selecting and optimizing the configuration of information protection tools (IPT) for the security circuits of information and communication systems (ICS). The scientific novelty of the work lies in the fact that the GA proposes the use of the total amount of risks from information loss, as well as the integral indicator of IPT and cost indicators for each class of IPT, as criteria for optimizing the composition of IPT. The genetic algorithm in the problem of optimizing the choice of the composition of IPT for ICS is considered as a variation of the problem associated with multi-selection. In this regard, the optimization of the IPT placement along the ICS protection circuits is considered as a modification of the combinatorial knapsack problem. The GA used in the computing core of the decision support system (DSS) differs from the standard GA. As a part of the GA modification, the chromosomes are presented in the form of matrices, the elements of which are numbers that correspond to the IPT numbers in the ICS nodes. In the process of modifying the GA, a k-point crossing-over was applied. A fitness function is presented as the sum of efficiency factors. At the same time, in addition to the traditional absolute indicators of the IPT efficiency, the total value of risks from information loss, as well as cost indicators for each class of IPT are taken into account. The practical value of the research lies in the implementation of DSS based on the proposed modification of GA. Computational experiments on the selection of a rational software algorithm for implementing the model are performed. It is shown that the implementation of the GA in DSS allows to accelerate the search for optimal variants of cybersecurity (CS) tools placement for ICS by more than 25 times. This advantage allows not only to quickly search through the variety of hardware-software IPT and their combinations for ICS, but also to combine the proposed algorithm with the available models and algorithms for optimizing the composition of the ICS cybersecurity circuits. Potentially, such a combination of models and algorithms will make it possible to quickly rebuild the ICS protection, adjusting its profiles in accordance with new threats and classes of cyber attacks.

show abstract

Section: Methods and Modelsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Decision Support System on Optimization of Information Protection Tools Placement

A¹

2020

IJATCSE

View full text Add to dashboard Cite

show abstract

“…A comprehensive solution for ensuring the SCADA survivability is presented in [149]. The proposed solution is based on virtualization technologies in order to build a resilient communication infrastructure.…”

Section: Scada Survivability and Resiliencementioning

confidence: 99%

A Survey on SCADA Systems: Secure Protocols, Incidents, Threats and Tactics

Pliatsios

Sarigiannidis

Λάγκας

et al. 2020

IEEE Commun. Surv. Tutorials

200

View full text Add to dashboard Cite

Supervisory Control and Data Acquisition (SCADA) systems are the underlying monitoring and control components of critical infrastructures, such as power, telecommunication, transportation, pipelines, chemicals and manufacturing plants. Legacy SCADA systems operated on isolated networks, that made them less exposed to Internet threats. However, the increasing connection of SCADA systems to the Internet, as well as corporate networks, introduces severe security issues. Security considerations for SCADA systems are gaining higher attention, as the number of security incidents against these critical infrastructures is increasing. In this survey, we provide an overview of the general SCADA architecture, along with a detailed description of the SCADA communication protocols. Additionally, we discuss certain high-impact security incidents, objectives, and threats. Furthermore, we carry out an extensive review of the security proposals and tactics that aim to secure SCADA systems. We also discuss the state of SCADA system security. Finally, we present the current research trends and future advancements of SCADA security.

show abstract

“…Reference [26] studies the applicability of emerging technologies in the area of IP networks, including SDN, NFV, and next generation firewalls, to secure ICS. Reference [27] proposes an attack detection and localization algorithm and designs an intervention strategy in the networked robot control field. A software-defined security approach to secure field zones in ICS is shown in Reference [28]: it consists of a hybrid anomaly detection module that inspects anomaly behaviors in network communications and physical process states.…”

Section: Software Defined Networkingmentioning

confidence: 99%

Advancements and Research Trends in Microgrids Cybersecurity

2021

View full text Add to dashboard Cite

Microgrids are growing in importance in the Smart Grid paradigm for power systems. Microgrid security is becoming crucial since these systems increasingly rely on information and communication technologies. Many technologies have been proposed in the last few years for the protection of industrial control systems, ranging from cryptography, network security, security monitoring systems, and innovative control strategies resilient to cyber-attacks. Still, electrical systems and microgrids present their own peculiarities, and some effort has to be put forth to apply cyber-protection technologies in the electrical sector. In the present work, we discuss the latest advancements and research trends in the field of microgrid cybersecurity in a tutorial form.

show abstract

Cyber attack detection and mitigation: Software Defined Survivable Industrial Control Systems

Cited by 23 publications

References 33 publications

Decision Support System on Optimization of Information Protection Tools Placement

Decision Support System on Optimization of Information Protection Tools Placement

A Survey on SCADA Systems: Secure Protocols, Incidents, Threats and Tactics

Advancements and Research Trends in Microgrids Cybersecurity

Contact Info

Product

Resources

About