2018
DOI: 10.1016/j.csi.2017.09.006
|View full text |Cite
|
Sign up to set email alerts
|

Cyber-attack path discovery in a dynamic supply chain maritime risk management system

Abstract: a b s t r a c t Maritime port infrastructures rely on the use of information systems for collaboration, while a vital part of collaborating is to provide protection to these systems. Attack graph analysis and risk assessment provide information that can be used to protect the assets of a network from cyber-attacks. Furthermore, attack graphs provide functionality that can be used to identify vulnerabilities in a network and how these can be exploited by potential attackers. Existing attack graph generation met… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

2
45
0

Year Published

2018
2018
2023
2023

Publication Types

Select...
5
4

Relationship

1
8

Authors

Journals

citations
Cited by 73 publications
(47 citation statements)
references
References 14 publications
2
45
0
Order By: Relevance
“…Moreover, the collected evidences and results of our study could be beneficial for CMU to develop various case studies for their degree programs. A study [8] has found that modern port infrastructures tend to be highly dependent on the use of information systems to coordinate with the related agencies, port authorities and other bodies worldwide. Thus, there is a high risk of a cyber-attack on these maritime information systems to steal the maritime data.…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation
“…Moreover, the collected evidences and results of our study could be beneficial for CMU to develop various case studies for their degree programs. A study [8] has found that modern port infrastructures tend to be highly dependent on the use of information systems to coordinate with the related agencies, port authorities and other bodies worldwide. Thus, there is a high risk of a cyber-attack on these maritime information systems to steal the maritime data.…”
Section: Related Workmentioning
confidence: 99%
“…As the data in modern port infrastructures is shared across multiple ports, the modern information systems used for sharing the data become very critical and important for smooth functioning of the maritime infrastructure. The study [8] has discussed a risk management system, called MITIGATE, that has been developed for managing and protecting the dynamic nature of maritime supply chain IT infrastructure. The collected evidences and analysis also help in identifying the attack paths used in various geographical locations and for different digital components of an IBS.…”
Section: Related Workmentioning
confidence: 99%
“…17 criteria have been identified and used for evaluating the quality of the algorithm. The selection was based on algorithm characteristics found on previous studies and current trends in risk management (Kaynar & Sivrikaya, 2016;Lever & Kifayat, 2016;Polatidis et al, 2018;Yi et al, 2013). The details, of the criteria can be found in appendix A, while the criteria are also presented briefly within table 3.…”
Section: Evaluation Criteriamentioning
confidence: 99%
“…In complete information models, each player (defender or attacker) is fully aware of the utility functions, payoffs, strategies, and types of the opponents, which are, hereafter, considered as common knowledge. Graphical models (such as attack graphs) (McQueen, Boyer, Flynn, & Beitel, ; Polatidis, Pavlidis, & Mouratidis, ), as well as mathematical models (such as Copula‐based models) (Hu, Xu, Xu, & Zhao, ), and min–max–min optimization‐based models (Fang & Sansavini, ) have been applied to many areas, such as economics, political science, psychology, biology, computer science, and so on (Kreps, ; Nisan, Roughgarden, Tardos, & Vazirani, ; Roger, ), with the goal of advising the defender on the optimal allocation of defensive resources against attackers (Backhaus et al., ; Chen et al., ; Ezhei & Ladani, ; Fielder, Panaousis, Malacaria, Hankin, & Smeraldi, ; Ma, Yau, Lou, & Rao, ; Sun, Peng, Yang, Zhang, & He, ; Wang, Hou, & Ten, ; Xiang & Wang, ; Zhang, Zhuang, & Jose, ).…”
Section: Introductionmentioning
confidence: 99%