Minimum cost security measurements for attack tree based threat models in smart grid

Chakraborty, Nilotpal; Kalaimannan, Ezhil

doi:10.1109/uemcon.2017.8249049

Cited by 4 publications

(2 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…(3) NewChildren � {}; (4) i: � 1; (5) repeat (6) child: � i-th node in Children; (7) if child is an intermediate attack node and (8) has defensive child nodes (9) then (10) T1: � new attack node; (11) Child node relationship of T1: � Child (12) node relationship of child; (13) T1's children: � child's children; (14) T2: � new attack node; (15) T2 children's operator: � AND; (16) Add child to T2's children set; (17) Add T1 to T2's children set; (18) call conversToA2DTree (T1); (19) Add T2 to Newchildren; (20) else (21) call ConverseToA2DTree (child); (22) Add child to Newchildren; (23) end if (24) i: � i+1; (25) customer's online banking credentials, including the username (certificate number) and password. Although usernames can be easily retrieved, obtaining the password requires a phishing e-mail or keylogger.…”

Section: Case Studymentioning

confidence: 99%

“…Namely, the optimal defense devices are chosen based on ROA and ROI. Chakraborty and Kalaimannan [15] modeled the risk of the CPS in a smart grid and assigned a cost factor to each atom attack node. On this basis, the algebraic method is used to analyze the minimum number of attack nodes that should be defended to prevent the attack target from occurring.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Minimum Defense Cost Calculation Method for Attack Defense Trees

Zhong

2020

Security and Communication Networks

View full text Add to dashboard Cite

The cyberphysical system (CPS) is becoming the infrastructure of society. Unfortunately, the CPS is vulnerable to cyberattacks, which may cause environmental pollution, property losses, and even casualties. Furthermore, in contrast to the conventional Internet, the devices in CPSs are more specific, and the device systems may not be upgraded or installed with new programs during their life spans. The selection of the best defense nodes for defeating cyberattacks is quite challenging in CPSs. To overcome this issue, several attack-defense modeled methods have been proposed. However, few existing studies have considered the defense cost, which is usually a determinant in practice. In this paper, we propose a method for choosing optimal defense nodes that (1) can defeat specific attacks and (2) are inexpensive. First, the atom attack defense tree (A2DTree) is proposed by adding constraints to the conventional attack defense tree (ADTree). Second, the algebraic method is used to efficiently calculate the minimum defense cost. On this basis, a minimum defense cost calculation tool is designed and implemented. Finally, the effectiveness of the proposed method is verified with two typical case studies, and a comparative experiment of related work is carried out. The results show that the method can correctly and efficiently identify the optimal defense nodes and calculate the minimum defense cost of a CPS.

show abstract