Process-Aware Model based IDSs for Industrial Control Systems Cybersecurity: Approaches, Limits and Further Research

Escudero, Cédric; Sicard, Franck; Zamaï, Éric

doi:10.1109/etfa.2018.8502585

Cited by 18 publications

(8 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Then the closest solutions to the ideal security strategy were chosen and the efficiency of the proposed approach demonstrated high value in a simulated process control ICS. Escudero et al [20] provided comprehensive outlines, vision, and views of ICS Security for the G-SCOP Center of Research deficiencies. They gave orientation for designing a behavioral model-based Intrusion Detection System for equipment degradation and addressed the limitation of the current approach on a single supply chain.…”

Section: Literature Surveymentioning

confidence: 99%

Capturing-the-Invisible (CTI): Behavior-Based Attacks Recognition in IoT-Oriented Industrial Control Systems

Bhardwaj

Al‐Turjman²,

Kumar

et al. 2020

IEEE Access

View full text Add to dashboard Cite

show abstract

Section: Literature Surveymentioning

confidence: 99%

Capturing-the-Invisible (CTI): Behavior-Based Attacks Recognition in IoT-Oriented Industrial Control Systems

Bhardwaj

Al‐Turjman²,

Kumar

et al. 2020

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Diverse types of cyber‐attacks have caused increasing security threats to contemporary computing and networking systems . These threats pose huge potential security risks to individuals, societies, and enterprises . For instance, massive hack attacks to Sony pictures caused the theft and online exposure of about 40 gigabytes of sensitive data (including pertinent scripts of unreleased films, private information of Sony employees, etc) .…”

Section: Introductionmentioning

confidence: 99%

“…Cyber‐attacks have become a major threat to many modern systems and networks. For example, industrial control systems have been targeted by cyber‐attacks based on vulnerabilities in these systems and their environments or based on the equipment degradation . It is a challenging task to address dependence in cybersecurity models …”

Section: Introductionmentioning

confidence: 99%

“…1 These threats pose huge potential security risks to individuals, societies, and enterprises. 2,3 For instance, massive hack attacks to Sony pictures caused the theft and online exposure of about 40 gigabytes of sensitive data (including pertinent scripts of unreleased films, private information of Sony employees, etc). 4 For another instance, as one of the largest security breaches in the computer network history, one billion Yahoo email accounts were breached from attacks utilizing fake Internet cookies.…”

Section: Introductionmentioning

confidence: 99%

“…For example, industrial control systems have been targeted by cyber-attacks based on vulnerabilities in these systems and their environments 43,44 or based on the equipment degradation. 3 It is a challenging task to address dependence in cybersecurity models. 39 In this work, we focus on security risks from cyber-attacks subject to sequence dependence, where the occurrence order of hazardous events matters to the system status.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Probabilistic modeling and analysis of sequential cyber‐attacks

Liu

Xing

Zhou

2019

Engineering Reports

View full text Add to dashboard Cite

Security is one of the major challenges for promoting the computer industry. Existing models for assessing security have mostly assumed that different hazards causing the security breach are independent of each other. Dependencies however can exist among different hazardous actions and they may affect the system security attribute greatly. This paper advances the state of the art in quantitative security risk assessment by modeling one such dependency, where multiple sequence‐dependent hazardous actions are performed to launch a successful security cyber‐attack. Continuous‐time Markov chain and semi‐Markov process–based methods are proposed to estimate the occurrence probability of a security risk for systems undergoing the sequential cyber‐attacks. While the CTMC method is limited to the exponential state transition time, the proposed semi‐Markov process–based approach is applicable to analyzing attacks with any arbitrary types of transition time distributions. Both methods are illustrated using case studies where Trojan attacks in the banking application are modeled and analyzed.

show abstract

Effective Detection of Cyber Attack in a Cyber-Physical Power Grid System

Otokwala

Petrovski

Kalutarage

2021

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

Advancement in technology and the adoption of smart devices in the operation of power grid systems have made it imperative to ensure adequate protection for the cyber-physical power grid system against cyber-attacks. This is because, contemporary cyber-attack landscapes have made devices' first line of defense (i.e. authentication and authorization) hardly enough to withstand the attacks. To detect these attacks, this paper proposes a detection methodology based on Machine Learning techniques. The dataset used in this experiment was obtained from the synchrophasor measurements of data logs from snort, simulated control panels and relays of a smart power grid transmission system. After the preprocessing of the dataset, it was then scaled and analyzed before the fitting of -Random Forest, Support Vector Machine, Linear Discriminant Analysis and K-Nearest Neighbor algorithms. The fitting of the different classifiers was done in order to find the algorithm with the best output. Upon the completion of the experiment, the results of classifiers were tabulated and the result of the Random Forest model was the most effective with an accuracy of 92% and a significantly low rate of misclassification. The Random Forest model also shows a high percentage of the true positive rate that is critical to the security issue..

show abstract

Process-Aware Model based IDSs for Industrial Control Systems Cybersecurity: Approaches, Limits and Further Research

Cited by 18 publications

References 26 publications

Capturing-the-Invisible (CTI): Behavior-Based Attacks Recognition in IoT-Oriented Industrial Control Systems

Capturing-the-Invisible (CTI): Behavior-Based Attacks Recognition in IoT-Oriented Industrial Control Systems

Probabilistic modeling and analysis of sequential cyber‐attacks

Effective Detection of Cyber Attack in a Cyber-Physical Power Grid System

Contact Info

Product

Resources

About