Attack Graph Implementation and Visualization for Cyber Physical Systems

Ibrahim, Mariam; Al-Hindawi, Qays; Elhafiz, Ruba; Alsheikh, Ahmad; Alquq, Omar

doi:10.3390/pr8010012

Cited by 19 publications

(10 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Ferda et al [16] proposed Attack Dynamics, an automated attack graph generation framework finding attack paths that can identify attack types using MITRE common attack pattern enumeration and classification (CAPEC) and MITRE common weakness enumeration (CWE). Ibrahim et al [28] presented attack graphs causing plant shutdowns in nuclear power plants, vehicular network systems, and ICS using models considering system and security attributes, implementing cyberattack scenarios from the graphs. Serru et al [13] experimented with analyzing the impact of multi-level cyberattacks on the safety of cyber-physical systems (CPS) using discrete event simulations (DES).…”

Section: Related Workmentioning

confidence: 99%

GENICS: A Framework for Generating Attack Scenarios for Cybersecurity Exercises on Industrial Control Systems

Song,

Jeon,

Kim

et al. 2024

Applied Sciences

View full text Add to dashboard Cite

Due to the nature of the industrial control systems (ICS) environment, where process continuity is essential, intentionally initiating a cyberattack to check security controls can cause severe financial and human damage to the organization. Therefore, most organizations operating ICS environments check their level of security through simulated cybersecurity exercises. For these exercises to be effective, high-quality cyberattack scenarios that are likely to occur in the ICS environment must be assumed. Unfortunately, many organizations use limited attack scenarios targeting essential digital assets, leading to ineffective response preparedness. To derive high-quality scenarios, there is a need for relevant attack and vulnerability information, and standardized methods for creating and evaluating attack scenarios in the ICS context. To meet these challenges, we propose GENICS, an attack scenario generation framework for cybersecurity training in ICS. GENICS consists of five phases: threat analysis, attack information identification, modeling cyberattack scenarios, quantifying cyberattacks, and generating scenarios. The validity of GENICS was verified through a qualitative study and case studies on current attack scenario-generating methods. GENICS ensures a systematic approach to generate quantified, realistic attack scenarios, thereby significantly enhancing cybersecurity training in ICS environments.

show abstract

Section: Related Workmentioning

confidence: 99%

GENICS: A Framework for Generating Attack Scenarios for Cybersecurity Exercises on Industrial Control Systems

Song,

Jeon,

Kim

et al. 2024

Applied Sciences

View full text Add to dashboard Cite

show abstract

“…The next phase of the research deals with identifying attack points and hardening the network to avoid vulnerability. The attack graph hardening techniques prescribed in the study (Ibrahim et al, 2020), (Sansavini & Parigi, 2020) that makes use of topological analysis gives a new dimension for managing cyber threats at the time of vulnerabilities. Thus, topological analysis for vulnerabilities became the backbone of the study and proposal.…”

Section: Literature Reviewmentioning

confidence: 99%

Cyber Attacks Visualization and Prediction in Complex Multi-Stage Network

Altheyabi¹

2022

AJRSP

View full text Add to dashboard Cite

In network security, various protocols exist, but these cannot be said to be secure. Moreover, is not easy to train the end-users, and this process is time-consuming as well. It can be said this way, that it takes much time for an individual to become a good cybersecurity professional. Many hackers and illegal agents try to take advantage of the vulnerabilities through various incremental penetrations that can compromise the critical systems. The conventional tools available for this purpose are not enough to handle things as desired. Risks are always present, and with dynamically evolving networks, they are very likely to lead to serious incidents. This research work has proposed a model to visualize and predict cyber-attacks in complex, multilayered networks. The calculation will correspond to the cyber software vulnerabilities in the networks within the specific domain. All the available network security conditions and the possible places where an attacker can exploit the system are summarized.

show abstract

“…Validity tests can be executed on a component level or on a system level to validate the full system against the proposed criterion. Our tool was validated on a system level by comparing the system's output to the model-based schemes of [40][41][42] and [43], respectively. ese schemes used Architecture Analysis and Design Language (AADL) [44] to formally model the system and later implemented JKind model checker tool [45] to check the model against the security properties.…”

Section: Verification and Validationmentioning

confidence: 99%

Security Analysis of Smart Grids

Ibrahim

Elhafiz

2022

Security and Communication Networks

View full text Add to dashboard Cite

An attack graph is a beneficial tool to network defenders, demonstrating the routes that an attacker can utilize to acquire entry to a target network. Cyber-attacks endanger the security of smart grids as a result of the presence of vulnerabilities in the diversified structural units establishing it. This paper introduces a new tool built using Python language and Jupyter Notebook to enumerate an attack graph for a smart grid. The smart grid is formally presented and implemented, determining system design, links, weaknesses, resources, potential attack instances, and their pre- and post-conditions. The tool is utilized to automatically determine an attack sequence in the form of a counterexample. It constructs the counterexamples, encodes those for requirement loosening, and iterates up until all attack sequences are disclosed. Then, the attack graph causing disruption of the smart grid’s workflow is graphically visualized.

show abstract

Attack Graph Implementation and Visualization for Cyber Physical Systems

Cited by 19 publications

References 45 publications

GENICS: A Framework for Generating Attack Scenarios for Cybersecurity Exercises on Industrial Control Systems

GENICS: A Framework for Generating Attack Scenarios for Cybersecurity Exercises on Industrial Control Systems

Cyber Attacks Visualization and Prediction in Complex Multi-Stage Network

Security Analysis of Smart Grids

Contact Info

Product

Resources

About