Fuzzy approach on modelling cyber attacks patterns on data transfer in industrial control systems

Pricop, Emil; Mihalache, Sanda Florentina

doi:10.1109/ecai.2015.7301200

Cited by 12 publications

(12 citation statements)

References 3 publications

(4 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The first group of approaches consists of the techniques based on attack graph analysis [17][18][19][20][21][22][23][24][25][26][27][28], hidden Markov model [29][30][31][32][33][34], and fuzzy logic [35][36][37].…”

Section: The Comparative Analysis Of the Approaches To The Attacker'smentioning

confidence: 99%

“…The attacker's profile, that is, the score [35], is used then to estimate the attack success rate. The impact of the attack is also a fuzzy function of four linguistic variables: the attacker profile (score), protection level, vulnerabilities, and restore cost.…”

Section: Attacker Behaviour Pattern Discovery Using Fuzzy Inferencementioning

confidence: 99%

“…The linguistic variables used to determine the attacker's category may take the following fuzzy values: none, low, and high, which are described by a triangular form. Pricop and Mihalache [35] apply a fuzzy approach to model the impact of cyber attacks. Like in [46], the authors describe the attacker's profile as a combination of the following three parameters: knowledge, technical resources, and motivation-that is, a function of three inputs and one output.…”

Section: Attacker Behaviour Pattern Discovery Using Fuzzy Inferencementioning

confidence: 99%

See 2 more Smart Citations

Attacker Behaviour Forecasting Using Methods of Intelligent Data Analysis: A Comparative Review and Prospects

2020

View full text Add to dashboard Cite

Early detection of the security incidents and correct forecasting of the attack development is the basis for the efficient and timely response to cyber threats. The development of the attack depends on future steps available to the attackers, their goals, and their motivation—that is, the attacker “profile” that defines the malefactor behaviour in the system. Usually, the “attacker profile” is a set of attacker’s attributes—both inner such as motives and skills, and external such as existing financial support and tools used. The definition of the attacker’s profile allows determining the type of the malefactor and the complexity of the countermeasures, and may significantly simplify the attacker attribution process when investigating security incidents. The goal of the paper is to analyze existing techniques of the attacker’s behaviour, the attacker’ profile specifications, and their application for the forecasting of the attack future steps. The implemented analysis allowed outlining the main advantages and limitations of the approaches to attack forecasting and attacker’s profile constructing, existing challenges, and prospects in the area. The approach for attack forecasting implementation is suggested that specifies further research steps and is the basis for the development of an attacker behaviour forecasting technique.

show abstract

Section: The Comparative Analysis Of the Approaches To The Attacker'smentioning

confidence: 99%

Section: Attacker Behaviour Pattern Discovery Using Fuzzy Inferencementioning

confidence: 99%

Section: Attacker Behaviour Pattern Discovery Using Fuzzy Inferencementioning

confidence: 99%

See 1 more Smart Citation

Attacker Behaviour Forecasting Using Methods of Intelligent Data Analysis: A Comparative Review and Prospects

2020

View full text Add to dashboard Cite

show abstract

“…The application of this model ranges from regular training and testing to supporting military exercises [28]. Furthermore, some methods help to profile cyberattackers based on their knowledge, motivation, and technical resources [29]. Researchers could rely on the success rates of these profiles to accordingly model their testbeds.…”

Section: Virtual Scada (Vscada) Testbedsmentioning

confidence: 99%

Preliminaries of Orthogonal Layered Defence Using Functional and Assurance Controls in Industrial Control Systems

Mackintosh¹,

Epiphaniou

Al-Khateeb

et al. 2019

JSAN

View full text Add to dashboard Cite

Industrial Control Systems (ICSs) are responsible for the automation of different processes and the overall control of systems that include highly sensitive potential targets such as nuclear facilities, energy-distribution, water-supply, and mass-transit systems. Given the increased complexity and rapid evolvement of their threat landscape, and the fact that these systems form part of the Critical National infrastructure (CNI), makes them an emerging domain of conflict, terrorist attacks, and a playground for cyberexploitation. Existing layered-defence approaches are increasingly criticised for their inability to adequately protect against resourceful and persistent adversaries. It is therefore essential that emerging techniques, such as orthogonality, be combined with existing security strategies to leverage defence advantages against adaptive and often asymmetrical attack vectors. The concept of orthogonality is relatively new and unexplored in an ICS environment and consists of having assurance control as well as functional control at each layer. Our work seeks to partially articulate a framework where multiple functional and assurance controls are introduced at each layer of ICS architectural design to further enhance security while maintaining critical real-time transfer of command and control traffic.

show abstract

“…The main vulnerabilities associated to control systems are presented in [1]. Some attacker profiles are described in [5].…”

Section: Control Systems Security Basicsmentioning

confidence: 99%

Considerations regarding security issues impact on systems availability

Pricop

Mihalache

Paraschiv

et al. 2016

2016 8th International Conference on Electronics, Computers and Artificial Intelligence (ECAI)

Self Cite

View full text Add to dashboard Cite

-Control systems behavior can be analyzed taking into account a large number of parameters: performances, reliability, availability, security. Each control system presents various security vulnerabilities that affect in lower or higher measure its functioning. In this paper the authors present a method to assess the impact of security issues on the systems availability. A fuzzy model for estimating the availability of the system based on the security level and achieved availability coefficient (depending on MTBF and MTR) is developed and described. The results of the fuzzy inference system (FIS) are presented in the last section of the paper.

show abstract

Fuzzy approach on modelling cyber attacks patterns on data transfer in industrial control systems

Cited by 12 publications

References 3 publications

Attacker Behaviour Forecasting Using Methods of Intelligent Data Analysis: A Comparative Review and Prospects

Attacker Behaviour Forecasting Using Methods of Intelligent Data Analysis: A Comparative Review and Prospects

Preliminaries of Orthogonal Layered Defence Using Functional and Assurance Controls in Industrial Control Systems

Considerations regarding security issues impact on systems availability

Contact Info

Product

Resources

About