Modeling and Simulation Approaches for Cybersecurity Impact Analysis: State-of-the-Art

Jawad, Alvi; Jaskolka, Jason

doi:10.23919/annsim52504.2021.9552043

Cited by 6 publications

(4 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The third purpose was the retardation of decision-making process, which was to cause delays in decision making processes. The fourth was to create disruption of public services [20], which basically meant that authorized users would not be able to access and use any public services. The fifth and sixth purposes were closely related in that the aim of the attacks was to damage the confidence of users and reputation of organizations.…”

Section: B Related Workmentioning

confidence: 99%

The Evolution of Cyberattack Motives

Boonkrong¹,

Prompunjai²,

Watcharawongbodee³

et al. 2022

Int. J. Adv. Sci. Eng. Inf. Technol.

View full text Add to dashboard Cite

A cyberattack can be defined as an action aiming to cause damages and losses to computer networks, information systems, and even personal devices and data. Many professionals and organizations have put a lot of effort and resources into preventing cyberattacks based on how they occur, their targets, and what damages they can cause. However, one of the aspects that are often overlooked and one of the reasons that cyberattacks are successfully carried out is the fact that the nature of attackers' motivations is not fully understood. Therefore, this research examines the main reasons for cyberattacks to be carried out by adversaries and the motives behind cyberattacks. Specifically, we studied over 7,700 cyber records and events between 2006 and 2018, including data breaches, privacy violations, and cyber incidents, to learn how attack motives have evolved over the years. The analyses of the data were mainly carried out using descriptive analysis. Our study found that the early cyberattacks were mainly financially motivated. However, in the later years, the cyberattack motives included espionage, ideology, and skill and knowledge testing. This implies that the motives behind cyberattacks became more varied in terms of types, proportions, and correlations between them. It is hoped and expected that the results of the analyses will be helpful to various stakeholders in such a way that they will better understand the reasons and motivations for cyberattacks.

show abstract

Section: B Related Workmentioning

confidence: 99%

The Evolution of Cyberattack Motives

Boonkrong¹,

Prompunjai²,

Watcharawongbodee³

et al. 2022

Int. J. Adv. Sci. Eng. Inf. Technol.

View full text Add to dashboard Cite

show abstract

“…Cyberattacks can severely affect the safe and reliable operation of an ICS and negatively impact the system's mission objectives. Of particular importance is the adverse effect on the system operations to disrupt or delay operations, damage equipment, and reduce customer trust, among others [JJ21b]. Can an attacker exploiting a particular vulnerability in a nuclear command and control system merely turn a light on and off on a control panel, or can they cause a complete nuclear meltdown?…”

Section: What Is Cyberattack Impact?mentioning

confidence: 99%

“…Other modeling and simulation studies included the use of reliability graphs [GWP19], impact dependency graphs The exploration of the different modeling and simulation-based methods and metrics used to define cyberattack impact on ICS and CPS led to the revelation that the topic of impact analysis is still rather new and lacks consistency in the primary terms such as what impact really means. In the studies discussed above, impact took many different definitions depending on the type of system and what was considered to be the most salient properties for its mission objectives [JJ21b]. This included impact on the system availability (disrupted operation), additional cost (to repair or replace damaged physical components and systems), acceleration of natural system degradation, and even impact on other components and/or systems due to cascading events.…”

Section: Sultan Et Al [Sdf17]mentioning

confidence: 99%

“…Assessing only the overall system state is insufficient to ensure system reliability, as tampered component actions may result in invalid products (e.g., altered concentration of the final product in a chemical processing system) [JJ21b]. This flexibility is what allowed us to identify the overlapping action, and consequently, the case of hastened production in Section 6.4, a feature missing from many traditional testing or simulation methods.…”

Section: Modeling Considerationsmentioning

confidence: 99%

See 1 more Smart Citation

A Cyberattack Impact Analysis Approach for Industrial Control Systems

Jawad¹

View full text Add to dashboard Cite

Many of today's critical infrastructures, including Industrial Control Systems (ICSs), are evolving with the integration of numerous connected cyber components with legacy systems. This evolution has exposed ICS to a wide range of security vulnerabilities, requiring different cybersecurity considerations. Understanding how severely cyberattacks can exploit such system vulnerabilities to disrupt or delay system operations is paramount for developing targeted and effective defenses.In this thesis, we present a four-stage impact analysis approach to observe and characterize the manifold impact of cyberattacks on ICS operations. Representative tampering and spoofing attacks demonstrated on a timed automata model of a manufacturing cell control system show how classical and statistical model checking, respectively, are effective at identifying and quantifying the severity of cyberattack impact on ICS mission objectives. Furthermore, the impact analysis results provide extensive insight into the varying impact caused by different attackers and how systems with defenses can mitigate such impacts.iii This work began with a collection of fragmented ideas on viewing system security from a different perspective, which has since evolved into something much more. The work itself, and my growth during its progress, would not be possible without the sincere and unwavering support from my supervisor Professor Jason Jaskolka. His guidance, most times as a supervisor but at times as a guardian or even an elder brother, has helped me pull through the hardest of times. I am grateful beyond words.I thank my colleagues for creating an earnest yet relaxing environment to blend in. A very special thank you goes to Joe Samuel for his overwhelmingly optimistic influence, and more importantly, for simply being a great friend.I express my sincere gratitude to Dr. Mohammad T. Kawser, who, even during his unimaginably agonizing moments, guided me to explore the fundamentals of research. I thank Professor Abdur Rouf and Dr. Rifat Ahmed for being the two best teachers in my life and allowing me to clearly see where my interests and ultimate goals lie.Lastly, I convey my heartfelt gratitude to my family for supporting me with everything they had throughout my journey so far.

show abstract

Defense Models for Data Recovery in Industrial Control Systems

Jawad¹,

Jaskolka²

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Modeling and Simulation Approaches for Cybersecurity Impact Analysis: State-of-the-Art

Cited by 6 publications

References 34 publications

The Evolution of Cyberattack Motives

The Evolution of Cyberattack Motives

A Cyberattack Impact Analysis Approach for Industrial Control Systems

Defense Models for Data Recovery in Industrial Control Systems

Contact Info

Product

Resources

About