Railway Defender Kill Chain to Predict and Detect Cyber-Attacks

Kour, Ravdeep; Thaduri, Adithya; Karim, Ramin

doi:10.13052/jcsm2245-1439.912

Cited by 14 publications

(11 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…135 Other. Other papers are qualitative (3 conceptual, 1 comparative study, and 1 case study) and consist of generalised security technologies, 136,137 cybersecurity issues and challenges, 15 cybersecurity maturity levels 138 and other security guidance within railways. 139 From the critical review process, it has been noticed that some of the authors have used CKC models to predict and detect cyberattacks which is an interesting model to explore more into.…”

Section: Case Study Signalling Interlocking Human Factormentioning

confidence: 99%

A review on cybersecurity in railways

Kour

Patwardhan

Thaduri

et al. 2022

Proceedings of the Institution of Mechanical Engineers, Part F:

Self Cite

View full text Add to dashboard Cite

Digitalisation is transforming the railway globally. One of the major considerations in digital transformation of any industry including the railway is the increased exposure to cyberattacks. The railway industry is vulnerable to these attacks because since the number of digital items and also number of interfaces between digital and physical components in the railway systems keep increasing. Increased number of items and interfaces require new frameworks, concepts and architectures to ensure the railway system’s resilience with respect to cybersecurity challenges, such as lack of proactiveness, lack of holistic perspective and obsolescence of safety systems exposed to current and future cyber threats landscape. To this date, there are several works carried out in the literature that studied the cybersecurity aspects and its application on railway infrastructure. However, to develop and implement an appropriate roadmap to cybersecurity in railways, there is a need of describing emerging challenges, and approaches to deal with these challenges and the possibilities and benefits of these. Hence, the objective of this paper is to provide a systematic review and outline cybersecurity emerging trends and approaches, and also to identify possible solutions by querying literature, academic and industrial, for future directions. The authors of this paper conducted separate searches through four popular databases, that is, Google Scholar, Scopus, Web of Science and IEEE explore. For the screening process, authors have used keywords with Boolean operators and database filters and identified 90 articles most relevant to the study domain. The analysis of 90 articles shows that majority of the cybersecurity studies lies within the railways are conceptual and lags in application of Artificial Intelligence (AI) based security. Like other industries, it is very important that railways should also follow latest security technologies, trends and train their workforce for cyber hygiene since railways are already in digitalization transition mode.

show abstract

Section: Case Study Signalling Interlocking Human Factormentioning

confidence: 99%

A review on cybersecurity in railways

Kour

Patwardhan

Thaduri

et al. 2022

Proceedings of the Institution of Mechanical Engineers, Part F:

Self Cite

View full text Add to dashboard Cite

show abstract

“…The malware detection approaches have evolved over the years. While most research studies discuss the detection mechanisms, in [27], the use of prediction technologies using the cyber kill chain and industrial control system to reduce cyber-based attacks has been explained. This article discusses the detection approaches for Android malware analysis.…”

Section: Detection Approachesmentioning

confidence: 99%

A Review and Case Study on Android Malware: Threat Model, Attacks, Techniques and Tools

Negi

Mishra

Chaudhary

et al. 2021

JCSANDM

View full text Add to dashboard Cite

As android devices have increased in number in the past few years, the android operating system has started dominating the smartphone market. The vast spread of android across all the devices has made security an important issue as the android users continue to grow exponentially. The security of android platform has become the need of the hour in view of increase in the number of malicious apps and thus several studies have emerged to present the detection approaches. In this paper, we review the android components to propose a threat model that illustrates the possible threats that are present in the android. We also present the attack taxonomy to illustrate the possible attacks at various layers of the android architecture. Experiments demonstrating the feature extraction and classification using machine earning algorithms have also been performed.

show abstract

“…Alternatively, the Kill-Chain modeling concept provides an approach for structuring multistage attacks aimed at disrupting or destroying vital processes or devices. Steps within the structure include gaining access to and information about the target system, developing and testing new capabilities on the compromised targets, exploiting vulnerabilities and moving laterally in the network, building Command and Control (C2) infrastructure, and acting on the objection (e.g., disrupting grid operations) [23].…”

Section: B Contextual Detection Of Cyber Incidentsmentioning

confidence: 99%

Towards an Approach to Contextual Detection of Multi-Stage Cyber Attacks in Smart Grids

Sen,

van der Velde,

Wehrmeister

et al. 2021

Preprint

View full text Add to dashboard Cite

Electric power grids are at risk of being compromised by high-impact cyber-security threats such as coordinated, timed attacks. Navigating this new threat landscape requires a deep understanding of the potential risks and complex attack processes in energy information systems, which in turn demands an unmanageable manual effort to timely process a large amount of cross-domain information. To provide an adequate basis to contextually assess and understand the situation of smart grids in case of coordinated cyber-attacks, we need a systematic and coherent approach to identify cyber incidents. In this paper, we present an approach that collects and correlates cross-domain cyber threat information to detect multi-stage cyber-attacks in energy information systems. We investigate the applicability and performance of the presented correlation approach and discuss the results to highlight challenges in domain-specific detection mechanisms.

show abstract

Railway Defender Kill Chain to Predict and Detect Cyber-Attacks

Cited by 14 publications

References 35 publications

A review on cybersecurity in railways

A review on cybersecurity in railways

A Review and Case Study on Android Malware: Threat Model, Attacks, Techniques and Tools

Towards an Approach to Contextual Detection of Multi-Stage Cyber Attacks in Smart Grids

Contact Info

Product

Resources

About