Graph-Theoretic Approach for Manufacturing Cybersecurity Risk Modeling and Assessment

Identifying, analyzing, and evaluating cybersecurity risks are essential to assess the vulnerabilities of modern manufacturing infrastructures and to devise effective decision-making strategies to secure critical manufacturing against potential cyberattacks. In response, this work proposes a graph-theoretic approach for risk modeling and assessment to address the lack of quantitative cybersecurity risk assessment frameworks for smart manufacturing systems. In doing so, first, threat attributes are represented using an attack graphical model derived from manufacturing cyberattack taxonomies. Attack taxonomies offer consistent structures to categorize threat attributes, and the graphical approach helps model their interdependence. Second, the graphs are analyzed to explore how threat events can propagate through the manufacturing value chain and identify the manufacturing assets that threat actors can access and compromise during a threat event. Third, the proposed method identifies the attack path that maximizes the likelihood of success and minimizes the attack detection probability, and then computes the associated cybersecurity risk. Finally, the proposed risk modeling and assessment framework is demonstrated via an interconnected smart manufacturing system illustrative example. Using the proposed approach, practitioners can identify critical connections and manufacturing assets requiring prioritized security controls and develop and deploy appropriate defense measures accordingly.Comment: 25 pages, 10 figure

The threat nets approach to information system security risk analysis

The growing demand for healthcare services is motivating hospitals to strengthen outpatient case management using information systems in order to serve more patients using the available resources. Though the use of information systems in outpatient case management raises patient data security concerns, it was established that the current approaches to information systems risk analysis do not provide logical recipes for quantifying threat impact and determining the cost-effectiveness of risk mitigation controls. Quantifying the likelihood of the threat and determining its potential impact is key in deciding whether to adopt a given information system or not. Therefore, this thesis proposes the Threat Nets Approach organized into 4 service recipes, namely: threat likelihood assessment service, threat impact evaluation service, return on investment assessment service and coordination management. The threat likelihood assessment service offers recipes for determining the likelihood of a threat. The threat impact evaluation service offers techniques of computing the impact of the threat on the organization. The return on investment assessment service offers recipes of determining the cost-effectiveness of threat mitigation controls. To support the application of the approach, a ThreNet tool was developed. The approach was evaluated by experts to ascertain its usability and usefulness. Evaluation of the Threat Nets Approach by the experts shows that it provides complete, usable and useful recipes for the assessment of; threat likelihood, threat impact and cost-effectiveness of threat mitigation controls. The results suggest that the application of Threat Nets approach is effective in quantifying risks to information system

The threat nets approach to information system security risk analysis

The growing demand for healthcare services is motivating hospitals to strengthen outpatient case management using information systems in order to serve more patients using the available resources. Though the use of information systems in outpatient case management raises patient data security concerns, it was established that the current approaches to information systems risk analysis do not provide logical recipes for quantifying threat impact and determining the cost-effectiveness of risk mitigation controls. Quantifying the likelihood of the threat and determining its potential impact is key in deciding whether to adopt a given information system or not. Therefore, this thesis proposes the Threat Nets Approach organized into 4 service recipes, namely: threat likelihood assessment service, threat impact evaluation service, return on investment assessment service and coordination management. The threat likelihood assessment service offers recipes for determining the likelihood of a threat. The threat impact evaluation service offers techniques of computing the impact of the threat on the organization. The return on investment assessment service offers recipes of determining the cost-effectiveness of threat mitigation controls. To support the application of the approach, a ThreNet tool was developed. The approach was evaluated by experts to ascertain its usability and usefulness. Evaluation of the Threat Nets Approach by the experts shows that it provides complete, usable and useful recipes for the assessment of; threat likelihood, threat impact and cost-effectiveness of threat mitigation controls. The results suggest that the application of Threat Nets approach is effective in quantifying risks to information system

Simulation for Cybersecurity: State of the Art and Future Directions

In this article, we provide an introduction to simulation for cybersecurity and focus on three themes: (1) an overview of the cybersecurity domain; (2) a summary of notable simulation research efforts for cybersecurity; and (3) a proposed way forward on how simulations could broaden cybersecurity efforts. The overview of cybersecurity provides readers with a foundational perspective of cybersecurity in the light of targets, threats, and preventive measures. The simulation research section details the current role that simulation plays in cybersecurity, which mainly falls on representative environment building; test, evaluate, and explore; training and exercises; risk analysis and assessment; and humans in cybersecurity research. The proposed way forward section posits that the advancement of collecting and accessing sociotechnological data to inform models, the creation of new theoretical constructs, and the integration and improvement of behavioral models are needed to advance cybersecurity efforts

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures comprise of many interconnected cyber and physical assets, and as such are large scale cyber-physical systems. Hence, the conventional approach of securing these infrastructures by addressing cyber security and physical security separately is no longer effective. Rather more integrated approaches that address the security of cyber and physical assets at the same time are required. This book presents integrated (i.e. cyber and physical) security approaches and technologies for the critical infrastructures that underpin our societies. Specifically, it introduces advanced techniques for threat detection, risk assessment and security information sharing, based on leading edge technologies like machine learning, security knowledge modelling, IoT security and distributed ledger infrastructures. Likewise, it presets how established security technologies like Security Information and Event Management (SIEM), pen-testing, vulnerability assessment and security data analytics can be used in the context of integrated Critical Infrastructure Protection. The novel methods and techniques of the book are exemplified in case studies involving critical infrastructures in four industrial sectors, namely finance, healthcare, energy and communications. The peculiarities of critical infrastructure protection in each one of these sectors is discussed and addressed based on sector-specific solutions. The advent of the fourth industrial revolution (Industry 4.0) is expected to increase the cyber-physical nature of critical infrastructures as well as their interconnection in the scope of sectorial and cross-sector value chains. Therefore, the demand for solutions that foster the interplay between cyber and physical security, and enable Cyber-Physical Threat Intelligence is likely to explode. In this book, we have shed light on the structure of such integrated security systems, as well as on the technologies that will underpin their operation. We hope that Security and Critical Infrastructure Protection stakeholders will find the book useful when planning their future security strategies

Stochastic propagation modeling and early detection of malicious mobile code

Epidemic models are commonly used to model the propagation of malicious mobile code like a computer virus or a worm. In this dissertation, we introduce stochastic techniques to describe the propagation behavior of malicious mobile code. We propose a stochastic infection-immunization (INIM) model based on the standard Susceptible-Infected-Removed (SIR) epidemic model, and we get an explicit solution of this model using probability generating function (pgf.). Our experiments simulate the propagation of malicious mobile code with immunization. The simulation results match the theoretical results of the model, which indicates that it is reliable to use INIM model to predict the propagation of malicious mobile code at the early infection stage when immunization factor is considered. In this dissertation, we also propose a control system that could automatically detect and mitigate the propagation of malicious mobile programs at the early infection stage. The detection method is based on the observation that a worm always opens as many connections as possible in order to propagate as fast as possible. To develop the detection algorithm, we extend the traditional statistical process control technique by adding a sliding window. We do the experiment to demonstrate the training process and testing process of a control system using both real and simulation data set. The experiment results show that the control system detects the propagation of malicious mobile code with zero false negative rate and less than 6% false positive rate. Moreover, we introduce risk analysis using Sequential Probability Ratio Test (SPRT) to limit the false positive rate. Examples of risk control using SPTR are presented. Furthermore, we analyze the network behavior using the propagation models we developed to evaluate the effect of the control system in a network environment. The theoretical analysis of the model shows that the propagation of malicious program is reduced when hosts in a network applied the control system. To verify the theoretical result, we also develop the experiment to simulate the propagation process in a network. The experiment results match the mathematical results