Security threat probability computation using Markov Chain and Common Vulnerability Scoring System

© 2018 IEEE. Security metrics have become essential for assessing the security risks and making effective decisions concerning system security. Many security metrics rely on mathematical models, but are mainly based on empirical data, qualitative method, or compliance checking and this renders the outcome far from accurate. This paper proposes a novel approach to compute the probability distribution of cloud security threats based on Markov chain and Common Vulnerability Scoring System (CVSS). The paper gives an application on cloud systems to demonstrate the use of the proposed approach

A Threat Computation Model using a Markov Chain and Common Vulnerability Scoring System and its Application to Cloud Security

Copyright © 2019 Securing cyber infrastructures has become critical because they are increasingly exposed to attackers while accommodating a huge number of IoT devices and supporting numerous sophisticated emerging applications. Security metrics are essential for assessing the security risks and making effective decisions concerning system security. Many security metrics rely on mathematical models, but are mainly based on empirical data, qualitative methods, or compliance checking, and this renders the outcome far from satisfactory. Computing the probability of an attack, or more precisely a threat that materialises into an attack, forms an essential basis for a quantitative security metric. This paper proposes a novel approach to compute the probability distribution of cloud security threats based on a Markov chain and Common Vulnerability Scoring System. Moreover, the paper introduces the method to estimate the probability of security attacks. The use of the new security threat model and its computation is demonstrated through their application to estimating the probabilities of cloud threats and types of attacks

Application of Bayesian network to data-driven cyber-security risk assessment in SCADA networks

Supervisory control and data acquisition (SCADA) systems are the key driver for critical infrastructures and industrial facilities. Cyber-attacks to SCADA networks may cause equipment damage or even fatalities. Identifying risks in SCADA networks is critical to ensuring the normal operation of these industrial systems. In this paper we propose a Bayesian network-based cyber-security risk assessment model to dynamically and quantitatively assess the security risk level in SCADA networks. The major distinction of our work is that the proposed risk assessment method can learn model parameters from historical data and then improve assessment accuracy by incrementally learning from online observations. Furthermore, our method is able to assess the risk caused by unknown attacks. The simulation results demonstrate that the proposed approach is effective for SCADA security risk assessment

Security risk assessment in industrial control systems

Funkcija daljinskog upravljanja industrijskim sistemom postavlja specifične zahteve za informacionu i komunikacionu infrastrukturu, koja treba da obezbedi procesiranje i siguran prenos heterogenih informacija sa različitim zahtevima za kvalitet servisa. Komunikacija se ostvaruje između centra upravljanja i objekata industrijskog sistema, kao i između distribuiranih centara upravljanja. Usvajanje otvorenih komunikacionih standarda, korišćenje otvorenih softverskih platformi, povezanost sistema upravljanja sa drugim mrežama, daljinski pristup i dostupnost tehničkih informacija su razlozi zbog kojih je informaciona i komunikaciona infrastruktura savremenih industrijskih sistema daljinskog upravljnja, a posebno SCADA (Supervisory Control and Data Acquisition) sistema podložna različitim vrstama napada. Uzimajući u obzir evidentnu potrebu za implementacijom specifičnih mehanizama zaštite u mreži industrijskih sistema daljinskog upravljanja, poželjno je da se, pri projektovanju bezbednosnih sistema i kasnije u toku eksploatacije, izvrši procena bezbednosnog rizika, sa ciljem da se odredi racionalan nivo ulaganja u zaštitu. U disertaciji je prvo utvrđen stepen degradacije ključnih performansi telekomunikacione mreže SCADA sistema, simulacijom različitih uslova distribuiranih napada kao što je napad koji prouzrokuje odbijanje servisa (DDoS – Distributed Denial of Service). Zatim su predložena dva nova metoda procene bezbednosnog rizika u slučaju DDoS napada na infrastrukturu SCADA sistema. Prvi, osnovni metod, zasniva se na analizi arhivskih podataka, a pretpostavlja proračun povrata investicija u zaštitu pomoću skupa težinskih faktora, koji kvantifikuju uslove u kojima se dogodio napad. Drugi, hibridni metod, pored analize arhivskih podataka, uzima u obzir subjektivnu ocenu stručnjaka dobijenu na osnovu odgovarajućih anketa. U zavisnosti od primene metoda predložena su dva načina izražavanja mere rizika, kvalitativno i monetarno. Na kraju su predloženi postupci cost/benefit analize za preporučenu primenu IDPS (Intrusion Detection and Prevention System) mehanizama zaštite na osnovu procenjene mere rizika. Definisanje prihvatljivog praga za povrat investicija u zaštitu omogućuje donošenje odluke o racionalnom ulaganju u bezbednost SCADA sistema. Za testiranje predloženih metoda definisane su dve studije slučaja: studija slučaja u realnom okruženju protočne hidroelektrane i studija slučaja SCADA sistema u modelovanom magistralnom gasovodu. Rezultati studija slučaja su pokazali da su metodi pogodni za identifikaciju ranjivosti (vulnerability) sistema, praktični i primenljivi u različitim industrijskim sektorima. Pored toga, pokazalo se da su metodi efikasni u proceni mere bezbednosnog rizika od infrastukturnog napada i proceni isplativosti ulaganja u poboljšanje bezbednosti infrastrukture SCADA mreža. Studija slučaja u magistralnom gasovodu pokazala je da je drugi metod primenljiv i u fazi projektovanja sistema, kada arhive sa relevantnim podacima nisu dostupne. Na kraju disertacije, na bazi rezultata istraživanja, predložene su mere za ograničavanje bezbednosnog rizika u industrijskim sistemima daljinskog upravljanja.Remote control of industrial system poses specific requirements for information and communication infrastructure, which has to provide processing and secure transmission of heterogeneous information with different requirements for Quality of Service. Communication takes place between control center and industrial system devices, as well as among distributed control centers. Information and communication infrastructure of modern Supervisory Control and Data Acquisition (SCADA) systems is particularly vulnerable to different cyber security threats due to following reasons: adoption of open communication standards, use of open software platforms, connectivity with other networks, remote access, and availability of technical information. There is an evident need to implement specific security mechanisms in industrial control networks; hence, in order to determine a cost-effective level of investment, it is desirable to assess security risk during network design phase, as well as during network operation. In this thesis, we first investigate the level of network performance degradation in SCADA systems by simulation of different conditions of distributed attacks such as Distributed Denial of Service (DDoS). Further, two novel methods for security risk assessment are proposed for the case of DDoS attack on the SCADA system infrastructure. The first, basic method relies on the analysis of historical data, and assumes calculating return on security investment as a function of the set of weighting factors that quantify the attack conditions. The second, hybrid method takes into account both hictorical data and subjective assessment of experts, provided by appropriate questionnaires. Depending on method application two ways (qualitative and monetary) for expressing the risk measure are proposed. Finally, techniques of cost/benefit analysis are also proposed for recommended application of intrusion detection and prevention system, based on the assessed risk measure. Definition of acceptable threshold for return on security investment allows making decision about cost-effective level of investment in security of SCADA system. For testing of proposed risk assessment methods, two case studies are defined: the first one considers real environment of a run-off-river hydropower plant, and the second one investigates the SCADA system in a simulated main pipeline. The results of case studies have shown that proposed methods are suitable for identification of system’s vulnerability, useful and applicable in different industrial sectors. Besides, proposed methods are efficient in security risk assessment regarding infrastructure attacks as well as in analysis of investment feasibility regarding enhancement of the SCADA network infrastructure security. Case study of the main pipeline also shows that the second method is applicable in the system design phase when relevant historical data are not available