Herding an Adversarial Attacker to a Safe Area for Defending Safety-Critical Infrastructure

This paper investigates a problem of defending safety-critical infrastructure from an adversarial aerial attacker in an urban environment. A circular arc formation of defenders is formed around the attacker, and vector-field based guidance laws herd the attacker to a predefined safe area in the presence of rectangular obstacles. The defenders' formation is defined based on a novel vector field that imposes super-elliptic contours around the obstacles, to closely resemble their rectangular shape. A novel finite-time stabilizing controller is proposed to guide the defenders to their desired formation while avoiding obstacles and inter-agent collisions. The efficiency of the approach is demonstrated via simulation results.Comment: ACC 201

Framework for Industrial Control System Honeypot Network Traffic Generation

Defending critical infrastructure assets is an important but extremely difficult and expensive task. Historically, decoys have been used very effectively to distract attackers and in some cases convince an attacker to reveal their attack strategy. Several researchers have proposed the use of honeypots to protect programmable logic controllers, specifically those used to support critical infrastructure. However, most of these honeypot designs are static systems that wait for a would-be attacker. To be effective, honeypot decoys need to be as realistic as possible. This paper introduces a proof-of-concept honeypot network traffic generator that mimics genuine control systems. Experiments are conducted using a Siemens APOGEE building automation system for single and dual subnet instantiations. Results indicate that the proposed traffic generator is capable of honeypot integration, traffic matching and routing within the decoy building automation network

No dark corners : defending against insider threats to critical infrastructure

CHDS State/LocalAn adversary who makes a frontal attack can be anticipated or repulsed. An adversary who attacks from within, however, cannot be so readily countered. This study intends to identify defenses against trust betrayers targeting critical infrastructure. Using a Delphi method, the study develops insights of experts from more mature arenas of defense against insider threats, such as workplace violence and counter-espionage, in order to assist infrastructure stewards with defending against the insider threat to critical infrastructure. The findings uncover flaws in institutional defenses that adversaries can exploit, with infiltrators posing a greater threat than disgruntled insiders. Resulting recommendations run counter to accepted wisdom. These recommendations shape the contours of a No Dark Corners approach that applies and extends seminal theories of Newman's Defensible Space and Kelling's Fixing Broken Windows. No Dark Corners replaces a laser for a flashlight. The laser is a narrow beam of workplace monitoring only by corporate sentinels, or security specialists. The flashlight is a broader beam of employee engagement and monitoring on the front lines at the team level. There are no easy answers. No Dark Corners shows promise in filling the gaps in traditional insider defenses to deliver the victory of ownership over surprise.http://archive.org/details/nodarkcornersdef109454656Security Unit Manager, Metropolitan Water District of Southern California author (civilian)

Defending Our Public Biological Databases as a Global Critical Infrastructure

Progress in modern biology is being driven, in part, by the large amounts of freely available data in public resources such as the International Nucleotide Sequence Database Collaboration (INSDC), the world's primary database of biological sequence (and related) information. INSDC and similar databases have dramatically increased the pace of fundamental biological discovery and enabled a host of innovative therapeutic, diagnostic, and forensic applications. However, as high-value, openly shared resources with a high degree of assumed trust, these repositories share compelling similarities to the early days of the Internet. Consequently, as public biological databases continue to increase in size and importance, we expect that they will face the same threats as undefended cyberspace. There is a unique opportunity, before a significant breach and loss of trust occurs, to ensure they evolve with quality and security as a design philosophy rather than costly “retrofitted” mitigations. This Perspective surveys some potential quality assurance and security weaknesses in existing open genomic and proteomic repositories, describes methods to mitigate the likelihood of both intentional and unintentional errors, and offers recommendations for risk mitigation based on lessons learned from cybersecurity

Critical Infrastructure Protection Metrics and Tools Papers and Presentations

Contents: Dr. Hilda Blanco: Prioritizing Assets in Critical Infrastructure Systems; Christine Poptanich: Strategic Risk Analysis; Geoffrey S. French/Jin Kim: Threat-Based Approach to Risk Case Study: Strategic Homeland Infrastructure Risk Assessment (SHIRA); William L. McGill: Techniques for Adversary Threat Probability Assessment; Michael R. Powers: The Mathematics of Terrorism Risk Stefan Pickl: SOA Approach to the IT-based Protection of CIP; Richard John: Probabilistic Project Management for a Terrorist Planning a Dirty Bomb Attack on a Major US Port; LCDR Brady Downs: Maritime Security Risk Analysis Model (MSRAM); Chel Stromgren: Terrorism Risk Assessment and Management (TRAM); Steve Lieberman: Convergence of CIP and COOP in Banking and Finance; Harry Mayer: Assessing the Healthcare and Public Health Sector with Model Based Risk Analysis; Robert Powell: How Much and On What? Defending and Deterring Strategic Attackers; Ted G. Lewis: Why Do Networks Cascade

THE DEPARTMENT OF DEFENSE’S NEW OPERATIONAL ENVIRONMENT: OT

The purpose of this thesis is to outline how the Department of Defense (DoD), through Cyber Command, can holistically incorporate the cybersecurity of both DoD and non-DoD critical infrastructure into its cyber operations framework. The United States and the DoD rely on critical infrastructure for basic life support to both civilians and the Armed Forces members tasked with the defense of this nation. Critical infrastructure is made up of industrial controls systems that fall under the taxonomy of operational technology (OT). In the 2018 Cyber Strategy, the DoD has been charged with defending both DoD and non-DoD critical infrastructure in a more aggressive posture to “defend forward.” To do this, the DoD needs to incorporate cybersecurity of critical infrastructure into the DoD’s holistic cybersecurity plan. However, the DoD has yet to address who will assume this mission, and how it will be accomplished. This research seeks to answer these questions and the reasons leading up to the DoD’s sudden change in policy

TRIDEnT: Building Decentralized Incentives for Collaborative Security

Sophisticated mass attacks, especially when exploiting zero-day vulnerabilities, have the potential to cause destructive damage to organizations and critical infrastructure. To timely detect and contain such attacks, collaboration among the defenders is critical. By correlating real-time detection information (alerts) from multiple sources (collaborative intrusion detection), defenders can detect attacks and take the appropriate defensive measures in time. However, although the technical tools to facilitate collaboration exist, real-world adoption of such collaborative security mechanisms is still underwhelming. This is largely due to a lack of trust and participation incentives for companies and organizations. This paper proposes TRIDEnT, a novel collaborative platform that aims to enable and incentivize parties to exchange network alert data, thus increasing their overall detection capabilities. TRIDEnT allows parties that may be in a competitive relationship, to selectively advertise, sell and acquire security alerts in the form of (near) real-time peer-to-peer streams. To validate the basic principles behind TRIDEnT, we present an intuitive game-theoretic model of alert sharing, that is of independent interest, and show that collaboration is bound to take place infinitely often. Furthermore, to demonstrate the feasibility of our approach, we instantiate our design in a decentralized manner using Ethereum smart contracts and provide a fully functional prototype.Comment: 28 page