2 research outputs found
Characterizing Cyber Attacks against Space Systems with Missing Data: Framework and Case Study
Cybersecurity of space systems is an emerging topic, but there is no single
dataset that documents cyber attacks against space systems that have occurred
in the past. These incidents are often scattered in media reports while missing
many details, which we dub the missing-data problem. Nevertheless, even
"low-quality" datasets containing such reports would be extremely valuable
because of the dearth of space cybersecurity data and the sensitivity of space
systems which are often restricted from disclosure by governments. This prompts
a research question: How can we characterize real-world cyber attacks against
space systems? In this paper, we address the problem by proposing a framework,
including metrics, while also addressing the missing-data problem, by
"extrapolating" the missing data in a principled fashion. To show the
usefulness of the framework, we extract data for 72 cyber attacks against space
systems and show how to extrapolate this "low-quality" dataset to derive 4,076
attack technique kill chains. Our findings include: cyber attacks against space
systems are getting increasingly sophisticated; and, successful protection
against on-path and social engineering attacks could have prevented 80% of the
attacks.Comment: Accepted for publication: IEEE International Conference on
Communications and Network Security 2023 (IEEE CNS
Comprehensive security strategy for all-optical networks
Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2015.Cataloged from PDF version of thesis.Includes bibliographical references (pages 107-109).Optical networking is a powerful means of communication in modem times of high bandwidth demands and high data speeds. While developments in optical networking continue to progress, however, the security implications they create have not yet caught up. In this thesis, we characterize a selection of damaging attacks against optical networks. By providing a detailed description of the attacks, we are also able to better understand their effects across the different layers of the network model. We also propose the current best practices for sensing and detection of these attacks when they occur, as well as mitigation techniques to limit the damage they incur. The attacks are not fully eliminated, however, and so we also identify remaining vulnerabilities these attacks can exploit. After characterizing the attacks, we propose a method for diagnosing attacks as they occur within a network given the analysis we have conducted. We also propose an algorithm for diagnosing attacks, as well as a monitoring system framework that relies on the establishment of autonomous zones of the network in order to efficiently limit damage and quarantine problem areas from the rest of the healthy network. This framework can be applied to a wide variety of network set-ups and topologies, with the ability to customize it to fit the needs of the system.by Antonia Lynn Feffer.S.M