Ruiwen He,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/ei250167.2020.9346835

2020-01-01

Abstract:With the development of information technology and Power Internet of Things, the increasing number of networked terminals presents new network security threats. Industrial control equipment and systems have vulnerabilities in hardware, software and firmware, and advanced persistent threat against ICS has become more complex and diverse. However, most of the research are aimed at the detection of single vulnerability, and lack attack mechanism analysis and threat assessment for attack chain. We proposed a threat assessment method based on vulnerability descriptive text and described the attributes of attack samples according to the classification results in attack targets, methods and consequences. We constructed attack graphs based on attack sample attributes and cyber-physical topology to quantitatively evaluate the feasibility and benefits of each attack path from vulnerability capabilities and the impact of devices in the physical world. Finally, we took the substation device status monitoring system as an example to verify the feasibility of this method.

Yinan Wang,Gangfeng Yan,Ronghao Zheng

DOI: https://doi.org/10.3390/app8050768

2018-01-01

Applied Sciences

Abstract:The integration of modern computing and advanced communication with power grids has led to the emergence of electrical cyber-physical systems (ECPSs). However, the massive application of communication technologies makes the power grids become more vulnerable to cyber attacks. In this paper, we study the vulnerability of ECPSs and develop defence strategies against cyber attacks. Detection and protection algorithms are proposed to deal with the emergency of cascading failures. Moreover, we propose a weight adjustment strategy to solve the unbalanced power flows problem which is caused by splitting incidents. A MATLAB-based platform with advantages of easy programming, fast calculation, and no damage to systems is built for the offline simulation and analysis of the vulnerability of ECPSs. We also propose a five-aspect method of vulnerability assessment which includes the robustness, economic costs, degree of damage, vulnerable equipment, and trip point. The study is of significance to decision makers as they can get specific advice and defence strategies about a special power system.

Yan Liao

DOI: https://doi.org/10.12694/scpe.v25i1.2254

2024-01-04

Abstract:Insufficient communication attack defense capabilities within industrial control networks is a serious problem that is addressed in this study. The author proposes a methodology that focuses on creating attack graphs to ease security and vulnerability studies in industrial control network systems in order to address this issue. The article provides thorough construction guidance and techniques for attack graphs, which are used for penetration testing and vulnerability analysis of networks for industrial control systems. On the created attack graph, experimental evaluations utilizing the ``earthquake net'' virus were carried out. The findings point to four main attack routes where the ``Zhenwang'' virus is most likely going to attack and cause the most damage. With a loss value of 12.2 and an attack success chance of 0.096, the first path involves cumulative attack stages. The second path consists of cumulative attack steps, with a loss value of 10.2 and an attack success probability of 0.072. The third path encompasses cumulative attack steps, with a loss value of 16.6 and an attack success probability of 0.063. The fourth path comprises cumulative attack steps, with a loss value of 18.6 and an attack success probability of 0.084.

He Wen

DOI: https://doi.org/10.48550/arXiv.2306.08631

2023-06-15

Abstract:Cyberattacks on industrial control systems (ICS) have been drawing attention in academia. However, this has not raised adequate concerns among some industrial practitioners. Therefore, it is necessary to identify the vulnerable locations and components in the ICS and investigate the attack scenarios and techniques. This study proposes a method to assess the risk of cyberattacks on ICS with an improved Common Vulnerability Scoring System (CVSS) and applies it to a continuous stirred tank reactor (CSTR) model. The results show the physical system levels of ICS have the highest severity once cyberattacked, and controllers, workstations, and human-machine interface are the crucial components in the cyberattack and defense.

Cryptography and Security,Artificial Intelligence

Yixiong Wu,Shangru Song,Jianwei Zhuge,Tingting Yin,Tianyi Li,Junmin Zhu,Guannan Guo,Yue Liu,Jianju Hu

DOI: https://doi.org/10.1007/978-3-031-37807-2_1

2022-01-01

Abstract:Industrial Control Systems (ICS) play an important role in modern Industrial manufacturing and city life, as well as an critical attack surface. However, many ICS devices are deployed without proper security consideration, such as being exposed to the public Internet without protection. Furthermore, the ICS devices are hardly updated or patched due to the stability requirements. Therefore, the Internet-accessible ICS devices generally have publicly known vulnerabilities, which makes them fragile victims. In this work, we propose a method to measure the security status of Internet-facing ICS devices in a passive way and develop a prototype ICScope. With ICScope, we can find vulnerable devices without actively scanning the ICS device, which may have negative effects on their normal operation. ICScope collects device information from multiple public search engines like Shodan, gets vulnerability information from vulnerability databases like NVD, and matches them according to the vendors, products, and versions. ICScope can deal with the incomplete device data collected from the search engines and has taken the honeypots into consideration. We use ICScope to launch a comprehensive evaluation of the ICS devices exposed to the Internet between Dec 2019 and Jan 2020, including 466K IPs. The result shows that 49.58% of Internet-facing ICS devices have at least one publicly known vulnerability. We also observed a downward trend in the number of ICS devices and their vulnerable percentage during our measurement spanning 1.5 years.

Yixiong Wu,Jianwei Zhuge,Tingting Yin,Tianyi Li,Junmin Zhu,Guannan Guo,Yue Liu,Jianju Hu

DOI: https://doi.org/10.5220/0010327902370248

2021-01-01

Abstract:The number of Internet-facing industrial control system(ICS) devices has risen rapidly due to remote control demand. Going beyond benefits in maintenance, this also exposes the fragile ICS devices to cyber-attackers. To characterize the security status of Internet-facing ICS devices, we analyze the exposed ICS devices and their vulnerabilities. Considering the ethic, we design and implement ICScope, a passive vulnerability assessment system based on device search engines. Firstly, ICScope extracts the ICS device information from the banners returned by multiple search engines. Then, ICScope filters out the possible ICS honeypots to guarantee accuracy. Finally, ICScope associates ICS vulnerabilities with each ICS device. Over the past year, our measurements cover more than 466,000 IPs. We first perform a comprehensive measurement of Internet-facing ICS devices from Dec 2019 to Jan 2020. We find that there are about 49.58% of Internet-facing ICS devices that can be identified are affected by one or more vulnerabilities. We also conduct three times experiments from Jun 2020 to Dec 2020 to monitor the security status of Internet-facing ICS devices. We observe a slowly decreasing trend in the number of vulnerable ICS devices during our experiment period.

Chen Weihua,Jiang Quanyuan,Cao Yijia

DOI: https://doi.org/10.1109/ipec.2005.207004

2005-01-01

Abstract:With the increasing utilization of HVDC system, security assessment of HVDC system has become a hot topic. This paper presents a novel approach using the framework of vulnerability to assess HVDC system security. First, equivalent models of HVDC systems, based on Markov model and logical diagram, are built to solve "dimension disaster" problem. Second, the risk index is used as an indicator of the level of security, and its sensitivity to a changing system parameter is used as an indicator of its trend. These two indicators are combined to determine the degree of HVDC system vulnerability to contingent disturbances. Finally, artificial neural network (ANN) is applied to the fast pattern recognition and classification of system vulnerability status. A case of Gezhouba-Shanghai HVDC system in China is presented to verify correctness and effectiveness of the approach.

张恺伦,江全元

2013-01-01

Abstract:With the promotion and application of wide area measurement systems (WAMS) in power system, the security of its communication system is attracting a growing body of research. To analyze the vulnerability of WAMS communication infrastructures when facing network intrusions, an assessing method of vulnerability based on attack tree model is proposed. First, the attack tree model of WAMS communication system is established, which directly reflects the intrusion scenarios when the system is maliciously attacked. Second, a more reasonable assessing method for the vulnerability of passwords and ports is proposed, as well as the vulnerability of the system with all scenarios taken into consideration. Finally, the paper puts forth the concept of vulnerability sensitivity, which can quantitatively evaluate the effect of changes in the leaf vulnerability on the system, so as to find out the critical port.

Heng Zhang,Yinchu Wang,Yawen Xue,Ruilong Deng,Hongran Li,Jian Zhang

DOI: https://doi.org/10.23919/ccc63176.2024.10662787

2024-01-01

Abstract:Industrial network control systems (INCSs) are easy to be targeted by attackers due to their high economic value. Most of the existing defense methods are deployed at the network boundary, which causes high-security risks to INCS once an attacker enters the system. In addition, many existing intrusion detection systems (IDSs) build detection models based on historical data. When INCS lacks sufficient historical data, it is difficult to build detection models with high accuracy. In this paper, we propose a trust assessment model for INCS based on Fourier series fitting employing concept of zero trust to assess the real-time trust of INCS. The model alerts when INCS has low trust. We test two data injection attacks in the experiment to prove the effectiveness of our approach.

Muye Li,Yibin Huang,Heng Pan

DOI: https://doi.org/10.1109/iaeac47372.2019.8997670

2019-12-01

Abstract:In recent years, safety incidents of industrial control systems (ICS) have occurred frequently. On the one hand, the gradual adaptation of standards, general communication protocols and software and hardware systems to ICS reduces the attack difficulty of ICS. On the other hand, more and more vulnerability researchers focus on ICS which is becoming the focus of network attackers. This paper analyses the vulnerability and security risks of the current ICS architecture, network environment, communication protocols and supporting software. With the help of the concept of Cyber Kill Chain, the two stages of network attack in ICS are elaborated in detail. Combining with Havex and Stuxnet virus, the mechanism of network intrusion attack in ICS is analyzed comprehensively and thoroughly, which provides effective technical support for the research of ICS network attack defense.

Zhenyong Zhang,Ruilong Deng,David K. Y. Yau,Peng Cheng

DOI: https://doi.org/10.1109/jiot.2021.3049818

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:Data integrity attack (DIA) is one class of threatening cyber attacks against the Internet-of-Things (IoT)-based smart grid. With the assumption that the attacker is capable of obtaining complete or incomplete information of the system topology and branch parameters, it has been widely recognized that the highly synthesized DIA can evade being detected and undermine the smart grid state estimation. However, the branch parameters cannot be easily obtained or inferred by the attacker in practice. They can be changed or disturbed with time. In this article, we complete the class of DIA by designing the zero-parameter-information DIA (ZDIA), which makes it possible for the attacker to execute stealthy data tampering attacks without any information of the branch parameters. Only the topology information about the cut line is required to construct such attack. We prove that, the attacker can arbitrarily modify the state estimate of a one-degree bus , which is connected to the outside only by a single cut line; and modify the state estimates of all buses, with the same arbitrary bias, in a one-degree super-bus , which is a group of buses that is connected to the outside only by a single cut line. Besides, we extend ZDIA to the cases where a bus and super-bus are connected to the outside only by several cut lines. Moreover, we propose two countermeasures to address the topology vulnerability exploited by ZDIA, and present a branch perturbation strategy to defend against general DIAs. Finally, we conduct extensive simulations with the IEEE standard power systems to validate the theoretical results.

Xiaosheng Chen,Wendi Shen,Genke Yang

DOI: https://doi.org/10.1109/IECON48115.2021.9589233

2021-01-01

Abstract:Security evaluation is an essential activity for understanding the risks of industrial networks. Constant changes in networks and updates of security vulnerabilities lead to increasing costs of security testing. To realize the combined exploitation of multiple vulnerabilities in the industrial control network, Knowledge Graph is proposed to be applied in knowledge-driven attack strategy generation in this paper. A graph paradigm of knowledge about vulnerability exploitation is established by integrating and extracting multi-dimensional domain knowledge. By occupying each device-level node, attack strategies based on domain knowledge improve the performance in comprehensive vulnerability exploitation and flexible response. The feasibility of our method is demonstrated through an industrial network example.

CHEN Wei-hua,JIANG Quan-yuan,CAO Yi-jia,HAN Zhen-xiang

DOI: https://doi.org/10.3321/j.issn:1000-3673.2005.04.004

2005-01-01

Abstract:Based on probability theory the risk theory was applied to the vulnerability assessment of power system. Here, the power system was defined as a vulnerable system and a set of risk indices to assess the power system vulnerability and corresponding algorithm were built, thus the defects of traditional determinsistic security assessment method, which cannot satisfy the requirement of electricity market and complicated power grid, could be overcome. On this basis, a risk theory and risk indices based power system vulnerability assessment software was developed. Taking the New England test system for example, the effectiveness and advanced property of the presented method were proved.

Jinwei Yang,Yu Yang,Lu Zheng,Ruixia Cheng,Shengnan Lin

DOI: https://doi.org/10.1088/1742-6596/2310/1/012071

2022-10-11

Journal of Physics: Conference Series

Abstract:Network security situation awareness (NSSA) can analyze current network status and predict trends. Intrusion detection systems are used as sources of security factor in situational awareness, and their accuracy affects the assessment of network security. The attack graph can filter out key nodes and enumerate possible attack paths, which has become the main method of risk assessment. Therefore, a network security situation assessment technology based on intrusion detection was proposed. The detection rate of the intrusion detection system was improved firstly, and then the attack graph was combined with the hidden Markov model (HMM) for network security assessment. The experimental results show that this method can effectively speculate the attack intention and reflect the results intuitively and roundly.

Shuliang Wang,Jianhua Zhang,Mingwei Zhao,Xu Min

DOI: https://doi.org/10.1016/j.physa.2017.01.003

2017-01-01

Abstract:This paper takes central China power grid (CCPG) as an example, and analyzes the vulnerability of the power systems under terrorist attacks. To simulate the intelligence of terrorist attacks, a method of critical attack area identification according to community structures is introduced. Meanwhile, three types of vulnerability models and the corresponding vulnerability metrics are given for comparative analysis. On this basis, influence of terrorist attacks on different critical areas is studied. Identifying the vulnerability of different critical areas will be conducted. At the same time, vulnerabilities of critical areas under different tolerance parameters and different vulnerability models are acquired and compared. Results show that only a few number of vertex disruptions may cause some critical areas collapse completely, they can generate great performance losses the whole systems. Further more, the variation of vulnerability values under different scenarios is very large. Critical areas which can cause greater damage under terrorist attacks should be given priority of protection to reduce vulnerability. The proposed method can be applied to analyze the vulnerability of other infrastructure systems, they can help decision makers search mitigation action and optimum protection strategy.

Chunjie Zhou,Bowen Hu,Yang Shi,Yu-Chu Tian,Xuan Li,Yue Zhao

DOI: https://doi.org/10.1109/jproc.2020.3034595

IF: 20.6

2021-04-01

Proceedings of the IEEE

Abstract:With the rapid development of functional requirements in the emerging Industry 4.0 era, modern industrial control systems (ICSs) are no longer isolated islands, making them more vulnerable to various cyberattack threats. Cyberattacks on ICSs may have disruptive consequences, such as significant social and economic losses. To proactively address the security issue of ICSs, this article presents a unified architectural approach from the perspectives of cyberthreats on ICSs, security-related ICS technologies, and methods for ICSs. It incorporates secure networks, secure control systems, secure physical processes, and their interactions seamlessly into a unified framework. To increase the resistance of ICSs against intrusions, the network security in our architectural approach is to secure the data in motion through the integration of secure network architecture, secure industrial network protocols, and secure end-to-end communications. The protection of control systems in our architectural approach is risk-based and hierarchical and encompasses prevention- and tolerance-centric defenses. It provides a layer-by-layer defense so that an acceptable level of cybersecurity risk is achieved and maintained. Aiming to maintain the stable operation of physical ICS processes, the secure control in our architectural approach implements a security process against process-aware attacks through a resilient safety control scheme. The global and systematic architectural approach presented in this article for the ICS cybersecurity will help facilitate the design and implementation of cyberattack-resilient ICSs in the networked world. For further development of ICS security technologies, emerging challenges are identified and discussed to motivate future research efforts.

engineering, electrical & electronic

Simon Unger,Ektor Arzoglou,Markus Heinrich,Dirk Scheuermann,Stefan Katzenbeisser

2023-07-26

Abstract:Risk assessment plays a crucial role in ensuring the security and resilience of modern computer systems. Existing methods for conducting risk assessments often suffer from tedious and time-consuming processes, making it challenging to maintain a comprehensive overview of potential security issues. In this paper, we propose a novel approach that leverages attack graphs to enhance the efficiency and effectiveness of risk assessment. Attack graphs visually represent the various attack paths that adversaries can exploit within a system, enabling a systematic exploration of potential vulnerabilities. By extending attack graphs with capabilities to include countermeasures and consequences, they can be leveraged to constitute the complete risk assessment process. Our method offers a more streamlined and comprehensive analysis of system vulnerabilities, where system changes, or environment changes can easily be adapted and the issues exposing the highest risk can easily be identified. We demonstrate the effectiveness of our approach through a case study, as well as the applicability by combining existing risk assessment standards with our method. Our work aims to bridge the gap between risk assessment practices and evolving threat landscapes, offering an improved methodology for managing and mitigating risks in modern computer systems.

Cryptography and Security

Feilong Zuo,Zhengxiong Luo,Junze Yu,Ting Chen,Zichen Xu,Aiguo Cui,Yu Jiang

DOI: https://doi.org/10.1109/tcad.2022.3201471

IF: 2.9

2022-01-01

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:Industrial control system (ICS) employs complex multistate protocols to realize high-reliability communication and intelligent control over automation equipment. ICS has been widely used in various embedded fields, such as autonomous vehicle systems, power automation systems, etc. However, in recent years, many attacks have been performed on ICS, especially its protocols, such as the hijacks over Jeep Uconnect and Tesla Autopilot autonomous systems, also the Stuxnet and DragonFly viruses over national infrastructures. It is important to guarantee the security of ICS protocols. In this article, we present Charon, an efficient fuzzing platform for the vulnerability detection of ICS protocol implementations. In Charon, we propose an innovative fuzzing strategy that leverages state guidance to maximize cross-state code coverage instead of focusing on isolated states during the fuzzing of ICS protocols. Moreover, we devise a novel feedback collection method that employs program status inferring to avoid the restart of the ICS protocol at each iteration, allowing for continuous fuzzing. We evaluate Charon on several popular ICS protocol implementations, including real-time publish subscribe, IEC61850-MMS, MQTT, etc. Compared with typical fuzzers, such as American fuzzy lop, Polar, AFLNET, Boofuzz, and Peach, it averagely improves branch coverage by 234.2%, 194.4%, 215.9%, 52.58%, and 35.18%, respectively. Moreover, it has already confirmed 21 previously unknown vulnerabilities (e.g., stack buffer overflow) among these ICS protocols, most of which are security critical and corresponding patches from vendors have been released accordingly.

Wenhui Hu,Long Zhang,Xueyang Liu,Yu Huang,Minghui Zhang,Liang Xing

DOI: https://doi.org/10.1109/bigdatasecurity-hpsc-ids49724.2020.00033

2020-01-01

Abstract:In view of the problem that the overall security of the network is difficult to evaluate quantitatively, we propose the edge authority attack graph model, which aims to make up for the traditional dependence attack graph to describe the relationship between vulnerability behaviors. This paper proposed a network security metrics based on probability, and proposes a network vulnerability algorithm based on vulnerability exploit probability and attack target asset value. Finally, a network security reinforcement algorithm with network vulnerability index as the optimization target is proposed based on this metric algorithm.

Chen,Gang Chen

DOI: https://doi.org/10.1109/aiipcc57291.2022.00077

2022-01-01

Abstract:With the rapid development and popular utilization of computer network system, the proportion of attacks against computer network system has been increasing year by year. The traditional security vulnerability assessment method only evaluates individual vulnerabilities in isolation, and the assessment results do not reflect the degree of impact of vulnerabilities on the whole network. To address this problem this paper proposes a computer network system security assessment method, which uses the CVSSv3 evaluation index to assess vulnerabilities based on vulnerability association graph and risk matrix, while taking into account the association relationship between the fore-order vulnerability nodes, back-order vulnerability nodes and the vulnerability itself. The vulnerability correlation hazard calculated by the method can accurately reflect the degree of impact of the vulnerability on the whole computer network system, and the accuracy and effectiveness of the method is proved through experiments.