A Novokhrestov,A Konev,A Shelupanov,A Buymov

DOI: https://doi.org/10.1088/1742-6596/1488/1/012002

2020-03-01

Journal of Physics: Conference Series

Abstract:Abstract The paper discusses methods for constructing threat models of information systems and computer networks. The disadvantages of existing approaches are highlighted. The authors propose an approach to building a computer network model, as well as describing threats to information and the system. The proposed approach takes into account the identified shortcomings of existing solutions and is aimed at reducing the impact of the subjective opinion of an expert when compiling lists of threats.

English Else

Aleksey Novokhrestov,Anton Konev,Alexander Shelupanov

DOI: https://doi.org/10.3390/sym11121506

2019-12-11

Symmetry

Abstract:This article highlights the issue of identifying information security threats to computer networks. The aim of the study is to increase the number of identified threats. Firstly, it was carried out the analysis of computer network models used to identify threats, as well as in approaches to building computer network threat models. The shortcomings that need to be corrected are highlighted. On the basis of the mathematical apparatus of attributive metagraphs, a computer network model is developed that allows to describe the software components of computer networks and all possible connections between them. On the basis of elementary operations on metagraphs, a model of threats to the security of computer network software is developed, which allows compiling lists of threats to the integrity and confidentiality of computer network software. These lists include more threats in comparison with the considered analogues.

Ruiwen He,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/ei250167.2020.9346835

2020-01-01

Abstract:With the development of information technology and Power Internet of Things, the increasing number of networked terminals presents new network security threats. Industrial control equipment and systems have vulnerabilities in hardware, software and firmware, and advanced persistent threat against ICS has become more complex and diverse. However, most of the research are aimed at the detection of single vulnerability, and lack attack mechanism analysis and threat assessment for attack chain. We proposed a threat assessment method based on vulnerability descriptive text and described the attributes of attack samples according to the classification results in attack targets, methods and consequences. We constructed attack graphs based on attack sample attributes and cyber-physical topology to quantitatively evaluate the feasibility and benefits of each attack path from vulnerability capabilities and the impact of devices in the physical world. Finally, we took the substation device status monitoring system as an example to verify the feasibility of this method.

Yulia Yu. Kosenkova,Sergei V. Romanovskii,Elena P. Tsatskina,,,

DOI: https://doi.org/10.28995/2686-679x-2023-2-46-69

2023-01-01

Abstract:The current stage of Russian society development is characterized by the implementation of measures aimed at the development of digital technologies and their introduction into various spheres of the economy. An example of an innovative digital breakthrough in Russia is the Federal Tax Service, which accumulates significant amounts of confidential information, maintains a large number of registries, and implements a large number of services, including those not related to taxation. The realization of threats to information security in relation to information and communication technologies of the Federal Tax Service can lead to negative consequences. The purpose of the study is to build a model that allows assessing the probability of occurrence of the threats in question and their impact on digital interaction system between tax authorities and taxpayers, and the security of databases formed by tax authorities. The study applies universal methods of scientific cognition and mathematical methods for the construction of a risk assessment model. As a result, a model is proposed that allows assessment of information security risks, which information and communication technologies of the Federal Tax Service of Russia are exposed to. The proposed model can be used both at various levels of tax administration and in other spheres of state and municipal administration.

A. M. Konakov,A. G. Pevneva

DOI: https://doi.org/10.21822/2073-6185-2023-50-4-109-114

2024-01-23

Abstract:Objective . The purpose of the study is the functionality of designing, building and implementing protection systems taking into account the time factor. Method . The analysis of the functional interaction of the construction of three sequentially interconnected dynamic models and data transfer between them is carried out. Result . A general model of the system of protection and forecasting of possible threats in ensuring the security of information and infrastructure, taking into account the time factor, has been developed and proposed for implementation. Conclusion . The field of information security considered in the article is a necessary component of ensuring the protection of information resources and related systems from various threats. The application of the basics of dynamic modeling of data, processes and structures in terms of time, allows you to assess risks and threats, identify certain significant shortcomings and eliminate them, thereby optimizing costs, increasing the efficiency of ensuring security

Xiaoyu Jiang,Zhiqiang Ge

DOI: https://doi.org/10.1109/tai.2022.3145335

2022-01-01

IEEE Transactions on Artificial Intelligence

Abstract:With the rapid development of information technology, intelligent upgrading of the manufacturing industry has broken the closed environment of traditional industrial control systems (ICS); thus, the information security of ICS has been seriously threatened. As part of ICS, the process monitoring system (PMS) is heavily subject to external risks. Data-driven PMSs have been widely used as initial lines of defense to ensure ICS safety. Once the PMS is under attack, the consequences on the whole ICS will be unimaginable. Unfortunately, the safety issues of the PMS have received inadequate attention. This article reveals PMS’s vulnerabilities through effective attacks. A novel method called subspace transfer network (STN) is proposed to conduct adversarial and poisoning attacks on the PMS simultaneously. Then the attack task flow is defined and explained to make online adversarial attacks and data poisoning on PMS. Meanwhile, aiming at two poisoning goals, targeted and untargeted attacks of STN are designed, respectively. Finally, the PMS’s fragility is verified in two industrial benchmarks.

O.I. Peliukh,M.V. Yesina,D.Yu. Holubnychyi

DOI: https://doi.org/10.30837/rt.2024.1.216.03

2024-03-20

Radiotekhnika

Abstract:In the modern world, information and communication systems (ICS) have become an integral part of our lives, processing, storing and transmitting information. However, this dependence makes them extremely vulnerable to various threats. The article examines the current threats that call into question the normal functioning of ICS. The authors emphasise the constant evolution of these threats, which makes them more complex and dangerous. This necessitates constant research and development of new methods and means of information protection, as well as raising awareness of ICS users about cyber threats. The purpose of the article is to study modern ICS threats and develop recommendations for improving the level of information security (IS). The article provides a classification of ICS IS threats by various criteria: by the basic principles of the cybersecurity triad (confidentiality, integrity and availability), by sources of threats (internal and external), by the amount of damage caused (from general to private), by the degree of impact (passive and active) and by the nature of occurrence (natural and artificial). The article reveals the sources of threats to ICS security: unintentional (related to user errors, software failures or hardware failures) and intentional (cyber-attacks aimed at causing damage to ICS). Particular attention is paid to cyberattacks that are becoming more widespread. The authors describe different types of cyberattacks, as well as methods and means of their implementation. An important aspect of the article is the development of recommendations for improving the level of security. Along with the technical aspects of protection, the article considers the importance of implementing organisational measures such as security policy, access control and privilege management. The article also draws attention to the importance of complying with international and national standards for the protection of information in ICS. These measures help to avoid leakage or prevent unauthorised access to valuable information.

Tomasz Ostwald

DOI: https://doi.org/10.48550/arXiv.1712.10243

2017-12-29

Abstract:Our decision-making processes are becoming more data driven, based on data from multiple sources, of different types, processed by a variety of technologies. As technology becomes more relevant for decision processes, the more likely they are to be subjects of attacks aimed at disrupting their execution or changing their outcome. With the increasing complexity and dependencies on technical components, such attempts grow more sophisticated and their impact will be more severe. This is especially important in scenarios with shared goals, which had to be previously agreed to, or decisions with broad social impact. We need to think about our decisions-making and underlying data analysis processes in a systemic way to correctly evaluate benefits and risks of specific solutions and to design them to be resistant to attacks. To reach these goals, we can apply experiences from threat modeling analysis used in software security. We will need to adapt these practices to new types of threats, protecting different assets and operating in socio-technical systems. With these changes, threat modeling can become a foundation for implementing detailed technical, organizational or legal mitigations and making our decisions more reliable and trustworthy.

Computers and Society

Kumar Saurabh,Deepak Gajjala,Krishna Kaipa,Ranjana Vyas,O. P. Vyas,Rahamatullah Khondoker

DOI: https://doi.org/10.1007/s13369-023-08600-3

IF: 2.807

2024-06-19

Arabian Journal for Science and Engineering

Abstract:Industrial cyber-physical systems (ICPS) are gradually integrating Information Technology (IT) and automating industrial processes, leading systems to become more vulnerable to malicious actors. Thus, to deploy secure Industrial Control and Production Systems (ICPS) in smart factories, cyber threats and risks must be addressed. To identify all possible threats, "Threat Modeling" is a promising solution. Despite the existence of numerous methodological solutions for threat modeling in Cyber-Physical Systems (CPS), current approaches are ad hoc and inefficient in providing clear insights to researchers and organizations involved in Industrial Internet of Things (IIoT) technologies. These approaches lack a comprehensive analysis of cyber threats and fail to facilitate effective path analysis across the ICPS lifecycle, incorporating smart manufacturing technologies and tools. To address these gaps, a novel quantitative threat modeling approach is proposed, aiming to identify probable attack vectors, assess the path of attacks, and evaluate the magnitude of each vector. This manuscript also explains the execution of the proposed approach through two case studies: the industrial manufacturing line, referred to as the Internet of Manufacturing (IoM), and the power industry, known as the Internet of Production (IoP).

multidisciplinary sciences

Jan von der Assen,Jasmin Hochuli,Thomas Grübl,Burkhard Stiller

2024-09-03

Abstract:Threat modeling has been successfully applied to model technical threats within information systems. However, a lack of methods focusing on non-technical assets and their representation can be observed in theory and practice. Following the voices of industry practitioners, this paper explored how to model insider threats based on business process models. Hence, this study developed a novel insider threat knowledge base and a threat modeling application that leverages Business Process Modeling and Notation (BPMN). Finally, to understand how well the theoretic knowledge and its prototype translate into practice, the study conducted a real-world case study of an IT provider's business process and an experimental deployment for a real voting process. The results indicate that even without annotation, BPMN diagrams can be leveraged to automatically identify insider threats in an organization.

Cryptography and Security

Andrei Brazhuk

2023-03-20

Abstract:For a long time threat modeling was treated as a manual, complicated process. However modern agile development methodologies and cloud computing technologies require adding automatic threat modeling approaches. This work considers two challenges: creating a set of machine-readable data flow diagrams that represent real cloud based applications; and usage domain specific knowledge for automatic analysis of the security aspects of such applications. The set of 180 semantic diagrams (ontologies and knowledge graphs) is created based on cloud configurations (Docker Compose); the set includes a manual taxonomy that allows to define the design and functional aspects of the web based and data processing applications; the set can be used for various research in the threat modeling field. This work also evaluates how ontologies and knowledge graphs can be used to automatically recognize patterns (mapped to security threats) in diagrams. A pattern represents features of a diagram in form of a request to a knowledge base, what enables its recognition in a semantic representation of a diagram. In an experiment four groups of the patterns are created (web applications, data processing, network, and docker specific), and the diagrams are examined by the patterns. Automatic results, received for the web applications and data processing patterns, are compared with the manual taxonomy in order to study challenges of automatic threat modeling.

Cryptography and Security,Artificial Intelligence

П.С. ИВЛИЧЕВ,Н.А. ИВЛИЧЕВА

DOI: https://doi.org/10.34925/eip.2023.159.10.192

2023-12-04

Экономика и предпринимательство

Abstract:В статье проводится анализ модели CVSS для информационных систем предприятий с одним периметром безопасности. Определяются условия, при котором угроза кибербезопасности будет являться критической. Сформулированы основные положения управления рисками безопасности информационной системы организации. Приведены рекомендации по применению методов защиты информации для нейтрализации критических угроз информационной безопасности. The article analyzes the CVSS model for enterprise information systems with a single security perimeter. The conditions under which the threat to cybersecurity will be critical are determined. The main provisions of the organization's information system security risk management are formulated. Recommendations on the use of information protection methods to neutralize critical threats to information security are given.

Dmitrii E. Belomoytsev,,Tamara M. Volosatova,Anastasiya A. Kozar,Mikhail V. Filippov,Nikolai V. Chichvarin,,,,

DOI: https://doi.org/10.28995/2686-679x-2021-3-52-73

2021-01-01

Abstract:The article presents results of researches and the analysis of means of unauthorized access and Directors of hindrances to means of communication and navigation of aircraft. It also shows that the issue of protecting automated systems of aviation equipment from threats to information security is becoming increasingly important in the context of an increase in the level of automation for prospective aircraft engines, onboard equipment, systems and units of aircraft, an increase in the complexity of onboard information systems. There is an analysis in the means of electronic warfare, capable of influencing the flight of an aircraft, both intentionally and unintentionally. There also is a statistical inference of aviation accidents on various aircraft flight phases. The airplane mathematical model constructed taking into account hindrances and harmful impacts on the onboard equipment is developed. Static stability of the plane longitudinal movement taking into account the external environment is investigated. The article gives results of a numerical experiment showing offered mathematical model high degree of adequacy. The materials of the publication contain the results of theoretical research and numerical experiment conducted using a mathematical model of the dynamics of controlled flight of the aircraft under the action of both natural noise and intentional harmful effects on the means of communication and navigation of AIRCRAFT, as well as hacker attacks on onboard computing facilities. The model is implemented in Matlab/Simulink, which allows building a workstation simulator. That in turn allows for taking into account the “human factor” when modeling the flight of an aircraft.

Paul Griffioen,Bruno Sinopoli

DOI: https://doi.org/10.48550/arXiv.2110.07771

2021-10-14

Cryptography and Security

Abstract:Threat modeling and risk assessments are common ways to identify, estimate, and prioritize risk to national, organizational, and individual operations and assets. Several threat modeling and risk assessment approaches have been proposed prior to the advent of the Internet of Things (IoT) that focus on threats and risks in information technology (IT). Due to shortcomings in these approaches and the fact that there are significant differences between the IoT and IT, we synthesize and adapt these approaches to provide a threat modeling framework that focuses on threats and risks in the IoT. In doing so, we develop an IoT attack taxonomy that describes the adversarial assets, adversarial actions, exploitable vulnerabilities, and compromised properties that are components of any IoT attack. We use this IoT attack taxonomy as the foundation for designing a joint risk assessment and maturity assessment framework that is implemented as an interactive online tool. The assessment framework this tool encodes provides organizations with specific recommendations about where resources should be devoted to mitigate risk. The usefulness of this IoT framework is highlighted by case study implementations in the context of multiple industrial manufacturing companies, and the interactive implementation of this framework is available at http://iotrisk.andrew.cmu.edu.

Partha Das Chowdhury,Maria Sameen,Jenny Blessing,Nicholas Boucher,Joseph Gardiner,Tom Burrows,Ross Anderson,Awais Rashid

DOI: https://doi.org/10.1002/spe.3341

2024-05-24

Software Practice and Experience

Abstract:Threat modeling is one of the foundations of secure systems engineering and must take heed of the context within which systems operate. In this work, we explore the extent to which real‐world systems engineering reflects a changing threat context. We examine the desktop clients of six widely used end‐to‐end‐encrypted mobile messaging applications to understand the extent to which they adjusted their threat model over space (when enabling clients on new platforms, such as desktop clients) and time (as new threats emerged). We experimented with short‐lived adversarial access against these desktop clients and analyzed the results using two popular threat elicitation frameworks, STRIDE and LINDDUN. The results demonstrate that system designers need to track threats in the evolving context within which systems operate and, more importantly, mitigate them by rescoping trust boundaries so that they remain consistent with administrative boundaries. A nuanced understanding of the relationship between trust and administration is vital for robust security, including the provision of safe defaults.

computer science, software engineering

Volodymyr DZHULIY,Natalia PETLIAK,Yuri KHMELNYTSKYI,Oleksandr PAKHAR,

DOI: https://doi.org/10.31891/2307-5732-2022-313-5-294-300

2022-10-27

Abstract:The tasks of analysis and classification of detection of existing mechanisms for the implementation of attacks and threats to information security, which can lead to unauthorized access to confidential information, disruption of the functioning of information systems, are relevant and prioritized at the current stage. The importance of the problems is connected with the following main factors: growth of variety and quantity of means of computer technology and spheres of human activity; a high level of trust in information and search systems for data processing and management; the growth of the number of users of the information space of interaction; accumulation of large volumes of various types of information, intensive exchange of data flow in the network between users, using a wide range of access mechanisms to confidential resources, information processes; industrial espionage and competitive struggle in the sphere of information services of society; insufficient number at the present stage of highly qualified specialists in the field of information security, market relations in the field of software development, maintenance, distribution, production of computing equipment for the implementation of information security. The presented model of the flow of text messages of thematic Internet resources of the information security forecasting system and the information model of the forum database of the thematic Internet resource, which differs from the known ones in its universality, allows to analyze and study the data flow of Internet forums implemented on the basis of popular software platforms for the development of discussion information thematic resources The model of the flow of text messages of thematic Internet forums allows statistical analysis and semantic filtering of messages, taking into account authorship, author rating, forum, time of creation, number of messages, forum topic, allows analysis and research of text messages of thematic Internet resources. Solving the set tasks will allow: to improve the quality of decisions made in the process of identifying and counteracting malicious information; sort information objects of influence for the operator by priority; set the input data settings of the system of detection and countermeasures against the spread of malicious information in networks.

Сергій Толюпа,Сергій Штаненко,Serhiі Tolіupa,,Serhii Shtanenko,

DOI: https://doi.org/10.17721/ists.2023.1.28-36

2023-01-01

Information systems and technologies security

Abstract:An effective solution to the problems of analysis and synthesis of information security management systems can not be provided by simple ways of simply describing their behavior in different conditions - systems engineering solves problems that require quantitative evaluation of characteristics. Such data, obtained experimentally or by mathematical modeling, should reveal the properties of information security management systems. The main one is efficiency, which means the degree of compliance of the results of information protection to the goal. The latter, depending on the resources available, the knowledge of developers and other factors, can be achieved to one degree or another, and there are alternative ways to implement it. In a number of publications the authors propose the basics of the categorical apparatus of set theory, which allows to explain the relationship between sets of threats and sets of information protection system, which allows to build different mathematical models to analyze information exchange systems in critical application systems. At present, the creation of information security management systems is not possible without research and generalization of world experience in building information systems and their constituent subsystems, one of the key of which are information protection and intrusion prevention systems. Components of the process of attacking the mechanisms of protection and blocking or destruction of cyber threats themselves are components of the mathematical support of such systems. The basis of such models is the mathematical apparatus, which should ensure the adequacy of modeling of information security processes for any conditions of cyber threats. When defining the mathematical apparatus, it is necessary to clearly understand how certain sets of cyber threats are built, and how the sets of cyber threat sets, sets of security system elements and sets of cyber attack detection systems, which should control the correctness of the information security process. The article analyzes various options for building models of information security management system and creates a mathematical model that takes into account the internal relationships of different subsets of components of the information security system under the influence of cyber threats.

Dariusz Laskowski,Piotr Łubkowski

DOI: https://doi.org/10.1007/978-3-319-07013-1_30

2014-01-01

Abstract:Transfer of information, between both the operator and the technical object (machine, robot, network, etc.) is related to the transport of data. This process is realized through terminals and interfaces for fixed and mobile, simple and complex structures of the system (usually the networks, such as telecommunication network, IP network, etc.). The required level of security can be achieved during both development of new and modernization of existing technical objects. Exploitation of technical systems enforces use of confidentiality mechanisms such as those related to the IPSec (Internet Protocol Security), DM/VPN (Dynamic Multipoint/Virtual Private Network), VLAN (Virtual Local Area Network) or FW (Firewall). Therefore, the paper proposes a complementary model of secure data transport which can be applied in a decentralized data base containing information about the state of a technical object. The models of secure data transfer used by IPSec, VPN and VLAN have been tested in several scenarios reflecting the transfer of sensitive data in the industrial sector between the Authorized Service Stations and the Head Office of the company. Performance tests and the obtained results are resultant of repetitive output data obtained on the basis of numerous experiments.

Aisha Kanwal Junejo,Michael Breza,Julie A. McCann

DOI: https://doi.org/10.3390/s23239500

IF: 3.9

2023-11-30

Sensors

Abstract:The modernization of logistics through the use of Wireless Sensor Network (WSN) Internet of Things (IoT) devices promises great efficiencies. Sensor devices can provide real-time or near real-time condition monitoring and location tracking of assets during the shipping process, helping to detect delays, prevent loss, and stop fraud. However, the integration of low-cost WSN/IoT systems into a pre-existing industry should first consider security within the context of the application environment. In the case of logistics, the sensors are mobile, unreachable during the deployment, and accessible in potentially uncontrolled environments. The risks to the sensors include physical damage, either malicious/intentional or unintentional due to accident or the environment, or physical attack on a sensor, or remote communication attack. The easiest attack against any sensor is against its communication. The use of IoT sensors for logistics involves the deployment conditions of mobility, inaccesibility, and uncontrolled environments. Any threat analysis needs to take these factors into consideration. This paper presents a threat model focused on an IoT-enabled asset tracking/monitoring system for smart logistics. A review of the current literature shows that no current IoT threat model highlights logistics-specific IoT security threats for the shipping of critical assets. A general tracking/monitoring system architecture is presented that describes the roles of the components. A logistics-specific threat model that considers the operational challenges of sensors used in logistics, both malicious and non-malicious threats, is then given. The threat model categorizes each threat and suggests a potential countermeasure.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Denys A. Flores,Ricardo Perugachi

DOI: https://doi.org/10.48550/arXiv.2306.04783

2023-06-08

Abstract:Computer systems process, store and transfer sensitive information which makes them a valuable asset. Despite the existence of standards such as ISO 27005 for managing information risk, cyber threats are increasing, exposing such systems to security breaches, and at the same time, compromising users' privacy. However, threat modelling has also emerged as an alternative to identify and analyze them, reducing the attack landscape by discarding low-risk attack vectors, and mitigating high-risk ones. In this work, we introduce a novel threat-modelling-based approach for risk management, using ISO 27005 as a baseline for integrating ISO 27001/27002 security controls with privacy regulations outlined in the European General Data Protection Regulation (GDPR). In our proposal, risk estimation and mitigation is enhanced by combining STRIDE and attack trees as a threat modelling strategy. Our approach is applied to an IoT case study, where different attacks are analyzed to determine their risk levels and potential countermeasures.

Cryptography and Security