Yinan Wang,Wei Li,Gangfeng Yan,Sumian Song

DOI: https://doi.org/10.1109/icit.2017.7915433

2017-01-01

Abstract:This paper proposes an unified framework for electrical cyber physical systems (ECPSs) and studies the mechanism of cyber attacks and cyber security. Communication networks are designed by characteristics of power grids. This model is universal to both transmission and distribution grids. The fragility of ECPSs under cyber attacks (DoS attacks and false data injection attacks) is analyzed in three scenarios based on different types and attackers' acknowledgments of the ECPSs. It has been proved that attacks happen at information uploading routers or control strategy downloading routers will influence the system differently. The effectiveness of relay protection policies and cyber security policies are verified by experimental results.

Hongyan Liu,Xiang Chen,Yi Shen,Qun Huang,Zhengyan Zhou,Dong Zhang,Chunming Wu

DOI: https://doi.org/10.1109/iwqos57198.2023.10188714

2023-01-01

Abstract:In programmable networks, some networking systems coordinate data plane switches to realize in-network functions (e.g., in-band network telemetry). However, the vulnerabilities of inter-device coordination are still largely unknown and neglected, which is highly concerning given the increasing popularity of this paradigm. In this paper, we identify three attack scenarios built upon such vulnerabilities, where attackers mislead the behaviors of networking systems that exploit inter-device coordination to execute in-network functions. We implement 20 existing networking systems on Tofino-based switches and a simulator, and attack these systems with the identified attacks. The experimental results indicate that our attacks significantly interfere with the normal operations of the selected networking systems, e.g., the cache hit rate of NetCache drops 38%. Our analysis also demonstrates that none of existing methods can fully mitigate our attacks since they fail to verify the packets for inter-device coordination.

Christoph Ponikwar,Hans-Joachim Hof,Smriti Gopinath,Lars Wischhof

DOI: https://doi.org/10.48550/arXiv.1607.08277

2016-07-28

Abstract:In recent time, the standards for Vehicular Ad-hoc Networks (VANETs) and Intelligent Transportation Systems (ITSs) matured and scientific and industry interest is high especially as autonomous driving gets a lot of media attention. Autonomous driving and other assistance systems for cars make heavy use of VANETs to exchange <a class="link-external link-http" href="http://information.They" rel="external noopener nofollow">this http URL</a> may provide more comfort, security and safety for drivers. However, it is of crucial importance for the user's trust in these assistance systems that they could not be influenced by malicious users. VANETs are likely attack vectors for such malicious users, hence application-specific security requirements must be considered during the design of applications using VANETs. In literature, many attacks on vehicular communication have been described but attacks on specific vehicular networking applications are often missing. This paper fills in this gap by describing standardized vehicular networking applications, defining and extending previous attacker models, and using the resulting new models to characterize the possible attackers interested in the specific vehicular networking application. The attacker models presented in this paper hopefully provide great benefit for the scientific community and industry as they allow to compare security evaluations of different works, characterize attackers, their intentions and help to plan application-specific security controls for vehicular networking applications.

Cryptography and Security,Networking and Internet Architecture

Yan Liao

DOI: https://doi.org/10.12694/scpe.v25i1.2254

2024-01-04

Abstract:Insufficient communication attack defense capabilities within industrial control networks is a serious problem that is addressed in this study. The author proposes a methodology that focuses on creating attack graphs to ease security and vulnerability studies in industrial control network systems in order to address this issue. The article provides thorough construction guidance and techniques for attack graphs, which are used for penetration testing and vulnerability analysis of networks for industrial control systems. On the created attack graph, experimental evaluations utilizing the ``earthquake net'' virus were carried out. The findings point to four main attack routes where the ``Zhenwang'' virus is most likely going to attack and cause the most damage. With a loss value of 12.2 and an attack success chance of 0.096, the first path involves cumulative attack stages. The second path consists of cumulative attack steps, with a loss value of 10.2 and an attack success probability of 0.072. The third path encompasses cumulative attack steps, with a loss value of 16.6 and an attack success probability of 0.063. The fourth path comprises cumulative attack steps, with a loss value of 18.6 and an attack success probability of 0.084.

Anthony Bahadir Lopez,Wen-Long Jin,Mohammad Adbullah Al Faruque

DOI: https://doi.org/10.1109/tits.2021.3123193

IF: 8.5

2021-01-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:With newer technologies, the embedded hardware and software in traditional vehicles and traffic control infrastructure continue to become more interconnected and more vulnerable. To assist in dealing with existing and potential vulnerabilities, we present a novel attack modeling methodology, taxonomy, and metrics (relative average waiting time, average network flow, impacts and rate of changes) to model, simulate, and meaningfully evaluate the security of Intelligent Transportation Systems. We implement our work in two different architectures: 1) Newell’s Car-Following Model with Bounded Acceleration (the BA-Newell Model) in Matlab and 2) Intelligent Driver Model in Veins. Our code is entirely open-sourced and will be maintained so that the ITS community may use it as a tool. We observe that the architectural-related metric values for sample attack simulation results are similar and transferable; where, for example, the rate of change values have range of average distances 1.8-3.5% for network flow impact and 3.3-9.6% for wait time impact.

engineering, electrical & electronic,transportation science & technology, civil

Jasmin Wachter

2023-11-17

Abstract:Graph models are helpful means of analyzing computer networks as well as complex system architectures for security. In this paper we evaluate the current state of research for representing and analysing cyber-attack using graph models, i.e. attack graph (AG) formalisms. We propose a taxonomy on attack graph formalisms, based on 70 models, which we analysed with respect to their \textit{graph semantic}, involved agents and analysis features. Additionally, we adress which formalisms allow for automatic attack graph generation from raw or processes data inputs. Our taxonomy is especially designed to help users and applied researchers identify a suitable AG model for their needs. A summary of the individual AG formalisms is provided as supplementary material.

Cryptography and Security

Sung -Do Chi,Jong Sou Park,Ki -Chan Jung,Jang -Se Lee

DOI: https://doi.org/10.1007/3-540-47719-5_26

2001-01-01

Abstract:The major objective of this paper is to develop the network security modeling and cyber attack simulation that is able to classify threats, specify attack mechanisms, verify protection mechanisms, and evaluate consequences. To do this, we have employed the advanced modeling and simulation concepts such as System Entity Structure / Model Base framework, DEVS (Discrete Event System Specification) formalism, and experimental frame concept underlying the object-oriented S/W environment. Our approach is to show the difference from others in that (i) it supports a hierarchical and modular modeling environment, (ii) it generates the command-level behavior of cyber attack scenario, (iii) it provides an efficient model building environment based on the experimental frame concept, and (iv) it supports the vulnerability analysis of given node on the network. Simulation test performed on sample network system will illustrate our techniques.

Christian M. Schneider,Andre A. Moreira,Jose S. Andrade Jr.,Shlomo Havlin,Hans J. Herrmann

DOI: https://doi.org/10.1073/pnas.1009440108

2011-03-09

Abstract:Terrorist attacks on transportation networks have traumatized modern societies. With a single blast, it has become possible to paralyze airline traffic, electric power supply, ground transportation or Internet communication. How and at which cost can one restructure the network such that it will become more robust against a malicious attack? We introduce a unique measure for robustness and use it to devise a method to mitigate economically and efficiently this risk. We demonstrate its efficiency on the European electricity system and on the Internet as well as on complex networks models. We show that with small changes in the network structure (low cost) the robustness of diverse networks can be improved dramatically while their functionality remains unchanged. Our results are useful not only for improving significantly with low cost the robustness of existing infrastructures but also for designing economically robust network systems.

Physics and Society,Social and Information Networks,Computational Physics

Simon Yusuf Enoch,Mengmeng Ge,Jin B. Hong,Dong Seong Kim

DOI: https://doi.org/10.1109/rams48097.2021.9605784

2021-05-24

Abstract:Summary &amp; Conclusions Model-based evaluation in cybersecurity has a long history. Attack Graphs (AGs) and Attack Trees (ATs) were the earlier developed graphical security models for cybersecurity analysis. However, they have limitations (e.g., scalability problem, state-space explosion problem, etc.) and lack the ability to capture other security features (e.g., countermeasures). To address the limitations and to cope with various security features, a graphical security model named attack countermeasure tree (ACT) was developed to perform security analysis by taking into account both attacks and countermeasures. In our research, we have developed different variants of a hierarchical graphical security model to solve the complexity, dynamicity, and scalability issues involved with security models in the security analysis of systems. In this paper, we summarize and classify security models into the following; graph-based, tree-based, and hybrid security models. We discuss the development of a hierarchical attack representation model (HARM) and different variants of the HARM, its applications, and usability in a variety of domains including the Internet of Things (IoT), Cloud, Software- Defined Networking, and Moving Target Defenses. Moreover, we discuss the pros and cons of each variant of HARM based on its applications and usage. Furthermore, several security metrics have been developed to be used with the graphical security model (including HARMs) to analyze the security posture of the systems and evaluate the effectiveness of defense mechanisms which is also being taken as input into optimization algorithms to compute optimal defense deployment. Thus, we provide the classification of the security metrics, including their discussions. Finally, we highlight existing problems and suggest future research directions in the area of graphical security models and applications. As a result of this work, a decision-maker can understand which type of HARM will suit their network or security analysis requirements.

Yunpeng Li,Xi Li

DOI: https://doi.org/10.1155/2021/9921731

2021-05-07

Scientific Programming

Abstract:With the rapid development of the Internet, network attacks often occur, and network security is widely concerned. Searching for practical security risk assessment methods is a research hotspot in the field of network security. Network attack graph model is an active detection technology for the attack path. From the perspective of the attacker, it simulated the whole network attack scenario and then presented the dependency among the vulnerabilities in the target network in the way of directed graph. It is an effective tool for analyzing network vulnerability. This paper describes in detail the common methods and tools of network security assessment and analyzes the construction of theoretical model of attack graph, the optimization technology of attack graph, and the research status of qualitative and quantitative analysis technology of attack graph in network security assessment. The attack graph generated in the face of large-scale network is too complex to find the key vulnerability nodes accurately and quickly. Optimizing the attack graph and solving the key attack set can help the security manager better understand the security state of the nodes in the network system, so as to strengthen the security defense ability and guarantee the security of the network system. For all kinds of loop phenomena of directed attribute attack graph, the general method of eliminating loop is given to get an acyclic attack graph. On the basis of acyclic attack graph, an optimization algorithm based on path complexity is proposed, which takes atomic attack distance and atomic weight into consideration, and on the basis of simplified attack graph, minimum-cost security reinforcement is carried out for the network environment. Based on the ant colony algorithm, the adaptive updating principle of changing pheromone and the local searching strategy of the adaptive genetic algorithm are proposed to improve the ant colony algorithm. The experimental results show that compared with the ant colony algorithm, the improved ant colony algorithm can speed up the process of solving the optimal solution. When the number of attack paths is large, the advantages of the improved ant colony algorithm in solving accuracy and late search speed are more obvious, and it is more suitable for large-scale networks.

computer science, software engineering

Ariel Futoransky,Luciano Notarfrancesco,Gerardo Richarte,Carlos Sarraute

DOI: https://doi.org/10.48550/arXiv.1006.1916

2010-06-10

Abstract:In this work we start walking the path to a new perspective for viewing cyberwarfare scenarios, by introducing conceptual tools (a formal model) to evaluate the costs of an attack, to describe the theater of operations, targets, missions, actions, plans and assets involved in cyberwarfare attacks. We also describe two applications of this model: autonomous planning leading to automated penetration tests, and attack simulations, allowing a system administrator to evaluate the vulnerabilities of his network.

Cryptography and Security,Artificial Intelligence

Ranwa Al Mallah,Talal Halabi,Bilal Farooq

DOI: https://doi.org/10.1145/3592799

IF: 2.717

2023-04-17

ACM Transactions on Privacy and Security

Abstract:Connected and Autonomous Vehicles (CAVs) with their evolving data gathering capabilities will play a significant role in road safety and efficiency applications supported by Intelligent Transport Systems (ITS), such as Traffic Signal Control (TSC) for urban traffic congestion management. However, their involvement will expand the space of security vulnerabilities and create larger threat vectors. In this paper, we perform the first detailed security analysis and implementation of a new cyber-physical attack category carried out by the network of CAVs against Adaptive Multi-Agent Traffic Signal Control (AMATSC), namely, coordinated Sybil attacks, where vehicles with forged or fake identities try to alter the data collected by the AMATSC algorithms to sabotage their decisions. Consequently, a novel, game-theoretic mitigation approach at the application layer is proposed to minimize the impact of such sophisticated data corruption attacks. The devised minimax game model enables the AMATSC algorithm to generate optimal decisions under a suspected attack, improving its resilience. Extensive experimentation is performed on a traffic dataset provided by the City of Montréal under real-world intersection settings to evaluate the attack impact. Our results improved time loss on attacked intersections by approximately 48.9%. Substantial benefits can be gained from the mitigation, yielding more robust adaptive control of traffic across networked intersections.

computer science, information systems

Anmin Xie,Cong Tang,Nike Gui,Zhuhua Cai,Jian-bin Hu,Zhong Chen

DOI: https://doi.org/10.1109/ICC.2010.5502655

2010-01-01

Abstract:To protect our networks against malicious intrusions, we need to evaluate these networks security. Previous works on attack graphs have provided meaningful conclusions on security measurement. However, large attack graphs are still hard to be understood vividly, and few suggestions have been proposed to prevent inside malicious attackers from attacking networks. To address these problems, we propose a novel approach to evaluate network security based on adjacency matrixes, which are constructed from existing attack graphs. With our model, we use gray scale images to show overall security vividly, and get quantitative evaluation scores. Moreover, we create a prioritized list of potential threatening hosts, which can help network administrators to harden network step by step. Analysis on computation cost shows that the upper bound computation cost of our measurement methodology is O(N3), which could be completed in real time. We also give an example to show how to put our methods in practice.

CHENG Ye-xia,JIANG Wen,XUE Zhi,CHENG Ye-yan

DOI: https://doi.org/10.3969/j.issn.1002-0802.2012.09.028

2012-01-01

Abstract:In order to strengthen the security of network and carry out analysis and assessment of network threats,and based on the characteristics of attack graph,an automatic network threats modeling method for attack graph is proposed.Before generating attack graph,the network threats model is abstracted,including the information of four components such as host,topology,vulnerability and attacker.Then in accordance with the network threats model,the automatic modeling method and its automatic flow are given.Based on these and model checking algorithm,and in combination of Büchi model and CTL description,the attack graph is generated.The research could lay a foundation for the application of attack graph.

Tan Duy Le,Mengmeng Ge,Phan The Duy,Hien Do Hoang,Adnan Anwar,Seng W. Loke,Razvan Beuran,Yasuo Tan

DOI: https://doi.org/10.1007/978-3-030-69514-9_11

2021-01-01

Abstract:Smart Grid is one of the critical technologies that provide essential services to sustain social and economic developments. There are various cyber attacks on the Smart Grid system in recent years, which resulted in various negative repercussions. Therefore, understanding the characteristics and evaluating the consequences of an attack on the Smart Grid system is essential. The combination of Graphical Security Model (GrSM), including Attack Tree (AT) and Attack Graph (AG), and the Common Vulnerability Score System (CVSS) is a potential technology to analyze attack on Smart Grid system. However, there are a few research works about Smart Grid attack analysis using GrSM and CVSS. In this research, we first conduct a comprehensive study of the existing research on attack analysis using GrSM and CVSS, ranging from (1) Traditional Networks, (2) Emerging Technologies, to (3) Smart Grid. We indicate that the framework for automating security analysis of the Internet of Things is a promising direction for Smart Grid attack analysis using GrSM and CVSS. The framework has been applied to assess security of the Smart Grid system. A case study using the PNNL Taxonomy Feeders R4-12.47-2 and Smart Grid network model with gateways was conducted to validate the utilized framework. Our research is enriched by capturing all potential attack paths and calculating values of selected security metrics during the vulnerability analysis process. Furthermore, AG can be generated automatically. The research can potentially be utilized in Smart Grid cybersecurity training.

hasan cam,pierre mouallem,yilin mo,bruno sinopoli,benjamin nkrumah

DOI: https://doi.org/10.1109/CogSIMA.2014.6816560

2014-01-01

Abstract:A distributed cyber control system comprises various types of assets, including sensors, intrusion detection systems, scanners, controllers, and actuators. The modeling and analysis of these components usually require multi-disciplinary approaches. This paper presents a modeling and dynamic analysis of a distributed cyber control system for situational awareness by taking advantage of control theory and time Petri net. Linear time-invariant systems are used to model the target system, attacks, assets influences, and an anomaly-based intrusion detection system. Time Petri nets are used to model the impact and timing relationships of attacks, vulnerability, and recovery at every node. To characterize those distributed control systems that are perfectly attackable, algebraic and topological attackability conditions are derived. Numerical evaluation is performed to determine the impact of attacks on distributed control system.

Rami Puzis,Hadar Polad,Bracha Shapira

DOI: https://doi.org/10.48550/arXiv.1903.02601

2019-03-07

Abstract:Before executing an attack, adversaries usually explore the victim's network in an attempt to infer the network topology and identify vulnerabilities in the victim's servers and personal computers. Falsifying the information collected by the adversary post penetration may significantly slower lateral movement and increase the amount of noise generated within the victim's network. We investigate the effect of fake vulnerabilities within a real enterprise network on the attacker performance. We use the attack graphs to model the path of an attacker making its way towards a target in a given network. We use combinatorial optimization in order to find the optimal assignments of fake vulnerabilities. We demonstrate the feasibility of our deception-based defense by presenting results of experiments with a large scale real network. We show that adding fake vulnerabilities forces the adversary to invest a significant amount of effort, in terms of time and exploitability cost.

Cryptography and Security,Artificial Intelligence

Orly Stan,Ron Bitton,Michal Ezrets,Moran Dadon,Masaki Inokuchi,Yoshinobu Ohta,Tomohiko Yagyu,Yuval Elovici,Asaf Shabtai

DOI: https://doi.org/10.48550/arXiv.1906.10943

2019-06-26

Abstract:Selecting the optimal set of countermeasures is a challenging task that involves various considerations and tradeoffs such as prioritizing the risks to mitigate and costs. The vast majority of studies for selecting a countermeasure deployment are based on a limited risk assessment procedure that utilizes the common vulnerability scoring system (CVSS). Such a risk assessment procedure does not necessarily consider the prerequisites and exploitability of a specific asset, cannot distinguish insider from outsider threat actor, and does not express the consequences of exploiting a vulnerability as well as the attacker's lateral movements. Other studies applied a more extensive risk assessment procedure that relies on manual work and repeated assessment. These solutions however, do not consider the network topology and do not specify the optimal position for deploying the countermeasures, and therefore are less practical. In this paper we suggest a heuristic search approach for selecting the optimal countermeasure deployment under a given budget limitation. The proposed method expresses the risk of the system using an extended attack graph modeling, which considers the prerequisites and consequences of exploiting a vulnerability, examines the attacker's potential lateral movements, and express the physical network topology as well as vulnerabilities in network protocols. In addition, unlike previous studies which utilizes attack graph for countermeasure planning, the proposed methods does not require re-generating the attack graph at each stage of the procedure, which is computationally heavy, and therefore it provides a more accurate and practical countermeasure deployment planning process.

Cryptography and Security

Zhiming Liu,Sheng Li,Jin He,Di Xie,Zhantao Deng

DOI: https://doi.org/10.1109/imccc.2012.50

2012-01-01

Abstract:Today's computer systems face lots of challenges in the fast rate of emerging security problems. To accurately assess the security of computer network systems, one must understand how vulnerabilities can be combined to stage an attack. Attack graphs are important tools for analyzing security vulnerabilities in enterprise networks. However, the complexity of traditional method for generating attack graphs increases dramatically as the network size grows. To solve this problem, the efficiency of attack graph generation method must be improved. Based on the analysis of generation approaches to attack graphs, an attack graph generation method for complex network is proposed in this paper. In this method, the network framework and key nodes can be analyzed and searched by loopholes scanning firstly. Then, starting from these key nodes, the algorithm which combined greedy policy, forward exploration and backward searching is used to generate the attack graph. Experimental results prove that the model can make a comprehensive analysis on network security and research the estimation of network attack.

Tao Zhang,Mingzeng Hu,Xiaochun Yun,Dong Li,Liang Sun

DOI: https://doi.org/10.3321/j.issn:1002-0470.2006.04.004

2006-01-01

Abstract:Aiming at the requirement of network security analysis, a flexible method to generate attack graph is presented. After analyzing network security attributes including the host, user privilege, connection relation, etc., the network security model is built, and the model could describe the network security status. A forward-search, breadth-first algorithm is used to produce attack route, and the tools Graphviz isutilized to generate the attack graph. The experimental rersults validate that our method is feasible.