Threats, Countermeasures and Attribution of Cyber Attacks on Critical Infrastructures

As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a significant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threats to critical infrastructures along with protective measures that one nation can take, and which are classified according to legal, technical, organizational, capacity building, and cooperation aspects. Finally we provide an overview of current methods and practices regarding cyber attribution and cyber peace keeping.

[1]  Jiankun Hu,et al.  Network Traffic Analysis and SCADA Security , 2010, Handbook of Information and Communication Security.

[2]  Leandros A. Maglaras,et al.  Attribution of Cyber Attacks on Industrial Control Systems , 2016, EAI Endorsed Trans. Ind. Networks Intell. Syst..

[3]  Tzonelih Hwang,et al.  BSN-Care: A Secure IoT-Based Modern Healthcare System Using Body Sensor Network , 2016, IEEE Sensors Journal.

[4]  Leandros A. Maglaras,et al.  NIS directive: The case of Greece , 2018, EAI Endorsed Trans. Security Safety.

[5]  Leandros A. Maglaras,et al.  HEART-IS: A novel technique for evaluating human error-related information security incidents , 2019, Comput. Secur..

[6]  Mason Rice,et al.  Generating Honeypot Traffic for Industrial Control Systems , 2017, Critical Infrastructure Protection.

[7]  Steven E. Shladover,et al.  Potential Cyberattacks on Automated Vehicles , 2015, IEEE Transactions on Intelligent Transportation Systems.

[8]  Jeffrey L. Hieb,et al.  Cyber security risk assessment for SCADA and DCS networks. , 2007, ISA transactions.

[9]  Golden G. Richard,et al.  SCADA Systems: Challenges for Forensic Investigators , 2012, Computer.

[10]  Tanesh Kumar,et al.  Overview of 5G Security Challenges and Solutions , 2018, IEEE Communications Standards Magazine.

[11]  Mohamed Amine Ferrag,et al.  Cyber security of critical infrastructures , 2018, ICT Express.

[12]  Helge Janicke,et al.  An Introduction to Cyber Peacekeeping , 2017, J. Netw. Comput. Appl..

[13]  Leandros A. Maglaras,et al.  Intrusion detection in SCADA systems using machine learning techniques , 2014, 2014 Science and Information Conference.

[14]  Jeffrey G. Andrews,et al.  Physical Layer Security in Downlink Multi-Antenna Cellular Networks , 2013, IEEE Transactions on Communications.

[15]  G. Manimaran,et al.  Cybersecurity for Critical Infrastructures: Attack and Defense Modeling , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[16]  Tim Watson,et al.  A taxonomy of technical attribution techniques for cyber attacks , 2012 .

[17]  Helena Sandström,et al.  An Evaluation of Different IP Traceback Approaches , 2002, ICICS.

[18]  Christopher Krügel,et al.  Dynamic Analysis of Malicious Code , 2006, Journal in Computer Virology.

[19]  Dawn Xiaodong Song,et al.  Advanced and authenticated marking schemes for IP traceback , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[20]  Mohamed Amine Ferrag,et al.  A systematic review of data protection and privacy preservation schemes for smart grid communications , 2018 .

[21]  Leandros A. Maglaras,et al.  Measuring the Risk of Cyber Attack in Industrial Control Systems , 2016, ICS-CSR.

[22]  Kosmas Pipyros,et al.  A new strategy for improving cyber-attacks evaluation in the context of Tallinn Manual , 2018, Comput. Secur..

[23]  Sean Watts Tallinn manual on the international law applicable to cyber warfare , 2013 .

[24]  Angelo Gaeta,et al.  Resilience Analysis of Critical Infrastructures: A Cognitive Approach Based on Granular Computing , 2019, IEEE Transactions on Cybernetics.

[25]  Antonios Argyriou,et al.  Security for 4G and 5G Cellular Networks: A Survey of Existing Authentication and Privacy-preserving Schemes , 2017, J. Netw. Comput. Appl..

[26]  William H. Sanders,et al.  SCPSE: Security-Oriented Cyber-Physical State Estimation for Power Grid Critical Infrastructures , 2012, IEEE Transactions on Smart Grid.

[27]  Tanesh Kumar,et al.  5G security: Analysis of threats and solutions , 2017, 2017 IEEE Conference on Standards for Communications and Networking (CSCN).

[28]  Cristina Alcaraz,et al.  A Survey of IoT-Enabled Cyberattacks: Assessing Attack Paths to Critical Infrastructures and Services , 2018, IEEE Communications Surveys & Tutorials.

[29]  Helge Janicke,et al.  Cyber warfare: Issues and challenges , 2015, Comput. Secur..

[30]  Göran N Ericsson,et al.  Cyber Security and Power System Communication—Essential Parts of a Smart Grid Infrastructure , 2010, IEEE Transactions on Power Delivery.

[31]  Leandros A. Maglaras,et al.  Developing Cyber Peacekeeping: Observation, Monitoring and Reporting , 2018, Gov. Inf. Q..