Assessing the Impact of Malware Attacks in Utility Networks

Utility networks are becoming more and more interconnected. Besides the natural physical interdependencies (e.g., water networks heavily depend on power grids, etc.), utility networks are nowadays often monitored and operated by industrial control systems (ICS). While these systems enhance the level of control over utility networks, they also enable new forms of attacks, such as cyberattacks. During the last years, cyberattacks have occurred more frequently with sometimes a significant impact on the company as well as the society. The first step toward preventing such incidents is to understand how an infection of one component influences the rest of the network. This malware spreading can be modeled as a stochastic process on a graph where edges transmit an infection with a specific probability. In practice, this probability depends on the type of the malware (e.g., ransomware, spyware, virus, etc.) as well as on the type of the connection between the nodes (e.g., physical or logical connections). In this chapter, we illustrate how the abstract model can be put into practice for a concrete use case.

[1]  Kwang-Cheng Chen,et al.  On Modeling Malware Propagation in Generalized Social Networks , 2011, IEEE Communications Letters.

[2]  Stamatis Karnouskos,et al.  Stuxnet worm impact on industrial cyber-physical system security , 2011, IECON 2011 - 37th Annual Conference of the IEEE Industrial Electronics Society.

[3]  Eric D. Knapp,et al.  Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems , 2011 .

[4]  Donald F. Towsley,et al.  Code red worm propagation modeling and analysis , 2002, CCS '02.

[5]  Gordon Thomson BYOD: enabling the chaos , 2012, Netw. Secur..

[6]  Bill Morrow,et al.  BYOD security challenges: control and protect your most sensitive data , 2012, Netw. Secur..

[7]  Donald F. Towsley,et al.  The effect of network topology on the spread of epidemics , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[8]  Antonio Scarfò,et al.  New Security Perspectives around BYOD , 2012, 2012 Seventh International Conference on Broadband, Wireless Computing, Communication and Applications.

[9]  David Moore,et al.  Internet quarantine: requirements for containing self-propagating code , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[10]  Chuanyi Ji,et al.  Spatial-temporal modeling of malware propagation in networks , 2005, IEEE Transactions on Neural Networks.