Cyber-attack path discovery in a dynamic supply chain maritime risk management system

Maritime port infrastructures rely on the use of information systems for collaboration, while a vital part of collaborating is to provide protection to these systems. Attack graph analysis and risk assessment provide information that can be used to protect the assets of a network from cyber-attacks. Furthermore, attack graphs provide functionality that can be used to identify vulnerabilities in a network and how these can be exploited by potential attackers. Existing attack graph generation methods are inadequate in satisfying certain requirements necessary in a dynamic supply chain risk management environment, since they do not consider variables that assist in exploring specific network parts that satisfy certain criteria, such as the entry and target points, the propagation length and the location and capability of the potential attacker. In this paper, we present a cyber-attack path discovery method that is used as a component of a maritime risk management system. The method uses constraints and Depth-first search to effectively generate attack graphs that the administrator is interested in. To support our method and to show its effectiveness we have evaluated it using real data from a maritime supply chain.

[1]  Bin Wu,et al.  Exploring risk flow attack graph for security risk assessment , 2015, IET Inf. Secur..

[2]  Steven J. Templeton,et al.  A requires/provides model for computer attacks , 2001, NSPW '00.

[3]  Heejo Lee,et al.  Scalable attack graph for risk assessment , 2009, 2009 International Conference on Information Networking.

[4]  Béatrix Barafort,et al.  Integrating risk management in IT settings from ISO standards and management systems perspectives , 2017, Comput. Stand. Interfaces.

[5]  Gary Carpenter 동적 사용자를 위한 Scalable 인증 그룹 키 교환 프로토콜 , 2005 .

[6]  Kashif Kifayat,et al.  Risk assessment and attack graph generation for collaborative infrastructures: a survey , 2016, Int. J. Crit. Comput. Based Syst..

[7]  Sushil Jajodia Topological analysis of network attack vulnerability , 2007, ASIACCS '07.

[8]  Indrajit Ray,et al.  Dynamic Security Risk Management Using Bayesian Attack Graphs , 2012, IEEE Transactions on Dependable and Secure Computing.

[9]  Paul Ammann,et al.  Using model checking to analyze network vulnerabilities , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[10]  Richard Lippmann,et al.  Practical Attack Graph Generation for Network Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[11]  Xinming Ou,et al.  A scalable approach to attack graph generation , 2006, CCS '06.

[12]  Jun Wang,et al.  K maximum probability attack paths dynamic generation algorithm , 2016, Comput. Sci. Inf. Syst..

[13]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[14]  Anoop Singhal,et al.  Attack Graph Techniques , 2012 .

[15]  Fikret Sivrikaya,et al.  Distributed Attack Graph Generation , 2016, IEEE Transactions on Dependable and Secure Computing.

[16]  Sushil Jajodia,et al.  Topological analysis of network attack vulnerability , 2006, PST.

[17]  Brian Henderson-Sellers,et al.  Standards-based metamodel for the management of goals, risks and evidences in critical systems development , 2016, Comput. Stand. Interfaces.

[18]  Peng Ning,et al.  Learning attack strategies from intrusion alerts , 2003, CCS '03.

[19]  Andrew W. Appel,et al.  MulVAL: A Logic-based Network Security Analyzer , 2005, USENIX Security Symposium.