Critical Attacks Set Identification in Attack Graphs for Computer and SCADA/ICS Networks

Supervisory control and data acquisition/industrial control systems (SCADA/ICSs) networks are becoming more vulnerable to attacks that exploit the interdependence of security weaknesses at the atomic level to compromise system-level security. Attack graphs are an effective approach to depict these complex attack scenarios, assisting security administrators in determining how to best safeguard their systems. However, due to time and financial constraints, it is frequently not possible to address all atomic-level flaws at the same time. In this article, we propose a method for automatically detecting a minimal set of critical attacks that, when defended against, render the system secure. Finding a minimal label cut is typically an NP-complete problem. However, we propose a linear complexity approximation that uses the attack graph’s strongly connected components (SCCs) to create a simplified version of the graph in the form of a tree over the SCCs. Then, we perform an iterative backward search over this tree to find a set of backward-reachable SCCs, as well as their outward edges and labels, in order to find a cut of the tree with the fewest labels, which is a critical attack set. We put our proposed method to the test on real-world case studies, such as IT and SCADA networks for a cyber–physical system for water treatment, and outperformed previous state-of-the-art algorithms in terms of approximation accuracy and/or computational speed. Our solution provides security administrators with a practical and efficient method for prioritizing efforts to address vulnerabilities in SCADA/ICS networks.

[1]  Mariam Ibrahim,et al.  A2G2V: Automatic Attack Graph Generation and Visualization and Its Applications to Computer and SCADA Networks , 2020, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[2]  Ratnesh Kumar,et al.  ICS/SCADA Device Recognition: A Hybrid Communication-Patterns and Passive-Fingerprinting Approach , 2019, 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM).

[3]  Mariam Ibrahim,et al.  A2G2V: Automated Attack Graph Generator and Visualizer , 2018 .

[4]  George Karabatis,et al.  Queryable Semantics to Detect Cyber-Attacks: A Flow-Based Detection Approach , 2018, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[5]  Madhav V. Marathe,et al.  Labeled cuts in graphs , 2016, Theor. Comput. Sci..

[6]  Bin Fu,et al.  The label cut problem with respect to path length and label frequency , 2016, Theor. Comput. Sci..

[7]  Wei-Ho Chung,et al.  Cyberphysical Security and Dependability Analysis of Digital Control Systems in Nuclear Power Plants , 2016, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[8]  M. Alhomidi,et al.  Finding the minimum cut set in attack graphs using genetic algorithms , 2013, 2013 International Conference on Computer Applications Technology (ICCAT).

[9]  Dirk Fox,et al.  Cross Site Scripting (XSS) , 2012, Datenschutz und Datensicherheit - DuD.

[10]  Jin-Yi Cai,et al.  Approximation and hardness results for label cut and related problems , 2009, J. Comb. Optim..

[11]  G. Manimaran,et al.  Cybersecurity for Critical Infrastructures: Attack and Defense Modeling , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[12]  Xinming Ou,et al.  Identifying Critical Attack Assets in Dependency Attack Graphs , 2008, ESORICS.

[13]  Sushil Jajodia,et al.  Minimum-cost network hardening using attack graphs , 2006, Comput. Commun..

[14]  Refael Hassin,et al.  Approximation algorithms and hardness results for labeled connectivity problems , 2006, J. Comb. Optim..

[15]  Sushil Jajodia,et al.  Efficient minimum-cost network hardening via exploit dependency graphs , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[16]  Jeannette M. Wing,et al.  Tools for Generating and Analyzing Attack Graphs , 2003, FMCO.

[17]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[18]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[19]  Robert E. Tarjan,et al.  Depth-First Search and Linear Graph Algorithms , 1972, SIAM J. Comput..

[20]  Grant Smith,et al.  Department of Homeland Security , 2007, Disaster Medicine and Public Health Preparedness.