Proactive Security For Safety And Sustainability of Mission Critical Systems

Ensuring cyber network security becomes a challenging step with the increase of cyber attacks. The latter are targeting any cyber system starting from personal computers to national critical infrastructures. Consequently, the development of a proactive cyber defense technique to detect and react to cyber attacks before the damage occurrence becomes a necessity. To this end, we develop in this work a formal model to proactively ensure safety and sustainability of mission critical systems. Our proposal consists in deploying a network of observer agents to supervise and generate observation data related to attacks under execution which will be analyzed by a central defense agent. The latter will hypothetically generate a graph of potential scenarios that could be executed in the network. A scenario context will be introduced to compute a set of probabilistic measures for the proactive assessment of attack damages. Another graph decomposing the cyber network global mission into sub operations, and presenting the cyber assets ensuring mission achievement, will be presented. Such a graph will be used to study the cyber attack impact on mission accomplishment and, thus, will ensure the system sustainability by proactively reacting to cyber attacks. A case study is provided to illustrate the proposal.

[1]  Florian Skopik,et al.  Combating advanced persistent threats: From network event correlation to incident detection , 2015, Comput. Secur..

[2]  Robert S. Dewar,et al.  The “triptych of cyber security”: A classifi cation of active cyber defence , 2014, 2014 6th International Conference On Cyber Conflict (CyCon 2014).

[3]  Shouhuai Xu,et al.  A Stochastic Model of Active Cyber Defense Dynamics , 2015, Internet Math..

[4]  Huy Kang Kim,et al.  “I know what you did before”: General framework for correlation analysis of cyber threat incidents , 2016, MILCOM 2016 - 2016 IEEE Military Communications Conference.

[5]  Igor V. Kotenko,et al.  A Cyber Attack Modeling and Impact Assessment framework , 2013, 2013 5th International Conference on Cyber Conflict (CYCON 2013).

[6]  Dmitry P. Zegzhda,et al.  Sustainability as a criterion for information security in cyber-physical systems , 2016, Automatic Control and Computer Sciences.

[7]  Manisha Patil,et al.  A brief study of Wannacry Threat: Ransomware Attack 2017 , 2017 .

[8]  Noureddine Boudriga,et al.  Visibility: a novel concept for characterising provable network digital evidences , 2009, Int. J. Secur. Networks.

[9]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[10]  Shouhuai Xu,et al.  Optimizing Active Cyber Defense , 2013, GameSec.

[11]  Shouhuai Xu,et al.  Preventive and Reactive Cyber Defense Dynamics Is Globally Stable , 2016, IEEE Transactions on Network Science and Engineering.

[12]  Noureddine Boudriga,et al.  Proactive Damage Assessment of Cyber Attacks Using Mobile Observer Agents , 2017, MoMM.

[13]  Gabriel Jakobson,et al.  Mission cyber security situation assessment using impact dependency graphs , 2011, 14th International Conference on Information Fusion.

[14]  Sandip C. Patel,et al.  A Risk-Assessment Model for Cyber Attacks on Information Systems , 2010, J. Comput..

[15]  Karim Ganame,et al.  Network Behavioral Analysis for Zero-Day Malware Detection - A Case Study , 2017, ISDDC.

[16]  Norah Abokhodair,et al.  Saudi Arabia's response to cyber conflict: A case study of the Shamoon malware incident , 2013, 2013 IEEE International Conference on Intelligence and Security Informatics.

[17]  Stefan Rass,et al.  Defending Against Advanced Persistent Threats Using Game-Theory , 2017, PloS one.

[18]  Florian Skopik,et al.  Dealing with advanced persistent threats in smart grid ICT networks , 2014, ISGT 2014.

[19]  Igor V. Kotenko,et al.  Event correlation in the integrated cyber-physical security system , 2016, 2016 XIX IEEE International Conference on Soft Computing and Measurements (SCM).

[20]  Ehab Al-Shaer,et al.  Agile virtualized infrastructure to proactively defend against cyber attacks , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[21]  Dale C. Rowe,et al.  A survey SCADA of and critical infrastructure incidents , 2012, RIIT '12.

[22]  Ayan Banerjee,et al.  Ensuring Safety, Security, and Sustainability of Mission-Critical Cyber–Physical Systems , 2012, Proceedings of the IEEE.

[23]  Noureddine Boudriga,et al.  An Approach To A Graph-Based Active Cyber Defense Model , 2016, MoMM.