Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65
-
pISSN : 1598-849X / eISSN : 2383-9945
- https://journal.kci.go.kr/jksci
KJCKorea
Journal Central
Feasibility Analysis on the Attack Graph Applicability in Selected Domains
- Journal of The Korea Society of Computer and Information
- Abbr : JKSCI
- 2023, 28(5), pp.57-66
- DOI : 10.9708/jksci.2023.28.05.057
- Publisher : The Korean Society Of Computer And Information
- Research Area : Engineering > Computer Science
- Received : April 21, 2023
- Accepted : May 11, 2023
- Published : May 31, 2023
Junho Jang 1, Saehee Jun 2, Huiju Lee 1, Jaegwan Yu 3, SungJin Park 3, Su-Youn Hong 3, Huy-Kang Kim 1
1고려대학교
2고려대학교 정보보호연구원
3LIG넥스원
Accredited
ABSTRACT
In this paper, a research trend of attack graph studies for Cyber-Physical System (CPS) environments is surveyed, and we analyse the limitations of previous works and prospect the future directions. 35 among around 150 attack graph studies conducted within 5 years target CPS, and we inspect key features of CPS environment in the security aspect. Also, we categorize and analyze target studies in the aspect of modelling physical systems and considering air gaps, which are derived as key features of the security aspects of CPS.
Half of 20 research that we surveyed do not reflect those two features, and other studies only consider one of the two features. In this circumstance, we examine challenges that attack graph studies on CPS environment face. Finally, we expect state-led studies or studies targeting open-spec commercial CPS will dominate.
Statistics
-
146 Viewed
-
98 Downloaded
Tools
Issue List
Citation status
* References for papers published after 2023 are currently being built.
[confproc]
Phillips
/ 1998
/ A graph-based system for network-vulnerability analysis
/ Proceedings of the 1998workshop on New security paradigms
: 71~79
[confproc]
Jha, Sheyner
/ 2002
/ Two formal analyses of attack graphs
/ Proceedings 15th IEEE Computer Security Foundations Workshop
: 49~63
[confproc]
Sheyner
/ 2002
/ Automated generation and analysis of attack graphs
/ Proceedings 2002 IEEE Symposium on Security and Privacy
: 273~284
[confproc]
Ou, Xinming
/ 2005
/ MulVAL: A Logic-based Network Security Analyzer
/ Proceedings of the 14th conference on USENIX Security Symposium
14
: 8~
[confproc]
Hong
/ 2012
/ HARMS: Hierachical Attack Representation Models for Network Security Analysis
/ Proceedings of the 10th Australian Information Security Management Conference
[journal]
Kerem Kaynar
/ 2015
/ Distributed Attack Graph Generation
/ IEEE Transactions on Dependable and Secure Computing
/ Institute of Electrical and Electronics Engineers (IEEE)
13(5)
: 519~532
[journal]
Jin B. Hong
/ 2017
/ A survey on the usability and practical applications of Graphical Security Models
/ Computer Science Review
/ Elsevier BV
26
: 1~16
[confproc]
Frigault
/ 2008
/ Measuring Network Security Using Bayesian Network-Based Attack Graphs
/ 32nd Annual IEEE International Computer Software and Applications Conference
[confproc]
Joy
/ 2021
/ Precise Estimation of Local Probabilities for Bayesian Attack Graph Analysis
/ IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference
[confproc]
Gallon
/ 2012
/ CVSS Attack Graphs
/ 2011 Seventh International Conference on Signal Image Technology &Internet-Based Systems
[confproc]
Keramati
/ 2013
/ CVSS-based security metrics for quantitative analysis of attack graphs
/ International eConference on Computer and Knowledge Engineering
: 2013~
[confproc]
Lu
/ 2009
/ Ranking Attack Graphs with Graph Neural Networks
/ Proceedings of the 5th International Conference on Information Security Practice and Experience
: 345~359
[web]
Clarivate
/ Web of Science
/ https://www.webofknowledge.com/
[web]
Association for Computing Machinary
/ ACM Digital Library
/ https://dl.acm.org/
[web]
Institute of Electrical and Electronics Engineers
/ IEEE Xplore
/ https://ieeexplore.ieee.org/
[web]
UC Berkeley (EECS Dept.)
/ Ptolemy project
/ https://ptolemy.berkeley.edu/projects/cps/
[journal]
David Kushner
/ 2013
/ The real story of stuxnet
/ IEEE Spectrum
/ Institute of Electrical and Electronics Engineers (IEEE)
50(3)
: 48~53
[journal]
Kesler, Brent
/ 2011
/ The vulnerability of nuclear facilities to cyber attack
/ Strategic Insights
10(15)
[web]
Kopfstein
/ Stuxnet virus was planted by Israeli agents using USB sticks, according to new report
/ The Verge
/ https://www.theverge.com/2012/4/12/2944329/stuxnet-computer-virus-planted-israeli-agent-iran
[web]
MITRE
/ MITRE ATT&CK for ICS
/ https://attack.mitre.org/tactics/ics/
[journal]
Tianlei Zang
/ 2019
/ Integrated fault propagation model based vulnerability assessment of the electrical cyber-physical system under cyber attacks
/ Reliability Engineering & System Safety
/ Elsevier BV
189
: 232~241
[confproc]
Hasan
/ 2019
/ Towards Optimal Cyber Defense Remediation in Cyber Physical Systems by Balancing Operational Resilience and Strategic Risk
/ 2019 IEEE Military Communications Conference
[confproc]
Meyur
/ 2020
/ A Bayesian Attack Tree Based Approach to Assess Cyber-Physical Security of Power System
/ 2020 IEEE Texas Power and Energy Conference (TPEC)
[confproc]
Castiglione
/ 2020
/ hazard driven threat modelling for cyber physical systems
/ CPSIOTSEC'20: Proceedings of the 2020 Joint Workshop on CPS&IoT Security and Privacy
: 13~24
[confproc]
Bhattacharya
/ 2020
/ Automated Adversary Emulation for Cyber-Physical Systems via Reinforcement Learning
/ 2020 IEEE International Conference on Intelligence and Security Informatics
[journal]
Abdelaziz Khaled
/ 2020
/ Assessing the Severity of Smart Attacks in Industrial Cyber-Physical Systems
/ ACM Transactions on Cyber-Physical Systems
/ Association for Computing Machinery (ACM)
5(1)
: 1~28
[confproc]
Semertzis
/ 2022
/ Quantitative Risk Assessment of Cyber Attacks on Cyber-Physical Systems using Attack Graphs
/ 2022 10th Workshop on Modelling and Simulation of Cyber-Physical Energy Systems (MSCPES)
[confproc]
Zhang
/ 2020
/ Quantitatively Assessing the Cyber-to-Physical Risk of Industrial Cyber-Physical Systems
/ Proceedings of the 2020 on Great Lakes Symposium on VLSI
: 439~444
[confproc]
Haque
/ 2020
/ Integrating Mission-Centric Impact Assessment to Operational Resiliency in Cyber-Physical Systems
/ 2020 IEEE Global Communications Conference
[confproc]
Buczkowski
/ 2022
/ Optimal Security Hardening over a Probabilistic Attack Graph: A Case Study of an Industrial Control System using CySecTool
/ Sat-CPS '22:Proceedings of the 2022 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems
: 21~30
[journal]
Alaa T. Al Ghazo
/ 2020
/ A2G2V: Automatic Attack Graph Generation and Visualization and Its Applications to Computer and SCADA Networks
/ IEEE Transactions on Systems, Man, and Cybernetics: Systems
/ Institute of Electrical and Electronics Engineers (IEEE)
50(10)
: 3488~3498
[journal]
Xie
/ 2021
/ Risk assessment method of power plant industrial control information security based on Bayesian attack graph
/ Journal of Electrical Systems
17(4)
: 529~541
[confproc]
Choi
/ 2021
/ Probabilistic Attack Sequence Generation and Execution Based on MITRE ATT&CK for ICS Datasets
/ CSET '21: Cyber Security Experimentation and Test Workshop
[web]
MITRE
/ ATT&CK
/ https://attack.mitre.org/
[confproc]
Kern
/ 2021
/ Model-based Attack Tree Generation for Cybersecurity Risk-Assessments in Automotive
/ 2021 IEEE International Symposium on Systems Engineering (ISSE)
[confproc]
Ling
/ 2021
/ Generating Threat Models and Attack Graphs based on the IEC 61850 System Configuration description Language
/ SAT-CPS '21: Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems
: 98~103
[web]
Foreseeti AB
/ MAL
/ https://mal-lang.org/
[journal]
Lukas Gressl
/ 2021
/ Design Space Exploration for Secure IoT Devices and Cyber-Physical Systems
/ ACM Transactions on Embedded Computing Systems
/ Association for Computing Machinery (ACM)
20(4)
: 1~24
[journal]
Shuning Hou
/ 2022
/ An Ontology-Based Dynamic Attack Graph Generation Approach for the Internet of Vehicles
/ Frontiers in Energy Research
/ Frontiers Media SA
10
[journal]
Birte Glimm
/ 2014
/ HermiT: An OWL 2 Reasoner
/ Journal of Automated Reasoning
/ Springer Science and Business Media LLC
53(3)
: 245~269
[journal]
Horrocks
/ 2004
/ SWRL: A Semantic Web Rule Language Combining OWL and RuleML
/ W3C Member submission
21(79)
: 1~31
[journal]
Ming Li
/ 2022
/ Strategies for Practical Hybrid Attack Graph Generation and Analysis
/ Digital Threats: Research and Practice
/ Association for Computing Machinery (ACM)
3(4)
: 1~24
[confproc]
Ling
/ 2022
/ Securing Communication and Identifying Threats in RTUs: A Vulnerability Analysis
/ ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security
: 1~7
[confproc]
Ge
/ 2022
/ A Hybrid Attack Graph Analysis Method based on Model Checking
/ 2022 Tenth International Conference on Advanced Cloud and Big Data (CBD)
[web]
CISA
/ Critical Infrastructure Sectors
/ https://www.cisa.gov/topics/critical-infrastructure-security-and-resilience/critical-infrastructure-sectors
[web]
Ministry of the Interior and Safety
/ Protect Nation Core Foundation
/ https://www.mois.go.kr/frt/sub/a06/b13/protectNationCoreFoundation/screen.do
[web]
FIRST
/ Common Vulnerability Scoring System v3.1:Specification Document
/ https://www.first.org/cvss/v3.1/specification-document
[web]
MITRE
/ Lazarus Group
/ https://attack.mitre.org/groups/G0032/
[web]
MITRE
/ Kimsuky
/ https://attack.mitre.org/groups/G0094/
[web]
MITRE
/ Sandworm Team
/ https://attack.mitre.org/groups/G0034/
[web]
Bing
/ Russian hackers preparing new cyber assault against Ukraine-Microsoft report
/ Reuters
/ https://www.reuters.com/technology/russian-hackers-preparing-new-cyber-assault-against-ukraine-microsoft-report-2023-03-15/