Home > Research > Publications & Outputs > Protecting Water Utility Networks from Advanced...

Associated organisational unit

View graph of relations

Protecting Water Utility Networks from Advanced Persistent Threats: A Case Study

Research output: Contribution in Book/Report/ProceedingsOther chapter contribution

Publication date2018
Host publicationGame Theory for Security Management - From Theory to Practice
PublisherSpringer Birkhäuser
<mark>Original language</mark>English

Publication series

NameStatic & Dynamic Game Theory: Foundations and Applications


The sovereignty and wellbeing of nations is highly dependent on the continuous and uninterrupted operation of critical infrastructures. Thus, the protection of utilities that provision critical services (e.g., water, electricity, telecommunications) is of vital importance given the severity imposed by any failure of these services. Recent security incidents in the context of critical infrastructures indicate that threats in such environments appear to be increasing both in frequency and intensity. The complexity of typical critical infrastructures is among the factors that make these environments vulnerable to threats. One of the most problematic types of threat is an advanced persistent threat (an APT). This usually refers to a sophisticated, targeted, and costly attack that employs multiple attack vectors to gain access to the target system, then to operate in stealth mode when penetration is achieved, and to exfiltrate data or cause failures inside the system. In this chapter, we demonstrate how a set of processes developed in the context of HyRiM's risk management framework can assist in minimizing the damage caused to a utility organization that is subjected to an APT style of attack. Specifically, the framework is demonstrated using data from a real-world water utility network and an industrial control system (ICS) testbed, and in which optimal defensive strategies are investigated.