Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Other chapter contribution
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Other chapter contribution
}
TY - CHAP
T1 - Protecting Water Utility Networks from Advanced Persistent Threats
T2 - A Case Study
AU - Gouglidis, Antonios
AU - König, Sandra
AU - Green, Benjamin
AU - Rossegger, Karl
AU - Hutchison, David
PY - 2018
Y1 - 2018
N2 - The sovereignty and wellbeing of nations is highly dependent on the continuous and uninterrupted operation of critical infrastructures. Thus, the protection of utilities that provision critical services (e.g., water, electricity, telecommunications) is of vital importance given the severity imposed by any failure of these services. Recent security incidents in the context of critical infrastructures indicate that threats in such environments appear to be increasing both in frequency and intensity. The complexity of typical critical infrastructures is among the factors that make these environments vulnerable to threats. One of the most problematic types of threat is an advanced persistent threat (an APT). This usually refers to a sophisticated, targeted, and costly attack that employs multiple attack vectors to gain access to the target system, then to operate in stealth mode when penetration is achieved, and to exfiltrate data or cause failures inside the system. In this chapter, we demonstrate how a set of processes developed in the context of HyRiM's risk management framework can assist in minimizing the damage caused to a utility organization that is subjected to an APT style of attack. Specifically, the framework is demonstrated using data from a real-world water utility network and an industrial control system (ICS) testbed, and in which optimal defensive strategies are investigated.
AB - The sovereignty and wellbeing of nations is highly dependent on the continuous and uninterrupted operation of critical infrastructures. Thus, the protection of utilities that provision critical services (e.g., water, electricity, telecommunications) is of vital importance given the severity imposed by any failure of these services. Recent security incidents in the context of critical infrastructures indicate that threats in such environments appear to be increasing both in frequency and intensity. The complexity of typical critical infrastructures is among the factors that make these environments vulnerable to threats. One of the most problematic types of threat is an advanced persistent threat (an APT). This usually refers to a sophisticated, targeted, and costly attack that employs multiple attack vectors to gain access to the target system, then to operate in stealth mode when penetration is achieved, and to exfiltrate data or cause failures inside the system. In this chapter, we demonstrate how a set of processes developed in the context of HyRiM's risk management framework can assist in minimizing the damage caused to a utility organization that is subjected to an APT style of attack. Specifically, the framework is demonstrated using data from a real-world water utility network and an industrial control system (ICS) testbed, and in which optimal defensive strategies are investigated.
U2 - 10.1007/978-3-319-75268-6_13
DO - 10.1007/978-3-319-75268-6_13
M3 - Other chapter contribution
SN - 9783319752679
T3 - Static & Dynamic Game Theory: Foundations and Applications
SP - 313
EP - 333
BT - Game Theory for Security and Risk Management
A2 - Rass, Stefan
A2 - Schauer, Stefan
PB - Springer Birkhäuser
CY - Basel
ER -