Skip to main content
Springer Nature Link
Log in

Combining Bayesian Networks and Fishbone Diagrams to Distinguish Between Intentional Attacks and Accidental Technical Failures

  • Conference paper
  • First Online:
Graphical Models for Security (GraMSec 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11086))

Included in the following conference series:

Abstract

Because of modern societies’ dependence on industrial control systems, adequate response to system failures is essential. In order to take appropriate measures, it is crucial for operators to be able to distinguish between intentional attacks and accidental technical failures. However, adequate decision support for this matter is lacking. In this paper, we use Bayesian Networks (BNs) to distinguish between intentional attacks and accidental technical failures, based on contributory factors and observations (or test results). To facilitate knowledge elicitation, we use extended fishbone diagrams for discussions with experts, and then translate those into the BN formalism. We demonstrate the methodology using an example in a case study from the water management domain.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Asllani, A., Ali, A.: Securing information systems in airports: a practical approach. In: 2011 International Conference for Internet Technology and Secured Transactions (ICITST), pp. 314–318. IEEE (2011)

    Google Scholar 

  2. Ben-Gal, I., Ruggeri, F., Faltin, F., Kenett, R.: Bayesian networks. Encyclopedia of statistics in quality and reliability (2007)

    Google Scholar 

  3. Chen, G., Yu, H.: Bayesian network and its application in maize diseases diagnosis. In: Li, D. (ed.) CCTA 2007. TIFIP, vol. 259, pp. 917–924. Springer, Boston, MA (2008). https://doi.org/10.1007/978-0-387-77253-0_22

    Chapter  Google Scholar 

  4. Chockalingam, S., Hadžiosmanović, D., Pieters, W., Teixeira, A., van Gelder, P.: Integrated safety and security risk assessment methods: a survey of key characteristics and applications. In: Havarneanu, G., Setola, R., Nassopoulos, H., Wolthusen, S. (eds.) CRITIS 2016. LNCS, vol. 10242, pp. 50–62. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-71368-7_5

    Chapter  Google Scholar 

  5. Chockalingam, S., Pieters, W., Teixeira, A., van Gelder, P.: Bayesian network models in cyber security: a systematic review. In: Lipmaa, H., Mitrokotsa, A., Matulevičius, R. (eds.) NordSec 2017. LNCS, vol. 10674, pp. 105–122. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70290-2_7

    Chapter  Google Scholar 

  6. Curiac, D.I., Vasile, G., Banias, O., Volosencu, C., Albu, A.: Bayesian network model for diagnosis of psychiatric diseases. In: Proceedings of the ITI 2009 31st International Conference on Information Technology Interfaces, pp. 61–66. IEEE (2009)

    Google Scholar 

  7. Darwiche, A.: Bayesian networks. Found. Artif. Intell. 3, 467–509 (2008)

    Article  Google Scholar 

  8. Desai, M.S., Johnson, R.A.: Using a fishbone diagram to develop change management strategies to achieve first-year student persistence. SAM Adv. Manag. J. 78(2), 51 (2013)

    Google Scholar 

  9. Doggett, A.M.: Root cause analysis: a framework for tool selection. Qual. Manag. J. 12(4), 34–45 (2005)

    Article  Google Scholar 

  10. Endi, M., Elhalwagy, Y., et al.: Three-layer PLC/SCADA system architecture in process automation and data monitoring. In: 2010 The 2nd International Conference on Computer and Automation Engineering (ICCAE), vol. 2, pp. 774–779. IEEE (2010)

    Google Scholar 

  11. Estabragh, Z.S., et al.: Bayesian network modeling for diagnosis of social anxiety using some cognitive-behavioral factors. Netw. Model. Anal. Health Inform. Bioinform. 2(4), 257–265 (2013)

    Article  Google Scholar 

  12. GlobalWater: Global water level sensor - wl400 product manual (2009). http://www.globalw.com/downloads/WL400/WL400manual.pdf

  13. González-López, J., et al.: Development and validation of a Bayesian network for the differential diagnosis of anterior uveitis. Eye 30(6), 865 (2016)

    Article  Google Scholar 

  14. Grimvall, G., Holmgren, Å., Jacobsson, P., Thedéen, T.: Risks in Technological Systems. Springer, Heidelberg (2009). https://doi.org/10.1007/978-1-84882-641-0

    Book  Google Scholar 

  15. Henrion, M.: Practical issues in constructing a Bayes’ belief network. arXiv preprint arXiv:1304.2725 (2013)

  16. Huang, Y., McMurran, R., Dhadyalla, G., Jones, R.P.: Probability based vehicle fault diagnosis: Bayesian network method. J. Intell. Manuf. 19(3), 301–311 (2008)

    Article  Google Scholar 

  17. Ilie, G., Ciocoiu, C.N.: Application of fishbone diagram to determine the risk of an event with multiple causes. Manag. Res. Pract. 2(1), 1–20 (2010)

    Google Scholar 

  18. Ishikawa, K., Ishikawa, K.: Guide to Quality Control, vol. 2. Asian Productivity Organization, Tokyo (1982)

    Google Scholar 

  19. Jianhui, L., Zhang, J., Mingdi, J.: Application of BN in the fault diagnosis of brake failure system. Appl. Mech. Mater. 602–605, 1684–1688 (2014)

    Google Scholar 

  20. Kahn Jr., C.E., Roberts, L.M., Shaffer, K.A., Haddawy, P.: Construction of a Bayesian network for mammographic diagnosis of breast cancer. Comput. Biol. Med. 27(1), 19–29 (1997)

    Article  Google Scholar 

  21. KasperskyLab: Five myths of industrial control systems security (2014). https://media.kaspersky.com/pdf/DataSheet_KESB_5Myths-ICSS_Eng_WEB.pdf

  22. Kipersztok, O., Dildy, G.A.: Evidence-based Bayesian networks approach to airplane maintenance. In: Proceedings of the 2002 International Joint Conference on Neural Networks, IJCNN 2002, vol. 3, pp. 2887–2892. IEEE (2002)

    Google Scholar 

  23. Knowles, W., Prince, D., Hutchison, D., Disso, J.F.P., Jones, K.: A survey of cyber security management in industrial control systems. Int. J. Crit. Infrastruct. Prot. 9, 52–80 (2015)

    Article  Google Scholar 

  24. Korb, K.B., Nicholson, A.E.: Bayesian Artificial Intelligence. CRC Press, Boca Raton (2010)

    MATH  Google Scholar 

  25. Kwan, M., Chow, K.-P., Lai, P., Law, F., Tse, H.: Analysis of the digital evidence presented in the Yahoo! Case. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2009. IAICT, vol. 306, pp. 241–252. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04155-6_18

    Chapter  Google Scholar 

  26. Kwan, M., Chow, K.-P., Law, F., Lai, P.: Reasoning about evidence using Bayesian networks. In: Ray, I., Shenoi, S. (eds.) DigitalForensics 2008. ITIFIP, vol. 285, pp. 275–289. Springer, Boston, MA (2008). https://doi.org/10.1007/978-0-387-84927-0_22

    Chapter  Google Scholar 

  27. Luca, L., Stancioiu, A.: The study applying a quality management tool to identify the causes of a defect in an automotive. In: Proceedings of the 3rd International Conference on Automotive and Transport Systems (2012)

    Google Scholar 

  28. Macaulay, T., Singer, B.L.: Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS. Auerbach Publications, Boca Raton (2016)

    Google Scholar 

  29. Moreira, M.W., Rodrigues, J.J., Oliveira, A.M., Ramos, R.F., Saleem, K.: A preeclampsia diagnosis approach using Bayesian networks. In: 2016 IEEE International Conference on Communications (ICC), pp. 1–5. IEEE (2016)

    Google Scholar 

  30. Nakatsu, R.T.: Reasoning with Diagrams: Decision-Making and Problem-Solving with Diagrams. Wiley, Hoboken (2009)

    Book  Google Scholar 

  31. Nikovski, D.: Constructing bayesian networks for medical diagnosis from incomplete and partially correct statistics. IEEE Trans. Knowl. Data Eng. 9(4), 509–516 (2000)

    Article  Google Scholar 

  32. Oniśko, A., Druzdzel, M.J., Wasyluk, H.: Extension of the Hepar II model to multiple-disorder diagnosis. In: Kłopotek, M., Michalewicz, M., Wierzchoń, S.T. (eds.) Intelligent Information Systems, pp. 303–313. Springer, Heidelberg (2000). https://doi.org/10.1007/978-3-7908-1846-8_27

    Chapter  Google Scholar 

  33. Pecchia, A., Sharma, A., Kalbarczyk, Z., Cotroneo, D., Iyer, R.K.: Identifying compromised users in shared computing infrastructures: a data-driven Bayesian network approach. In: 2011 30th IEEE International Symposium on Reliable Distributed Systems, pp. 127–136. IEEE (2011)

    Google Scholar 

  34. Przytula, K.W., Thompson, D.: Construction of Bayesian networks for diagnostics. In: 2000 IEEE Aerospace Conference Proceedings, vol. 5, pp. 193–200. IEEE (2000)

    Google Scholar 

  35. RISI: German steel mill cyber attack (2018). http://www.risidata.com/database/detail/german-steel-mill-cyber-attack

  36. de Ruijter, A., Guldenmund, F.: The bowtie method: a review. Saf. Sci. 88, 211–218 (2016)

    Article  Google Scholar 

  37. Skopik, F., Smith, P.D.: Smart Grid Security: Innovative Solutions for a Modernized Grid. Syngress, Boston (2015)

    Google Scholar 

  38. Wang, J.A., Guo, M.: Vulnerability categorization using Bayesian networks. In: Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research, p. 29. ACM (2010)

    Google Scholar 

  39. Wang, X.H., Zheng, B., Good, W.F., King, J.L., Chang, Y.H.: Computer-assisted diagnosis of breast cancer using a data-driven Bayesian belief network. Int. J. Med. Inform. 54(2), 115–126 (1999)

    Article  Google Scholar 

  40. White, A.A., et al.: Cause-and-effect analysis of risk management files to assess patient care in the emergency department. Acad. Emerg. Med. 11(10), 1035–1041 (2004)

    Article  Google Scholar 

  41. Zhao, C.H., Zhang, J., Zhong, X.Y., Zeng, J., Chen, S.J.: Analysis of accident safety risk of tower crane based on fishbone diagram and the analytic hierarchy process. In: Applied Mechanics and Materials. vol. 127, pp. 139–143. Trans Tech Publications (2012)

    Google Scholar 

  42. Zhu, Y., Qian, X.M., Liu, Z.Y., Huang, P., Yuan, M.Q.: Analysis and assessment of the Qingdao crude oil vapor explosion accident: lessons learnt. J. Loss Prev. Process. Ind. 33, 289–303 (2015)

    Article  Google Scholar 

Download references

Acknowledgements

This research received funding from the Netherlands Organisation for Scientific Research (NWO) in the framework of the Cyber Security research program under the project “Secure Our Safety: Building Cyber Security for Flood Management (SOS4Flood)”.

Author information

Authors and Affiliations

  1. Faculty of Technology, Policy and Management, Delft University of Technology, Delft, The Netherlands

    Sabarathinam Chockalingam, Wolter Pieters, Nima Khakzad & Pieter van Gelder

  2. Department of Engineering Sciences, Uppsala University, Uppsala, Sweden

    André Teixeira

Authors
  1. Sabarathinam Chockalingam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wolter Pieters
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. André Teixeira
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Nima Khakzad
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Pieter van Gelder
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sabarathinam Chockalingam .

Editor information

Editors and Affiliations

  1. Dartmouth College, Hanover , NH, USA

    George Cybenko

  2. University College London, London, UK

    David Pym

  3. IRISA, INSA Rennes, Rennes, France

    Barbara Fila

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chockalingam, S., Pieters, W., Teixeira, A., Khakzad, N., van Gelder, P. (2019). Combining Bayesian Networks and Fishbone Diagrams to Distinguish Between Intentional Attacks and Accidental Technical Failures. In: Cybenko, G., Pym, D., Fila, B. (eds) Graphical Models for Security. GraMSec 2018. Lecture Notes in Computer Science(), vol 11086. Springer, Cham. https://doi.org/10.1007/978-3-030-15465-3_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-15465-3_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-15464-6

  • Online ISBN: 978-3-030-15465-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics