Skip to main content
SpringerLink
Log in

Attack Path Analysis for Cyber Physical Systems

  • Conference paper
  • First Online:
Computer Security (CyberICPS 2020, SECPRE 2020, ADIoT 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12501))

Abstract

The identification and analysis of potential paths that an adversary may exploit to attack Cyber Physical Systems comprising sub-systems enables the comprehensive understanding of the attacks and the impact that may have to the overall system, thus facilitating the definition of appropriate countermeasures that will satisfy the pertinent security requirements. To this end, several attack modelling techniques can be employed, the attack graph being the most prevalent among them. Unfortunately, the discovery and analysis of all possible attack paths in an attack graph is not possible in systems even of a moderate size. In this work we propose a novel systematic method for discovering and analyzing attack paths in real-world scale interconnected Cyber Physical Systems. The method considers the criticality of each sub-system in discovering paths and the risk to the overall system that each path presents to analyze and prioritize paths. We illustrate the workings of the method by applying to the navigational Cyber Physical Systems of the Cyber-Enabled Ship to identify and analyze highly critical attack paths originating from the Automatic Identification System (AIS) and targeting the Autonomous Navigation System (ANS).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The lower the Z value of a sub-system the more critical the sub-system is.

References

  1. Al-Mhiqani, M.N., Ahmad, R., Yassin, W., Hassan, A., Abidin, Z.Z., Ali, N.S., Abdulkareem, K.H.: Cyber-security incidents: a review cases in cyber-physical systems. Int. J. Adv. Comput. Sci. Appl. 9(1), 499–508 (2018)

    Google Scholar 

  2. Kavallieratos, G., Katsikas, S., Gkioulos, V.: Modelling shipping 4.0: a reference architecture for the cyber-enabled ship. In: Nguyen, N.T., Jearanaitanakij, K., Selamat, A., Trawiński, B., Chittayasothorn, S. (eds.) ACIIDS 2020. LNCS (LNAI), vol. 12034, pp. 202–217. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-42058-1_17

    Chapter  Google Scholar 

  3. Emad, G.R., Khabir, M., Shahbakhsh, M.: Shipping 4.0 and training seafarers for the future autonomous and unmanned ships. In: Proceedings of the 21th Marine Industries Conference (MIC 2019), pp. 202–217(2020)

    Google Scholar 

  4. Chang, C.H., Wenming, S., Wei, Z., Changki, P., Kontovas, C.A.: Evaluating cybersecurity risks in the maritime industry: a literature review. In: Proceedings of the International Association of Maritime Universities (IAMU) Conference (2019)

    Google Scholar 

  5. Silgado, D.M.: Cyber-attacks: a digital threat reality affecting the maritime industry (2018)

    Google Scholar 

  6. Hassani, V., Crasta, N., Pascoal, A.M.: Cyber security issues in navigation systems of marine vessels from a control perspective. In: Proceedings of the ASME: 36th International Conference on Ocean, p. 2017. American Society of Mechanical Engineers Digital Collection, Offshore and Arctic Engineering (2017)

    Google Scholar 

  7. Kavallieratos, G., Katsikas, S., Gkioulos, V.: Cyber-attacks against the autonomous ship. In: Katsikas, S.K., Cuppens, F., Cuppens, N., Lambrinoudakis, C., Antón, A., Gritzalis, S., Mylopoulos, J., Kalloniatis, C. (eds.) SECPRE/CyberICPS -2018. LNCS, vol. 11387, pp. 20–36. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-12786-2_2

    Chapter  Google Scholar 

  8. Chen, Y.C., Mooney, V., Grijalva, S.: A survey of attack models for cyber-physical security assessment in electricity grid. In: Proceedings of the 2019 IFIP/IEEE 27th International Conference on Very Large Scale Integration (VLSI-SoC), pp. 242–243. IEEE (2019)

    Google Scholar 

  9. Lallie, H.S., Debattista, K., Bal, J.: A review of attack graph and attack tree visual syntax in cyber security. Comput. Sci. Rev. 35, 100219 (2020)

    Article  MathSciNet  Google Scholar 

  10. Al-Mohannadi, H., Mirza, Q., Namanya, A., Awan, I., Cullen, A., Disso, J.: Cyber-attack modeling analysis techniques: an overview. In: Proceedings of the 2016 IEEE 4th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), pp. 69–76. IEEE (2016)

    Google Scholar 

  11. Hong, J.B., Kim, D.S.: Performance analysis of scalable attack representation models. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IAICT, vol. 405, pp. 330–343. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39218-4_25

    Chapter  Google Scholar 

  12. Xie, A., Cai, Z., Tang, C., Hu, J., Chen, Z.: Evaluating network security with two-layer attack graphs. In: Proceedings of the 2009 Annual Computer Security Applications Conference, pp. 127–136 (2009)

    Google Scholar 

  13. Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 336–345. Association for Computing Machinery, New York, NY, USA (2006)

    Google Scholar 

  14. Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proceedings 2002 IEEE Symposium on Security and Privacy, pp. 273–284 (2002)

    Google Scholar 

  15. Dacier, M., Deswarte, Y., Kaâniche, M.: Models and tools for quantitative assessment of operational security. SEC 1996. IAICT, pp. 177–186. Springer, Boston, MA (1996). https://doi.org/10.1007/978-1-5041-2919-0_15

    Chapter  Google Scholar 

  16. Dacier, M.: Towards Quantitative Evaluation of Computer Security. Ph.D. thesis, Institut National Polytechnique de Toulouse (1994)

    Google Scholar 

  17. Dacier, M., Deswarte, Y.: Privilege graph: an extension to the typed access matrix model. In: Gollmann, D. (ed.) ESORICS 1994. LNCS, vol. 875, pp. 319–334. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-58618-0_72

    Chapter  Google Scholar 

  18. Phillips, C., Swiler, L.P.: A graph-based system for network-vulnerability analysis. In Proceedings of the 1998 Workshop on New Security Paradigms, NSPW 1998, pp. 71–79. Association for Computing Machinery, New York, NY, USA (1998)

    Google Scholar 

  19. Khaitan, S., Raheja, S.: Finding optimal attack path using attack graphs: a survey. Int. J. Soft Comput. Eng. 1(3), 2231–2307 (2011)

    Google Scholar 

  20. Ou, X., Singhal, A.: Quantitative security risk assessment of enterprise networks. In: Ou, X., Singhal, A. (eds.) Attack Graph Techniques, pp. 5–8. Springer, New York (2011)

    Google Scholar 

  21. Swiler, L.P., Phillips, C., Ellis, D., Chakerian, S.: Computer-attack graph generation tool. In: Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX 2001, Vol. 2, pp. 307–321 (2001)

    Google Scholar 

  22. Ou, X., Govindavajhala, S., Appel, A.: MulVAL: a logic-based network security analyzer. In: Proceedings of the USENIX Security Symposium 2005, pp. 113–127 (2005)

    Google Scholar 

  23. Jajodia, S., Noel, S., O’Berry, B.: Topological analysis of network attack vulnerability. In: Kumar, V., Srivastava, J., Lazarevic, A. (eds.) Managing Cyber Threats Massive Computing, pp. 244–266. Springer, Boston, MA (2005)

    Google Scholar 

  24. Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, pp. 217–224. Association for Computing Machinery, New York, NY, USA (2002)

    Google Scholar 

  25. Zeng, J., Wu, S., Chen, Y., Zeng, R., Wu, C.: Survey of attack graph analysis methods from the perspective of data and knowledge processing. Secur. Commun. Netw. 2019, 1–17 (2019)

    Article  Google Scholar 

  26. Hsu, L.H., Lin, C.K.: Graph Theory and Interconnection Networks. CRC Press, Boca Raton (2019)

    MATH  Google Scholar 

  27. Ingols, K., Lippmann, R., Piwowarski, K.: Practical attack graph generation for network defense. In: Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC2006), pp. 121–130 (2006)

    Google Scholar 

  28. Kaynar, K., Sivrikaya, F.: Distributed attack graph generation. IEEE Trans. Depend. Secur. Comput. 13(5), 519–532 (2016)

    Article  Google Scholar 

  29. Bi, K., Han, D., Jun, W.: K maximum probability attack paths dynamic generation algorithm. Comput. Sci. Inform. Syst. 13(2), 677–689 (2016)

    Article  Google Scholar 

  30. Poolsappasit, N., Dewri, R., Ray, I.: Dynamic security risk management using Bayesian attack graphs. IEEE Trans. Depend. Secur. Comput. 9(1), 61–74 (2012)

    Article  Google Scholar 

  31. Jehyun L., Heejo L., Peter, H.: Scalable attack graph for risk assessment. In: Proceedings of the International Conference on Information Networking, pp. 1–5 (2009)

    Google Scholar 

  32. Dai, F., Hu, Y., Zheng, K., Wu, B.: Exploring risk flow attack graph for security risk assessment. IET Inform. Secur. 9(6), 344–353 (2015)

    Article  Google Scholar 

  33. Castellanos, J.H., Ochoa, M., Zhou, J.: Finding dependencies between cyber-physical domains for security testing of industrial control systems. In: Proceedings of the 34th Annual Computer Security Applications Conference, pp. 582–594 (2018)

    Google Scholar 

  34. Polatidis, N., Pavlidis, M., Mouratidis, H.: Cyber-attack path discovery in a dynamic supply chain maritime risk management system. Comput. Stand. Interf. 56, 74–82 (2018)

    Article  Google Scholar 

  35. Mouratidis, H., Diamantopoulou, V.: A security analysis method for industrial internet of things. IEEE Trans. Indust. Inform. 14(9), 4093–4100 (2018)

    Article  Google Scholar 

  36. Ibrahim, M., Al-Hindawi, Q., Elhafiz, R., Alsheikh, A., Alquq, O.: Attack graph implementation and visualization for cyber physical systems. Processes 8(1), 12 (2020)

    Article  Google Scholar 

  37. Bolbot, V., Theotokatos, G., Boulougouris, E., Vassalos, D.: Safety related cyber-attacks identification and assessment for autonomous inland ships. In: Proceedings of the International Seminar on Safety and Security of Autonomous Vessels (ISSAV) (2019)

    Google Scholar 

  38. Akbarzadeh, A., Katsikas, S.: Identifying critical components in large scale cyber physical systems. In: Proceedings of the 1st International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) (2020)

    Google Scholar 

  39. Shostack, A.: Threat modeling: Designing for security. John Wiley & Sons, New Jersey (2014)

    Google Scholar 

  40. Microsoft. Chapter 3 - Threat modeling (2010). https://docs.microsoft.com/en-us/previous-versions/msp-n-p/ff648644(v=pandp.10)?redirectedfrom=MSDN. Accessed 26 May 2020

  41. Zinsmaier, S.D., Langweg, H., Waldvogel, M.: A practical approach to stakeholder-driven determination of security requirements based on the GDPR and common criteria. In: Proceedings of the International Conference on Information Systems Security and Privacy ICISSP, pp. 473–480 (2020)

    Google Scholar 

  42. CASOS. http://www.casos.cs.cmu.edu/index.php. Accessed 09 Dec 2019

  43. Guide for conducting risk assessments. NIST SP 800–30 Rev. 1, National Institute of Standards and Technology, Gaithersburg MD, USA (2012)

    Google Scholar 

  44. Kavallieratos, G., Diamantopoulou, V., Katsikas, S.K.: Shipping 4.0: Security requirements for the cyber-enabled ship. IEEE Trans. Indust. Inform. 16(10), 6617–6625 (2020)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Security and Communications Technology, Norwegian University of Science and Technology, Gjøvik, Norway

    Georgios Kavallieratos & Sokratis Katsikas

  2. Open University of Cyprus, School of Pure and Applied Sciences, Latsia, Nicosia, Cyprus

    Sokratis Katsikas

Authors
  1. Georgios Kavallieratos
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sokratis Katsikas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Georgios Kavallieratos .

Editor information

Editors and Affiliations

  1. Norwegian University of Science and Technology, Gjøvik, Norway

    Sokratis Katsikas

  2. Polytechnique Montréal, Montréal, QC, Canada

    Frédéric Cuppens

  3. Polytechnique Montréal, Montréal, QC, Canada

    Nora Cuppens

  4. University of Piraeus, Piraeus, Greece

    Costas Lambrinoudakis

  5. University of the Aegean, Mytilene, Greece

    Christos Kalloniatis

  6. Department of Computer Science, University of Toronto, Toronto, ON, Canada

    John Mylopoulos

  7. Georgia Institute of Technology, Atlanta, GA, USA

    Annie Antón

  8. University of Piraeus, Piraeus, Greece

    Stefanos Gritzalis

  9. Technical University of Denmark, Lyngby, Denmark

    Weizhi Meng

  10. University of Nottingham, Nottingham, UK

    Steven Furnell

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kavallieratos, G., Katsikas, S. (2020). Attack Path Analysis for Cyber Physical Systems. In: Katsikas, S., et al. Computer Security. CyberICPS SECPRE ADIoT 2020 2020 2020. Lecture Notes in Computer Science(), vol 12501. Springer, Cham. https://doi.org/10.1007/978-3-030-64330-0_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-64330-0_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-64329-4

  • Online ISBN: 978-3-030-64330-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation