Abstract
In recent digital evolution years, cyber-terrorist activity is increasingly rising all over the world deploying new methods, using advanced technologies and sophisticated weapons. A potential terrorist attack on a large commercial Port could lead to dramatic losses. This work aims to illustrate methods for recognizing cyber-threats and security weaknesses on the ports’ Critical Infrastructures and explores how these issues can be systematically exploited to harm ports and their vicinity. To this end, we follow an asset-centric approach, which employs knowledge representation techniques, to detect vulnerability chains and possible attack-paths on ports’ assets. Considering the results, a realistic coordinated cyber-attack scenario on the application case of the Cruise Vessel Traffic Service is presented to show how cyber-attacks can be realized by terrorists on commercial ports.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
The Risk of Cyber-Attack to the Maritime Sector. http://www.ahcusa.org/uploads/2/1/9/8/21985670/the_risk_of_cyber-attack_to_the_maritime_sector-07-2014.pdf. Accessed 11 Apr 2018
Roell, P.: Maritime Terrorism. A threat to world trade? https://www.files.ethz.ch/isn/110282/MaritimeTerrorism.pdf. Accessed 11 Apr 2018
Bowen, C., Fidgeon, P., Page, S.J.: Maritime tourism and terrorism: customer perceptions of the potential terrorist threat to cruise shipping. CI in Tourism 17(7), 610–639 (2014)
Shahir, H.Y., Glasser, U., Shahir, A.Y., Wehn, H.: Maritime situation analysis framework: vessel interaction classification and anomaly detection. In: 2015 IEEE International Conference on Big Data, Santa Clara, CA, pp. 1279–1289 (2015). https://doi.org/10.1109/BigData.2015.7363883
Bueger, C.: What is maritime security? Mar. Policy 53, 159–164 (2015)
Kalogeraki, E.-M., Apostolou, D., Polemi, N., Papastergiou, S.: Knowledge management methodology for identifying threats in maritime/logistics supply chains. In: Durtst, S., Evangelista, P. (eds.) (SI) “Logistics Knowledge Management: State of the Art and Future Perspectives”, Knowledge Management Research and Practice Journal. Taylor and Francis (2018). ISSN: 1477-8238 (Print). ISSN: 1477-8246. https://doi.org/10.1080/14778238.2018.1486789
Papastergiou, S., Polemi, N.: MITIGATE: a dynamic supply chain cyber risk assessment methodology. In: Yang, X.-S., Nagar, A.K., Joshi, A. (eds.) Smart Trends in Systems, Security and Sustainability. LNNS, vol. 18, pp. 1–9. Springer, Singapore (2018). https://doi.org/10.1007/978-981-10-6916-1_1
Polatidis, N., Pimenidis, E., Pavlidis, M., Papastergiou, S., Mouratidis, H.: From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks. Evol. Syst., 1–12 (2018). Springer-Verlag GmbH, Germany. ISSN: 1868-6478. https://doi.org/10.1007/s12530-018-9234-z
SAURON Homepage. https://www.sauronproject.eu/. Accessed 11 Apr 2018
Patterson, M.R., Patterson, S.J.: Unmanned systems: an emerging threat to waterside security: bad robots are coming. In: 2010 International WaterSide Security Conference, Carrara, pp. 1–7 (2010). https://doi.org/10.1109/WSSC.2010.5730271
Wagner, S.M., Neshat, N.: Assessing the vulnerability of supply chains using graph theory. Int. J. Prod. Econ. 126(1), 121–129 (2010)
Liu, H., Tian, Z., Huang, A., Yang, Z.: Analysis of vulnerabilities in maritime supply chains. Reliab. Eng. Syst. Saf. 169, 475–484 (2018)
Ou, X., Singhal, A.: Attack graph techniques. In: Ou, X., Singhal, A. (eds.) Quantitative Security Risk Assessment of Enterprise Networks. SpringerBriefs in Computer Science, pp. 5–8. Springer, New York (2012). https://doi.org/10.1007/978-1-4614-1860-3_2
Bou-Harb, E., Kaisar, E.I., Austin, M.: On the impact of empirical attack models targeting marine transportation. In: Proceedings of the 5th IEEE International Conference on Models and Technologies for Intelligent Transportation Systems, MT-ITS 2017, Naples, pp. 200–205 (2017). https://doi.org/10.1109/MTITS.2017.8005665
Gao, N., He, Y., Ling, B.: Exploring attack graphs for security risk assessment: a probabilistic approach. Wuhan Univ. J. Nat. Sci. 23(2), 171–177 (2018)
Kaynar, K., Sivrikaya, F.: Distributed attack graph generation. IEEE Trans. Dependable Secure Comput. 13(5), 519–532 (2016)
Almohri, H.M.J., Watson, L.T., Yao, D., Ou, X.: Security optimization of dynamic networks with probabilistic graph modeling and linear programming. IEEE Trans. Dependable Secure Comput. 13(4), 474–487 (2016)
Bi, K., Han, D., Wang, J.: K maximum probability attack paths dynamic generation algorithm. Comput. Sci. Inf. Syst. 13(2), 677–689 (2016)
Ghiran, A.-M., Buchmann, R.A., Osman, C.-C.: Security requirements elicitation from engineering governance, risk management and compliance. In: Kamsties, E., Horkoff, J., Dalpiaz, F. (eds.) REFSQ 2018. LNCS, vol. 10753, pp. 283–289. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-77243-1_17
ISO/IEC 27001:2013: Information technology – Security techniques – Information security management systems – Requirements, ISO/IEC
ISO 28000:2007: Specification for security management systems for the supply chain, Geneva, Switzerland: ISO/IEC
National Institute of Standards and Technology. https://nvd.nist.gov/. Accessed 11 Apr 2018
Common Vulnerabilities and Exposures. https://cve.mitre.org/. Accessed 11 Apr 2018
Acknowledgements
This work has been partially supported by the University of Piraeus Research Centre and the European Union’s Horizon 2020 project “SAURON” under grant agreement No 740477 addressing the topic CIP-01-2016-2017. The authors would like to thank all project members for their valuable insights. Finally, special thanks to the University of Piraeus, Research Centre for its continuous support.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Kalogeraki, E.M., Papastergiou, S., Polemi, N., Douligeris, C., Panayiotopoulos, T. (2018). Exploring Cyber-Security Issues in Vessel Traffic Services. In: Liu, W., Giunchiglia, F., Yang, B. (eds) Knowledge Science, Engineering and Management. KSEM 2018. Lecture Notes in Computer Science(), vol 11061. Springer, Cham. https://doi.org/10.1007/978-3-319-99365-2_39
Download citation
DOI: https://doi.org/10.1007/978-3-319-99365-2_39
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-99364-5
Online ISBN: 978-3-319-99365-2
eBook Packages: Computer ScienceComputer Science (R0)