Vulnerability Assessment for ICS system Based on Zero-day Attack Graph

机译：基于零天攻击图的ICS系统漏洞评估

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

The numerous attacks on ICS systems have made severe threats to critical infrastructure. Extensive studies have focussed on the risk assessment of discovering vulnerabilities. However, to identify Zero-day vulnerabilities is challenging because they are unknown to defenders. Here we sought to measure ICS system zero-day risk by building an enhanced attack graph for expected attack path exploiting zero-day vulnerability. In this study, we define the security metrics of Zero-day vulnerability for an ICS. Then we created a Zero-day attack graph to guide how to harden the system by measuring attack paths that exploiting zero-day vulnerabilities. Our studies identify the vulnerability assessment method on ICS systems considering Zero-day Vulnerability by zero-day attack graph. Together, our work is essential to ICS systems security. By assessing unknown vulnerability risk to close the imbalance between attackers and defenders.

机译：对ICS系统的众多攻击对关键基础设施产生了严重的威胁。广泛的研究侧重于发现脆弱性的风险评估。但是，为了识别零天漏洞是具有挑战性的，因为他们对防御者不为人知。在这里，我们试图通过为预期攻击路径进行利用零天漏洞构建增强的攻击图来测量ICS系统零日风险。在本研究中，我们为ICS定义了零天漏洞的安全度量。然后我们创建了一个零天攻击图，以指导如何通过测量利用零天漏洞的攻击路径来硬化系统。我们的研究确定了零日攻击图的零天漏洞的ICS系统上的漏洞评估方法。我们的工作在一起对ICS系统安全至关重要。通过评估未知的漏洞风险，以缩小攻击者和捍卫者之间的不平衡。

著录项

来源
《International Conference on Intelligent Computing, Automation and Systems》|2020年|1-5|共5页
会议地点
作者
Wenhui Wang; Liandong Chen; Longxi Han; Zhihong Zhou; Zhengmin Xia; Xiuzhen Chen;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Integrated circuits; Measurement; Automation; Buildings; Critical infrastructure; Security; Risk management;

机译：集成电路;测量;自动化;建筑物;关键基础设施;安全;风险管理;

相似文献

外文文献
中文文献
专利

1. QUANTITATIVE ASSESSMENT FOR THE VULNERABILITY OF CYBER-PHYSICAL SYSTEM BASED ON ATTACK GRAPH [J] . Jiahui Huang, Dongqin Feng International Journal of Electrical Engineering: Transactions of the Chinese Institute of Engineers, Series E . 2015,第6期

机译：基于攻击图的网络物理系统易损性定量评估
2. Windows Based Data Sets for Evaluation of Robustness of Host Based Intrusion Detection Systems (IDS) to Zero-Day and Stealth Attacks [J] . Waqas Haider, Gideon Creech, Yi Xie, Future Internet . 2016,第3期

机译：基于Windows的数据集，用于评估基于主机的入侵检测系统（IDS）对零日攻击和隐形攻击的鲁棒性
3. FGMC-HADS: Fuzzy Gaussian mixture-based correntropy models for detecting zero-day attacks from linux systems [J] . Waqas Haider, Nour Moustafa, Marwa Keshk, Computers & Security . 2020,第Sepa期

机译：FGMC - HATS：基于模糊的高斯混合的矫正模型，用于检测Linux系统的零日攻击
4. Zero-Day Vulnerability Risk Assessment and Attack Path Analysis Using Security Metric [C] . Ziwei Ye, Yuanbo Guo, Ankang Ju . 2019

机译：零日漏洞风险评估和使用安全指标的攻击路径分析
5. Zero-day Attack Identification in Streaming Data: Nearest Neighbor Heuristics and Dynamic Semantic Network Generation in the Spark Eco-system [D] . Pallaprolu, Sai Chaithanya. 2017

机译：流数据中的零日攻击识别：Spark生态系统中的最近邻居启发式算法和动态语义网络生成
6. Vulnerability Assessment of IPv6 Websites to SQL Injection and Other Application Level Attacks [O] . Ying-Chiang Cho, Jen-Yi Pan 2013

机译：IPv6网站对SQL注入和其他应用程序级别攻击的漏洞评估
7. Windows Based Data Sets for Evaluation of Robustness of Host Based Intrusion Detection Systems (IDS) to Zero-Day and Stealth Attacks [O] . Waqas Haider, Gideon Creech, Yi Xie, 2016

机译：基于Windows的数据集，用于评估基于主机的入侵检测系统（IDs）对零日和隐身攻击的稳健性

Vulnerability Assessment for ICS system Based on Zero-day Attack Graph

摘要

著录项

相似文献

相关主题

期刊订阅