| Title | Risk Assessment of Industrial Internet System By Using Game-Attack Graphs |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Yang, Shiman, Shi, Yijie, Guo, Fenzhuo |
| Conference Name | 2019 IEEE 5th International Conference on Computer and Communications (ICCC) |
| Keywords | asset threat list, attack graph, Attack Graphs, Attack Path, attack rule base, attribute attack graph, communication protocols, composability, game theory, game-attack graph-based risk assessment model, graph theory, industrial control, industrial internet system, Internet, Nash equilibrium, nondestructive asset profiling, open services, Predictive Metrics, probability, Protocols, pubcrawl, Resiliency, risk analysis, risk assessment, risk management, scan components, search engine keyword segment matching method, search engines, security, security of data |
| Abstract | In this paper, we propose a game-attack graph-based risk assessment model for industrial Internet system. Firstly, use non-destructive asset profiling to scan components and devices included in the system and their open services and communication protocols. Further compare the CNVD and CVE to find the vulnerability through the search engine keyword segment matching method, and generate an asset threat list. Secondly, build the attack rule base based on the network information, and model the system using the attribute attack graph. Thirdly, combine the game theory with the idea of the established model. Finally, optimize and quantify the analysis to get the best attack path and the best defense strategy. |
| DOI | 10.1109/ICCC47050.2019.9064444 |
| Citation Key | yang_risk_2019 |
Risk Assessment of Industrial Internet System By Using Game-Attack Graphs