Visible to the public Towards Modeling Attacker’s Opportunity for Improving Cyber Resilience in Energy Delivery Systems

TitleTowards Modeling Attacker’s Opportunity for Improving Cyber Resilience in Energy Delivery Systems
Publication TypeConference Paper
Year of Publication2018
AuthorsUllah, S., Shetty, S., Hassanzadeh, A.
Conference Name2018 Resilience Week (RWS)
Keywordscriticality metric, Cyber Resiliency, defense-in-depth architecture, EDS cyber infrastructure, energy delivery systems, Firewalls (computing), graph spectral matrices, graph theory, host criticality, Indexes, information flow dependency, lateral propagation, Mathematical model, Measurement, metric measure, model attacker, pubcrawl, resilience, Resiliency, resilient cyber infrastructure, Resilient Security Architectures, secure cyber infrastructure, security of data, Servers, system design, Workstations
AbstractCyber resiliency of Energy Delivery Systems (EDS) is critical for secure and resilient cyber infrastructure. Defense-in-depth architecture forces attackers to conduct lateral propagation until the target is compromised. Researchers developed techniques based on graph spectral matrices to model lateral propagation. However, these techniques ignore host criticality which is critical in EDS. In this paper, we model attacker's opportunity by developing three criticality metrics for each host along the path to the target. The first metric refers the opportunity of attackers before they penetrate the infrastructure. The second metric measure the opportunity a host provides by allowing attackers to propagate through the network. Along with vulnerability we also take into account the attributes of hosts and links within each path. Then, we derive third criticality metric to reflect the information flow dependency from each host to target. Finally, we provide system design for instantiating the proposed metrics for real network scenarios in EDS. We present simulation results which illustrates the effectiveness of the metrics for efficient defense deployment in EDS cyber infrastructure.
DOI10.1109/RWEEK.2018.8473511
Citation Keyullah_towards_2018