| Title | Vulnerability Assessment for ICS system Based on Zero-day Attack Graph |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Wang, Wenhui, Chen, Liandong, Han, Longxi, Zhou, Zhihong, Xia, Zhengmin, Chen, Xiuzhen |
| Conference Name | 2020 International Conference on Intelligent Computing, Automation and Systems (ICICAS) |
| Date Published | Dec. 2020 |
| Publisher | IEEE |
| ISBN Number | 978-1-7281-9085-3 |
| Keywords | attack graph, Automation, Buildings, Computing Theory, critical infrastructure, ICs, integrated circuits, Measurement, Metrics, pubcrawl, risk management, security, security metric, security metrics, unknown vulnerability, vulnerability assessment, Zero-Day |
| Abstract | The numerous attacks on ICS systems have made severe threats to critical infrastructure. Extensive studies have focussed on the risk assessment of discovering vulnerabilities. However, to identify Zero-day vulnerabilities is challenging because they are unknown to defenders. Here we sought to measure ICS system zero-day risk by building an enhanced attack graph for expected attack path exploiting zero-day vulnerability. In this study, we define the security metrics of Zero-day vulnerability for an ICS. Then we created a Zero-day attack graph to guide how to harden the system by measuring attack paths that exploiting zero-day vulnerabilities. Our studies identify the vulnerability assessment method on ICS systems considering Zero-day Vulnerability by zero-day attack graph. Together, our work is essential to ICS systems security. By assessing unknown vulnerability risk to close the imbalance between attackers and defenders. |
| URL | https://ieeexplore.ieee.org/document/9402814 |
| DOI | 10.1109/ICICAS51530.2020.00009 |
| Citation Key | wang_vulnerability_2020 |
Vulnerability Assessment for ICS system Based on Zero-day Attack Graph