Critical Infrastructure Protection XIII

Name: Critical Infrastructure Protection XIII | 13th IFIP WG 11.10 International Conference, ICCIP 2019, Arlington, VA, USA, March 11-12, 2019, Revised Selected Papers
Brand: Springer
Price: 53.49 EUR
Availability: OnlineOnly

13th IFIP WG 11.10 International Conference, ICCIP 2019, Arlington, VA, USA, March 11-12, 2019, Revised Selected Papers

Jason Staggs Sujeet Shenoi(Editor)

Springer (Publisher)

Published on 18. November 2019

XVI, 328 pages

E-Book

PDF with digital watermarking

System requirements

978-3-030-34647-8 (ISBN)

€53.49incl. 7% vat

System requirements

for PDF with digital watermarking

E-Book Single Licence

Available for download

Description

Alles über E-Books | Antworten auf Fragen rund um E-Books, Kopierschutz und Dateiformate finden Sie in unserem Info- & Hilfebereich.

Alles über E-Books, Kopierschutz & Dateiformate finden Sie in unserem Info- & Hilfebereich.

The information infrastructure - comprising computers, embedded devices, networks and software systems - is vital to operations in every sector: chemicals, commercial facilities, communications, critical manufacturing, dams, defense industrial base, emergency services, energy, financial services, food and agriculture, government facilities, healthcare and public health, information technology, nuclear reactors, materials and waste, transportation systems, and water and wastewater systems. Global business and industry, governments, indeed society itself, cannot function if major components of the critical information infrastructure are degraded, disabled or destroyed. Critical Infrastructure Protection XIII describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated, yet practical, solutions that will help secure information, computer and network assets in the various critical infrastructure sectors. Areas of coverage include: Themes and Issues; Infrastructure Protection; Vehicle Infrastructure Security; Telecommunications Infrastructure Security; Cyber-Physical Systems Security; and Industrial Control Systems Security.

This book is the thirteenth volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection. The book contains a selection of sixteen edited papers from the Thirteenth Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, held at SRI International, Arlington, Virginia, USA in the springof 2019.

Critical Infrastructure Protection XIII is an important resource for researchers, faculty members and graduate students, as well as for policy makers, practitioners and other individuals with interests in homeland security.

More details

Other editions

Content

Intro
Contents
Contributing Authors
Preface
Part 1 THEMES AND ISSUES
1 QUANTIFYING THE COSTSOF DATA BREACHES
1. Introduction
2. Cost Function
3. 2017 Equifax Data Breach
3.1 Components Affecting Data Breach Costs
4. 2013 Target Data Breach
4.1 Components Affecting Data Breach Costs
5. Cost Impacts on Consumers
5.1 Identity Theft and Credit Card Fraud Costs
5.2 Protection and Monitoring Costs
5.3 Legal Fees
5.4 Other Costs
6. Conclusions
References
Part 2 INFRASTRUCTURE PROTECTION
2 A COMPARATIVE ANALYSIS APPROACH FOR DERIVING FAILURE SCENARIOS IN THE NATURAL GAS DISTRIBUTION INFRASTRUCTURE
1. Introduction
2. Failure Scenarios
3. Benefits of Failure Scenarios
3.1 Cyber Security Analysis
3.2 Understanding Mitigations
4. Caveats and Assumptions
5. NESCOR Failure Scenarios Report
6. Approach
7. Analysis of Scenarios by Category
7.1 Automated Meter Reading
7.2 City Gate Stations
7.3 Compressor Station
8. Lessons Learned
9. Real-World Application of Failure Scenarios
10. Related Work
11. Conclusions
Acknowledgements
References
3 AN ATTACK-FAULT TREE ANALYSIS OFA MOVABLE RAILROAD BRIDGE
1. Introduction
2. Functionality and Failures
2.1 Functionality Model and Usage Scenarios
2.2 Classification of Failures
3. Attack-FaultTree for aMovable Swing Bridge
4. Movable Swing Bridge Components
4.1 Superstructure and Substructure
4.2 Mechanical and Electrical Systems
5. Quantitative Analysis Methodology
5.1 Attack Leaf Automata
5.2 Fault Leaf Automata
6. Attack-Fault Tree Analysis
6.1 Critical Fault Path Analysis
6.2 Attacker Profile Analysis
6.3 Critical Attack Path Analysis
7. Related Work
7.1 Historical Swing Bridge Failures
7.2 Rules and Regulations
8. Conclusions
Acknowledgements
References
4 CONVERTING AN ELECTRIC POWER UTILITY NETWORK TO DEFEND AGAINST CRAFTED INPUTS
1. Introduction
2. Background and Prior Work
2.1 Language-Theoretic Security
2.2 Industrial Control Systems Security
3. Notional Architecture
4. Analysis
4.1 Protocol Coverage
4.2 Benefits
4.3 Trade-Offs
5. Triage Procedure
5.1 Protocols and Devices
5.2 Virtual Substation
5.3 Deployment
5.4 Current Status
6. Conclusions
Acknowledgement
References
5 CYBER SECURITY MODELING OF NON-CRITICAL NUCLEAR POWER PLANT DIGITAL INSTRUMENTATION
1. Introduction
2. Background and Literature Review
3. Risk-Informed Selection of Attack Paths
4. Boron Monitoring System
4.1 Experimental Setup
4.2 Cyber Attack Simulation
4.3 Experimental Results
5. Scope of Study
6. Conclusions
References
Part 3 VEHICLE INFRASTRUCTURE SECURITY
6 ELECTRONIC CONTROL UNIT DISCRIMINATION USING WIRED SIGNAL DISTINCT NATIVE ATTRIBUTES
1. Introduction
2. CAN Bus
3. Device Fingerprinting
3.1 Related Work
3.2 RF-DNA Methodology
4. Experimental Methodology
4.1 Device Under Test and Signal Collection
4.2 Signal-to-Noise Ratio Scaling
4.3 Fingerprint Generation
4.4 MDA/ML Classification and Verification
5. Experimental Results
5.1 Device Classification
5.2 Device Verification
6. Conclusions
References
7 VEHICLE IDENTIFICATION AND ROUTE RECONSTRUCTION VIA TPMS DATA LEAKAGE
1. Introduction
2. Tire Pressure Monitoring Systems
2.1 Legislation
2.2 Implementation
2.3 Attacks
2.4 Security
3. Background
3.1 Simulator for Urban Mobility
3.2 Measurement Metrics
4. Simulation Methodology
4.1 Simulation Setup
4.2 TPMS Packet Generation
4.3 Tire ID Association
4.4 Route Reconstruction
4.5 Simulation Variables
5. Simulation Results
5.1 Tire ID Association Results
5.2 Route Reconstruction Results
6. Conclusions
References
8 MODELING LIABILITY DATA COLLECTION SYSTEMS FOR INTELLIGENT TRANSPORTATION INFRASTRUCTURE USING HYPERLEDGER FABRIC
1. Introduction
2. Background
3. Related Work
4. Infrastructure Modeling and Implementation
4.1 Definitions
4.2 Implementation Platform
4.3 Frameworks and Tools
4.4 Experimental Network
4.5 Assumptions
5. Accident Data Collection
5.1 Scenario Generation
5.2 Network Data Models
5.3 Chaincode
5.4 Analysis of Data
6. Discussion
6.1 Benefits
6.2 Drawbacks and Challenges
6.3 Security and Privacy Considerations
7. Conclusions
References
Part 4 TELECOMMUNICATIONS INFRASTRUCTURE SECURITY
9 SECURING WIRELESS COPROCESSORS FROM ATTACKS IN THE INTERNET OF THINGS
1. Introduction
2. Security of Communications Stacks
3. Cellular Baseband Processors
3.1 Symbiotic System of Systems
3.2 Baseband Firmware
3.3 Baseband Architectures
3.4 Serial Communications Protocols
4. Securing the Baseband Processor
4.1 Retrofitting Security
4.2 AT Command Filtering
5. Baseband Processor Exploitation
5.1 AT Command Exploitation Methodology
6. AT Command Intrusion Prevention System
6.1 AT Command Syntax
6.2 Design and Implementation
6.3 Intrusion Prevention System
7. Experimental Analysis and Testing
8. Conclusions
References
10 VULNERABILITY ASSESSMENT OF INFINIBAND NETWORKING
1. Introduction
2. Background
2.1 InfiniBand
2.2 InfiniBand Terminology
2.3 InfiniBand Security Features
2.4 Cyber Vulnerability Assessment
2.5 InfiniBand Security Research
3. Methodology
3.1 Equipmental Setup
3.2 Approach
3.3 Cyber Attacks
4. Experimental Results and Analysis
4.1 Malicious Firmware Installation
4.2 OFED Diagnostic Tools
4.3 Address Spoofing
4.4 Network Traffic Sniffing
4.5 Network Mapping
4.6 Malicious Subnet Manager
4.7 Denial-of-Service Attacks
5. Conclusions
References
Part 5 CYBER-PHYSICALSYSTEMS SECURITY
11 LEVERAGING CYBER-PHYSICAL SYSTEM HONEYPOTS TO ENHANCE THREAT INTELLIGENCE
1. Introduction
2. Industrial Control Systems
3. Honeypots and Honeynets
4. Security Onion
5. High-Interaction Honeypot Data Collection
6. Virtual Networks with IMUNES
7. Shodan Search Engine
8. Requirements and Prototype Architecture
8.1 Next Generation Honeynet Requirements
8.2 Proposed Honeynet Design
8.3 Honeypots
8.4 Simulated Physical Process
8.5 Honeywall Design
9. Results and Analysis
9.1 Modbus Scanning via Shodan
9.2 Brute Force Login Attacks
10. Conclusions
References
12 DYNAMIC REPAIR OF MISSION CRITICAL APPLICATIONS WITH RUNTIME SNAP-INS
1. Introduction
2. Snap-in Overview
2.1 ELF Files
2.2 Mapping Data
2.3 Snap-In Controller
3. Snap-In Toolkit
3.1 Searching Executables
3.2 Creating Patches
3.3 Creating a Replacement Table
3.4 Installing Patches
3.5 Authorizing Updates
4. Related Work
5. Next Steps
6. Conclusions
Acknowledgement
References
13 DATA-DRIVEN FIELD MAPPING OF SECURITY LOGS FOR INTEGRATED MONITORING
1. Introduction
2. Related Work
3. Analysis of Field Characteristics
3.1 Target Fields in Security Logs
3.2 Field Categories in Security Logs
3.3 Syntax of Field Categories
3.4 Semantics of Field Categories
4. Mapping Security Logs to Field Categories
4.1 Overview
4.2 Phase 1: Field Preparation
4.3 Phase 2: Field Analysis
4.4 Phase 3: Field Mapping
5. Discussion
6. Conclusions
References
Part 6 INDUSTRIAL CONTROLSYSTEMS SECURITY
14 MODELING AND MACHINE-CHECKING BUMP-IN-THE-WIRE SECURITY FOR INDUSTRIAL CONTROL SYSTEMS
1. Introduction
2. Background
2.1 Industrial Control System Security
2.2 seL4 and CAmkES
2.3 TLA+ and PlusCal
3. Related Work
4. Security Preprocessor Checking Using TLA+
4.1 System Modeling
4.2 Invariants and Liveness Guarantees
4.3 Specifying and Checking Properties
4.4 Checking Modbus Properties
4.5 Checking Cryptographic Properties
5. Discussion
6. Conclusions
References
15 DEFINING ATTACK PATTERNS FOR INDUSTRIAL CONTROL SYSTEMS
1. Introduction
2. Related Work
3. Attack Patterns
3.1 Design Patterns
3.2 Attack Pattern Usage
3.3 System Comparison
4. Attack Pattern Classification
4.1 Information Collection and Analysis
4.2 Injection
4.3 Denial-of-Service
4.4 System Resource Manipulation
4.5 Sensor Manipulation
5. Elevator System Case Study
5.1 Security Test Cases
5.2 Results
6. Conclusions
References
16 AN INCIDENT RESPONSE MODEL FOR INDUSTRIAL CONTROL SYSTEM FORENSICS BASED ON HISTORICAL EVENTS
1. Introduction
2. Forensic Challenges
3. Industrial Control Networks
4. Literature Review
5. Classification of Incidents
5.1 General Computer Malware
5.2 Unauthorized Access
5.3 Industrial Control System Malware
5.4 Accidents
6. Refined Incident Response Model
6.1 Traditional Forensics
6.2 Industrial Control System Forensics
7. Discussion
8. Conclusions
References

System requirements

Save as PDF Copy link into clipboard

Schweitzer Fachinformationen

Critical Infrastructure Protection XIII

Description

More details

Other editions

Additional editions

Content

System requirements