Development of methodological foundations for designing a classifier of threats to cyberphysical systems

Authors

DOI:

https://doi.org/10.15587/1729-4061.2020.205702

Keywords:

synergetic model of threats, classifier of threats of cyberphysical systems, information security, cybersecurity

Abstract

The emergence of a full-scale quantum computer questions the stability of almost all symmetric and asymmetric cryptography algorithms. At the same time, the rapid growth of computing resources of IT and “G” technologies contributes to an increase in attacks on information and communication (ICS) and cyberphysical systems (CPS). These systems are the core of modern critical cybernetic information systems (CCIS). In such conditions, the primary task of maintaining the required level of security is the classification of modern threats that are integrated with social engineering methods and acquire signs of synergy and hybridity. The paper proposes a synergistic model of threats to ICS/CPS, which takes into account the focus of threats on synergy and hybridity, and the combined impact of security components: information security (IS), cybersecurity (CS), security of information (SI). This approach allows developing methodological foundations for building a unified classifier of threats to cyberphysical systems, forming sets of critical threats, critical points in the ICS/CPS infrastructure elements, based on minimal computing, human and economic costs. The developed methodology for determining the category of an attacker allows systematizing an attacker and, based on the analysis of weighting factors, forming a matrix of correspondence between the capabilities of attackers of various categories and technical means of information security (TMIS). These actions significantly reduce the risk of an attack by certain categories of attackers and allow for planning in the formation of both the IS policy and the corresponding protection profiles.

Author Biographies

Olexander Shmatko, National Technical University "Kharkiv Polytechnic Institute" Kyrpychova str., 2, Kharkiv, Ukraine, 61002

PhD, Associate Professor

Department of Software Engineering and Management Information Technologies

Svitlana Balakireva, Ivan Kozhedub Kharkiv National Air Force University Sumska str., 77/79, Kharkiv, Ukraine, 61023

PhD

Air Force Science Center

Andrii Vlasov, Ivan Kozhedub Kharkiv National Air Force University Sumska str., 77/79, Kharkiv, Ukraine, 61023

PhD

Air Force Science Center

Nataliya Zagorodna, Ternopil Ivan Puluj National Technical University Ruska str., 56, Ternopil, Ukraine, 46001

PhD, Associate Professor

Department of Cybersecurity

Olha Korol, Simon Kuznets Kharkiv National University of Economics Nauky аve., 9-А, Kharkiv, Ukraine, 61166

PhD, Associate Professor

Department of Cyber Security and Information Technology

Oleksandr Milov, Simon Kuznets Kharkiv National University of Economics Nauky аve., 9-А, Kharkiv, Ukraine, 61166

PhD, Professor

Department of Cyber Security and Information Technology

Oleksii Petrov, Ivan Kozhedub Kharkiv National Air Force University Sumska str., 77/79, Kharkiv, Ukraine, 61023

PhD

Department of ACS Mathematical and Software Support

Serhii Pohasii, Simon Kuznets Kharkiv National University of Economics Nauky аve., 9-А, Kharkiv, Ukraine, 61166

PhD

Department of Cyber Security and Information Technology

Khazail Rzayev, Azerbaijan State Oil and Industry University Azadlyg ave., 20, Baku, Azerbaijan, AZ1010

PhD, Associate Professor

Department of Computer Technology and Programming

Vladyslav Khvostenko, Simon Kuznets Kharkiv National University of Economics Nauky аve., 9-А, Kharkiv, Ukraine, 61166

PhD, Associate Professor, Patent Attorney of Ukraine

Department of Cyber Security and Information Technology

References

  1. Alguliyev, R., Imamverdiyev, Y., Sukhostat, L. (2018). Cyber-physical systems and their security issues. Computers in Industry, 100, 212–223. doi: https://doi.org/10.1016/j.compind.2018.04.017
  2. Cárdenas, A. A., Amin, S., Lin, Z.-S., Huang, Y.-L., Huang, C.-Y., Sastry, S. (2011). Attacks against process control systems. Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security - ASIACCS ’11. doi: https://doi.org/10.1145/1966913.1966959
  3. Gollmann, D. (2013). Security for Cyber-Physical Systems. Lecture Notes in Computer Science, 12–14. doi: https://doi.org/10.1007/978-3-642-36046-6_2
  4. Cardenas, A., Amin, S., Sinopoli, B., Giani, A., Perrig, A., Sastry, S. (2009). Challenges for securing cyber physical systems. Workshop on future directions in cyber-physical systems security.
  5. Pfleeger, C. P., Pfleeger, S. L. (2006). Security in Computing. Prentice Hall, 880.
  6. Cebula, J. J., Young, L. R. (2010). A taxonomy of operational cyber security risks. Technical report, DTIC Document.
  7. Kang, D.-J., Lee, J.-J., Kim, S.-J., Park, J.-H. (2009). Analysis on cyber threats to SCADA systems. 2009 Transmission & Distribution Conference & Exposition: Asia and Pacific. doi: https://doi.org/10.1109/td-asia.2009.5357008
  8. Nicholson, A., Webber, S., Dyer, S., Patel, T., Janicke, H. (2012). SCADA security in the light of Cyber-Warfare. Computers & Security, 31 (4), 418–436. doi: https://doi.org/10.1016/j.cose.2012.02.009
  9. Guide for conducting risk assessments (2012). NIST. doi: https://doi.org/10.6028/nist.sp.800-30r1
  10. Cyber threat source descriptions. US-CERT. Available at: https://ics-cert.us-cert.gov/content/cyber-threat-source-descriptions
  11. Milov, O., Korol, O., Khvostenko, V. (2019). Development of the classification of the cyber security agents bounded rationality. Control, Navigation and Communication Systems. Academic Journal, 4 (56), 82–90. doi: https://doi.org/10.26906/sunz.2019.4.082
  12. Yevseiev, S. (2017). Intruder model of access rights in the automated banking system based on a synergistic approach. Naukovo-tekhnichnyi zhurnal “Informatsiyna bezpeka”, 2 (26), 110–120.
  13. Kravets, D. (2009). Feds: Hacker disabled offshore oil platforms’ leak-detection system. Available at: https://www.wired.com/2009/03/feds-hacker-dis/
  14. Chattopadhyay, A., Prakash, A., Shafique, M. (2017). Secure Cyber-Physical Systems: Current trends, tools and open research problems. Design, Automation & Test in Europe Conference & Exhibition (DATE), 2017. doi: https://doi.org/10.23919/date.2017.7927154
  15. Dell security annual threat report. Available at: https://proconics.co.za/wp-content/uploads/2017/10/2425.pdf
  16. Walker, J. J. (2012). Cyber Security Concerns for Emergency Management. Emergency Management. doi: https://doi.org/10.5772/34104
  17. Ali, N. S. (2016). A four-phase methodology for protecting web applications using an effective real-time technique. International Journal of Internet Technology and Secured Transactions, 6 (4), 303. doi: https://doi.org/10.1504/ijitst.2016.10003854
  18. Park, K.-J., Zheng, R., Liu, X. (2012). Cyber-physical systems: Milestones and research challenges. Computer Communications, 36 (1), 1–7. doi: https://doi.org/10.1016/j.comcom.2012.09.006
  19. Hansman, S., Hunt, R. (2005). A taxonomy of network and computer attacks. Computers & Security, 24 (1), 31–43. doi: https://doi.org/10.1016/j.cose.2004.06.011
  20. Goel, S., Chen, V. (2005). Information security risk analysis – a matrix-based approach. Proceedings of the Information Resource Management Association (IRMA) International Conference. San Diego.
  21. Kjaerland, M. (2006). A taxonomy and comparison of computer security incidents from the commercial and government sectors. Computers & Security, 25 (7), 522–538. doi: https://doi.org/10.1016/j.cose.2006.08.004
  22. Blackwell, C. (2010). A security ontology for incident analysis. Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research - CSIIRW ’10. doi: https://doi.org/10.1145/1852666.1852717
  23. Yevseiev, S., Karpinski, M., Shmatko, O., Romashchenko, N., Gancarczyk, T. (2019). Methodology of the cyber security threats risk assessment based on the fuzzy-multiple approach. 19th International Multidisciplinary Scientific GeoConference (SGEM 2019). Sofia, 437.
  24. Pollock, G. M., Atkins, W. D., Schwartz, M. D., Chavez, A. R., Urrea, J. M., Pattengale, N. et. al. (2010). Modeling and simulation for cyber-physical system security research, development and applications. doi: https://doi.org/10.2172/1028942
  25. Ahmad, R., Yunos, Z. (2012). A dynamic cyber terrorism framework. International Journal of Computer Science and Information Security, 10 (2), 149–158.
  26. Loukas, G., Gan, D., Vuong, T. (2013). A taxonomy of cyber attack and defence mechanisms for emergency management networks. 2013 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops). doi: https://doi.org/10.1109/percomw.2013.6529554
  27. Framework for Improving Critical Infrastructure Cybersecurity. Version 1.0 (2014). National Institute of Standards and Technology. Available at: http://securityaffairs.co/Downloads/cybersecurity-framework-021214-final.pdf
  28. Hughes, J., Cybenko, G. (2014). Three tenets for secure cyber-physical system design and assessment. Cyber Sensing 2014. doi: https://doi.org/10.1117/12.2053933
  29. Buchyk, S. (2016). The methodology of analysis of risks of tree that identifiers the state informative resources. Ukrainian Information Security Research Journal, 18 (1), 81–89. doi: https://doi.org/10.18372/2410-7840.18.10116
  30. Yevseiev, S., Rzayev, K., Mammadova, T., Samedov, F., Romashchenko, N. (2018). Classification of cyber cruise of informational resources of automated banking systems. Cybersecurity: Education, Science, Technique, 2 (2), 47–67. doi: https://doi.org/10.28925/2663-4023.2018.2.4767
  31. Chen, L., Jordan, S., Liu, Y.-K., Moody, D., Peralta, R., Perlner, R., Smith-Tone, D. (2016). Report on Post-Quantum Cryptography. NIST. doi: https://doi.org/10.6028/nist.ir.8105
  32. Nurdinov, R. A., Batova, T. N. (2013). Approaches and methods of rationale choosing of information protection facilities. Sovremennye problemy nauki i obrazovaniya, 2, 395. Available at: https://www.elibrary.ru/item.asp?id=21285749
  33. Katorin, Yu. F., Nurdinov, R. A., Zaytseva, N. M. (2015). Model' kolichestvennoy otsenki riskov bezopasnosti informatsionnoy sistemy. Vestnik mezhdunarodnyh nauchnyh konferentsiy, 12 (16), 77–86. Available at: https://www.elibrary.ru/item.asp?id=25663945
  34. Howard, J. (1997). An Analysis of Security Incidents on the Internet 1989–1995. Pennsylvania. Available at: https://resources.sei.cmu.edu/asset_files/WhitePaper/1997_019_001_52455.pdf

Downloads

Published

2020-06-30

How to Cite

Shmatko, O., Balakireva, S., Vlasov, A., Zagorodna, N., Korol, O., Milov, O., Petrov, O., Pohasii, S., Rzayev, K., & Khvostenko, V. (2020). Development of methodological foundations for designing a classifier of threats to cyberphysical systems. Eastern-European Journal of Enterprise Technologies, 3(9 (105), 6–19. https://doi.org/10.15587/1729-4061.2020.205702

Issue

Vol. 3 No. 9 (105) (2020): Information and controlling system

Section

Information and controlling system

License

Copyright (c) 2020 Olexander Shmatko, Svitlana Balakireva, Andrii Vlasov, Nataliya Zagorodna, Olha Korol, Oleksandr Milov, Oleksii Petrov, Serhii Pohasii, Khazail Rzayev, Vladyslav Khvostenko

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.