Optimal security hardening over a probabilistic attack graph: a case study of an industrial control system using the CySecTool tool

by   Przemysław Buczkowski, et al.

CySecTool is a tool that finds a cost-optimal security controls portfolio in a given budget for a probabilistic attack graph. A portfolio is a set of counter-measures, or controls, against vulnerabilities adopted for a computer system, while an attack graph is a type of a threat scenario model. In an attack graph, nodes are privilege states of the attacker, edges are vulnerabilities escalating privileges, and controls reduce the probabilities of some vulnerabilities being exploited. The tool builds on an optimisation algorithm published by Khouzani et al. (2019), enabling a user to quickly create, edit, and incrementally improve models, analyse results for given portfolios and display the best solutions for all possible budgets in the form of a Pareto frontier. A case study was performed utilising a system graph and suspected attack paths prepared by industrial security engineers based on an industrial source with which they work. The goal of the case study is to model a supervisory control and data acquisition (SCADA) industrial system which, due to having the potential to harm people, necessitates strong protection while not allowing the use of typical penetration tools like vulnerability scanners. Results are analysed to show how a cyber-security analyst would use CySecTool to store cyber-security intelligence and draw further conclusions.


page 1

page 2

page 3

page 4


A Diversity-based Substation Cyber Defense Strategy utilizing Coloring Games

Growing cybersecurity risks in the power grid require that utilities imp...

The Generation of Security Scoring Systems Leveraging Human Expert Opinion

While the existence of many security elements can be measured (e.g., vul...

FASHION: Functional and Attack graph Secured HybrId Optimization of virtualized Networks

Maintaining a resilient computer network is a delicate task with conflic...

ICSrange: A Simulation-based Cyber Range Platform for Industrial Control Systems

Maintenance staff of Industrial Control Systems (ICS) is generally not a...

URSID: Using formalism to Refine attack Scenarios for vulnerable Infrastructure Deployment

In this paper we propose a novel way of deploying vulnerable architectur...

Attack RMSE Leaderboard: An Introduction and Case Study

In this manuscript, we briefly introduce several tricks to climb the lea...

Classification of Industrial Control Systems screenshots using Transfer Learning

Industrial Control Systems depend heavily on security and monitoring pro...

Please sign up or login with your details

Forgot password? Click here to reset