Li, Tingting  ORCID: https://orcid.org/0000-0002-9448-1655 and Hankin, Chris
2017.
Effective defence against zero-day exploits using Bayesian networks.
Presented at: 11th International Conference, Critical Information Infrastructures Security, CRITIS,
Paris, France,
10–12 Oct 2016.
Critical Information Infrastructures Security.
Lecture Notes in Artificial Intelligence.
, vol.10242
Springer Verlag,
pp. 123-136.
10.1007/978-3-319-71368-7_11
|
Abstract
Industrial Control Systems (ICS) play a crucial role in controlling industrial processes. Unlike conventional IT systems or networks, cyber attacks against ICS can cause destructive physical damage. Zero-day exploits (i.e. unknown exploits) have demonstrated their essential contributions to causing such damage by Stuxnet. In this work, we investigate the possibility of improving the tolerance of a system against zero-day attacks by defending against known weaknesses of the system. We first propose a metric to measure the system tolerance against zero-day attacks, which is the minimum effort required by zero-day exploits to compromise a system. We then apply this metric to evaluate different defensive plans to decide the most effective one in maximising the system tolerance against zero-day attacks. A case study about ICS security management is demonstrated in this paper.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Date Type: | Published Online |
| Status: | Published |
| Schools: | Computer Science & Informatics |
| Publisher: | Springer Verlag |
| ISBN: | 9783319713670 |
| ISSN: | 0302-9743 |
| Last Modified: | 07 Nov 2022 10:03 |
| URI: | https://orca.cardiff.ac.uk/id/eprint/130991 |
Citation Data
Cited 7 times in Scopus. View in Scopus. Powered By Scopus® Data
Actions (repository staff only)
 |
Edit Item |
Dimensions
Dimensions
Cardiff University Information Services