Effective defence against zero-day exploits using Bayesian networks

Li, Tingting ORCID: https://orcid.org/0000-0002-9448-1655 and Hankin, Chris 2017. Effective defence against zero-day exploits using Bayesian networks. Presented at: 11th International Conference, Critical Information Infrastructures Security, CRITIS, Paris, France, 10–12 Oct 2016. Critical Information Infrastructures Security. Lecture Notes in Artificial Intelligence. , vol.10242 Springer Verlag, pp. 123-136. 10.1007/978-3-319-71368-7_11

Full text not available from this repository.

Abstract

Industrial Control Systems (ICS) play a crucial role in controlling industrial processes. Unlike conventional IT systems or networks, cyber attacks against ICS can cause destructive physical damage. Zero-day exploits (i.e. unknown exploits) have demonstrated their essential contributions to causing such damage by Stuxnet. In this work, we investigate the possibility of improving the tolerance of a system against zero-day attacks by defending against known weaknesses of the system. We first propose a metric to measure the system tolerance against zero-day attacks, which is the minimum effort required by zero-day exploits to compromise a system. We then apply this metric to evaluate different defensive plans to decide the most effective one in maximising the system tolerance against zero-day attacks. A case study about ICS security management is demonstrated in this paper.

Item Type:	Conference or Workshop Item (Paper)
Date Type:	Published Online
Status:	Published
Schools:	Schools > Computer Science & Informatics
Publisher:	Springer Verlag
ISBN:	9783319713670
ISSN:	0302-9743
Last Modified:	07 Nov 2022 10:03
URI:	https://orca.cardiff.ac.uk/id/eprint/130991

Citation Data

Cited 7 times in Scopus. View in Scopus. Powered By Scopus® Data

Actions (repository staff only)

Edit Item