Investigating usable indicators against cyber-attacks in industrial control systems

Asiri, Mohammed, Saxena, Neetesh ORCID: https://orcid.org/0000-0002-6437-0807 and Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X 2021. Investigating usable indicators against cyber-attacks in industrial control systems. Presented at: 17th Symposium on Usable Privacy and Security (USENIX Security 2021), Virtual, 08-10 August 2021. USENIX Symposium on Usable Privacy and Security (SOUPS) 2021. USENIX,

Preview

PDF - Accepted Post-Print Version Download (167kB) | Preview

Abstract

Industrial control systems (ICSs) control and monitor indus�trial activities and physical processes. The attack of the ones and zeroes for a control system taught us that the physical world could be impacted remarkably by cyber-attacks. It is necessary to have capabilities of identifying footprints of the attacks in time when the system is under attack. This will help to mitigate the impact of cyber-attacks, especially when we are not able to prevent such attacks. By monitoring indicators of compromise (IOCs), operators at utilities can recognize triggers of malicious activities and react quickly to similar compromise incidents in the earlier stages of such attacks. The purpose of this study is to examine how effective the IOCs used in IT systems are in detecting cyber-attacks in the ICS systems under operational technology (OT) environment. We run a questionnaire with ICS attack scenarios to the industry experts working on OT security. During our study and analysis, we found that there are some key indicators better recognized than others for indicating attack behavior

Item Type:	Conference or Workshop Item (Poster)
Date Type:	Published Online
Status:	Published
Schools:	Computer Science & Informatics
Publisher:	USENIX
Date of First Compliant Deposit:	6 April 2023
Date of Acceptance:	10 June 2021
Last Modified:	06 Apr 2023 10:46
URI:	https://orca.cardiff.ac.uk/id/eprint/142257

Actions (repository staff only)

Edit Item