Li, Tingting ORCID: https://orcid.org/0000-0002-9448-1655 and Hankin, Chris 2017. Effective defence against zero-day exploits using Bayesian networks. Presented at: 11th International Conference, Critical Information Infrastructures Security, CRITIS, Paris, France, 10–12 Oct 2016. Critical Information Infrastructures Security. Lecture Notes in Artificial Intelligence. , vol.10242 Springer Verlag, pp. 123-136. 10.1007/978-3-319-71368-7_11 |
Abstract
Industrial Control Systems (ICS) play a crucial role in controlling industrial processes. Unlike conventional IT systems or networks, cyber attacks against ICS can cause destructive physical damage. Zero-day exploits (i.e. unknown exploits) have demonstrated their essential contributions to causing such damage by Stuxnet. In this work, we investigate the possibility of improving the tolerance of a system against zero-day attacks by defending against known weaknesses of the system. We first propose a metric to measure the system tolerance against zero-day attacks, which is the minimum effort required by zero-day exploits to compromise a system. We then apply this metric to evaluate different defensive plans to decide the most effective one in maximising the system tolerance against zero-day attacks. A case study about ICS security management is demonstrated in this paper.
Item Type: | Conference or Workshop Item (Paper) |
---|---|
Date Type: | Published Online |
Status: | Published |
Schools: | Computer Science & Informatics |
Publisher: | Springer Verlag |
ISBN: | 9783319713670 |
ISSN: | 0302-9743 |
Last Modified: | 07 Nov 2022 10:03 |
URI: | https://orca.cardiff.ac.uk/id/eprint/130991 |
Citation Data
Cited 7 times in Scopus. View in Scopus. Powered By Scopus® Data
Actions (repository staff only)
Edit Item |