Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Scalable approach to enhancing ICS resilience by network diversity

Li, Tingting ORCID: https://orcid.org/0000-0002-9448-1655, Feng, Cheng and Hankin, Chris 2020. Scalable approach to enhancing ICS resilience by network diversity. Presented at: The 50th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2020), València, Spain, 29 June - 02 July 2020.

[thumbnail of DSN2020_FINAL.pdf]
Preview
 PDF - Accepted Post-Print Version
Download (544kB) | Preview

Abstract

Network diversity has been widely recognized as an effective defense strategy to mitigate the spread of malware. Optimally diversifying network resources can improve the resilience of a network against malware propagation. This work proposes a scalable method to compute such an optimal deployment, in the context of upgrading a legacy Industrial Control System with modern IT infrastructure. Our approach can tolerate various constraints when searching for optimal diversification, such as outdated products and strict configurationpolicies.We explicitly measure the vulnerability similarity of products based on the CVE/NVD, to estimate the infection rate of malware between products. A Stuxnet-inspired case demonstrates our optimal diversification in practice, particularly when constrained by various requirements. We then measure the improved resilience of the diversified network in terms of a well-defined diversity metric and Mean-time-to-compromise (MTTC), to verify the effectiveness of our approach. Finally, we show the competitive scalability of our approach in finding optimal solutions within a couple of seconds to minutes for networks of large scales (up to 10,000 hosts) and high densities (up to 240,000 edges).

Item Type: Conference or Workshop Item (Paper)
Status: In Press
Schools: Computer Science & Informatics
Additional Information: Conference held digitally due to COVID-19 pandemic
Date of First Compliant Deposit: 13 May 2020
Date of Acceptance: 4 March 2020
Last Modified: 07 Nov 2022 10:14
URI: https://orca.cardiff.ac.uk/id/eprint/131582

Citation Data

Cited 1 time in Scopus. View in Scopus. Powered By Scopus® Data

Actions (repository staff only)

Edit Item Edit Item
Download Statistics

Downloads

Downloads per month over past year

View more statistics

CORE (COnnecting REpositories)


Maintained by Cardiff University Information Services