IAPSAM Logo

PSAM 16 Conference Paper Overview

Welcome to the PSAM 16 Conference paper and speaker overview page.

Lead Author: Fan Zhang Co-author(s): N/A
A Dynamic Cyber-Attack Analysis, Risk Assessment and Management Framework for Industrial Control Systems
As the number and quality of digital devices used to control industrial infrastructure continues to grow and evolve, assessing the cyber risk posed by these networked devices is a critical concern. Traditional security methods use a combination of intrusion prevention systems (IPSs) and intrusion detection systems (IDSs) to protect against cyber-attacks. However, these defenses do not provide real-time knowledge of the risk profile of an ICS under a cyber-attack scenario. Previous work has studied dynamic risk assessment as a way to provide near-real-time risk evaluation, with the assumption that the compromised device or component is known. However, these information are not given by existing IDSs. The location and level of compromise in the operational technology (OT) process is crucial for decision making since the risk analysis and management for a pump that deviates 10% from normal operation is likely to be very different than the analysis for a pump deviating by 50. The gap in cyber-attack detection and real-time understanding of the risk profile posed must be bridged by identifying what information can be obtained from the cyber-attack detection process, and how this knowledge can be used to perform dynamic risk assessment. In this research, a dynamic Cyber-Attack Analysis, Risk Assessment and Management (CATARAM) framework that detects cyber-attacks is proposed, providing near real-time analysis, and generating a dynamic risk profile correlating to the progress of the cyber-attack. In this framework, a cyber-attack detection system detects cyber-attack, a cyber-attack analysis system identifies the location and the level of compromise using machine learning methods, and a dynamic risk assessment system based on Bayesian Network calculates risk in real-time. The CATARAM also provides risk management suggestions according to the dynamic risk profile.

Paper FA293 Preview

Author and Presentation Info

"
Presentation only, a full paper is not available.
Lead Author Name: Fan Zhang (fan@gatech.edu)

Bio:

Country: ---
Company: Georgia Tech
Job Title: Assistant Professor