Abstract
We present a method based on granular computing to support decision makers in analysing and protecting large-scale infrastructures or urban areas from external attacks by identifying a suitable partition of the infrastructure or the area under analysis. The method works on a very limited set of information relating to the vulnerabilities of components, and probability information regarding how vulnerabilities can impact meaningful partitions. These aspects make the method very useful as a reasoning mechanism to improve awareness and support rapid decision making at early stages of intelligence analysis, when information is scarce and contains a high degree of uncertainty. The results of the case study, which are based on the hypothesis of a terrorist attack on a subway, show that the method provides approximate solutions with the advantages of supporting reasoning at different levels of abstraction and providing simplicity of threat scenario analysis. We also discuss the limitations of the applicability of our approach.
Similar content being viewed by others
Notes
In the following, we will use the terms “parts”, “zones”, or “regions” to refer in any case to parts of a partition.
IEC 62443-3-2, http://isa99.isa.org/ISA99Wiki/WP-3-2.aspx
We can regard (1 − Er) as a level of defence or protection in a part pn. Of course, high levels of protection correspond to high values of Er and thus to low values of (1 − Er). In the following, when referring to level of protection, we will refer to (1 − Er).
References
Anagnostopoulos C, Kolomvatsos K (2018) Predictive intelligence to the edge through approximate collaborative context reasoning. Appl Intell 48(4):966–991
Bier V, Oliveros S, Samuelson L (2007) Choosing what to protect: strategic defensive allocation against an unknown attacker. Journal of Public Economic Theory 9(4):563–587
Brown G, Carlyle M, Salmerón J, Wood K (2006) Defending critical infrastructure. Interfaces 36 (6):530–544
Cherdantseva Y, Burnap P, Blyth A, Eden P, Jones K, Soulsby H, Stoddart K (2016) A review of cyber security risk assessment methods for scada systems. Comput Secur 56:1–27
D’Aniello G, Gaeta A, Gaeta M, Loia V, Reformat MZ (2016) Application of granular computing and three-way decisions to analysis of competing hypotheses. In: 2016 IEEE international conference on systems, man, and cybernetics (SMC). IEEE, pp 001650–001655
D’Aniello G, Gaeta A, Loia V, Orciuoli F (2017) A granular computing framework for approximate reasoning in situation awareness. Granular Comput 2(3):141–158
Fishburn PC (1988) Nonlinear preference and utility theory, vol 5. Johns Hopkins University Press, Baltimore
Fujita H, Gaeta A, Loia V, Orciuoli F (2018) Resilience analysis of critical infrastructures: a cognitive approach based on granular computing. IEEE Trans Cybern PP(99):1–14. https://doi.org/10.1109/TCYB.2018.2815178 https://doi.org/10.1109/TCYB.2018.2815178
Fujita H, Li T, Yao Y (2016) Advances in three-way decisions and granular computing. Knowl-Based Syst 91:1–3. Three-way Decisions and Granular Computing
Gao C, Yao Y (2017) Actionable strategies in three-way decisions. Knowl-Based Syst 133:141–155
Ghosh N, Ghosh SK (2012) A planner-based approach to generate and analyze minimal attack graph. Appl Intell 36(2):369– 390
Greco S, Matarazzo B, Slowinski R (1999) Rough approximation of a preference relation by dominance relations. Eur J Oper Res 117(1):63–83
Greco S, Matarazzo B, Słowiński R (2010) Dominance-based rough set approach to decision under uncertainty and time preference. Ann Oper Res 176(1):41–75
Hausken K, Levitin G (2012) Review of systems defense and attack models. Int J Performability Eng 8 (4):355–366
Jenelius E, Westin J, Holmgren ÅJ (2010) Critical infrastructure protection under imperfect attacker perception. Int J Crit Infrastruct Prot 3(1):16–26
Kahneman D, Tversky A (2013) Prospect theory: an analysis of decision under risk. In: Handbook of the fundamentals of financial decision making: Part I. World Scientific, pp. 99–127
Karbalaei F, Shahbazi H (2018) Determining an appropriate partitioning method to reduce the power system dimensions for real time voltage control. Int J Electr Power Energy Syst 100:58–68. https://doi.org/10.1016/j.ijepes.2018.02.025
Levy H (1992) Stochastic dominance and expected utility: survey and analysis. Manag Sci 38(4):555–593
Lieberman CA, Bucht R (2009) Rail transport security. In: A new understanding of terrorism. Springer, pp. 189–204
Luo C, Li T, Chen H, Fujita H, Yi Z (2018) Incremental rough set approach for hierarchical multicriteria classification. Inf Sci 429:72–87
McBride M, Mitchell R (2017) A zoning algorithm for dynamic cyber zone defense. In: 2017 IEEE 7th annual computing and communication workshop and conference (CCWC). IEEE, pp 1–6
McGill WL, Ayyub BM, Kaminskiy M (2007) Risk analysis for critical asset protection. Risk Anal 27 (5):1265–1281
Ortiz DS, Weatherford BA, Greenberg MD, Ecola L (2008) Improving the safety and security of freight and passenger rail in Pennsylvania
Parasuraman R, Sheridan TB, Wickens CD (2000) A model for types and levels of human interaction with automation. IEEE Trans Syst Man Cybern Syst Hum 30(3):286–297
Pawlak Z (1982) Rough sets. Int J Comput Inform Sci 11(5):341–356
Payappalli VM, Zhuang J, Jose VRR (2017) Deterrence and risk preferences in sequential attacker–defender games with continuous efforts. Risk Anal
Powell R (2007) Defending against terrorist attacks with limited resources. Am Polit Sci Rev 101(3):527–541
Richards HJ, Pherson RH (2010) Structured analytic techniques for intelligence analysis. Cq Press
Rios Insua D, Rios J, Banks D (2009) Adversarial risk analysis. J Am Stat Assoc 104(486):841–854
Savage LJ (1972) The foundations of statistics. Courier Corporation
Von Neumann J, Morgenstern O (2007) Theory of games and economic behavior (commemorative edition). Princeton University Press, Princeton
Wu D, Xiao H, Peng R (2018) Object defense with preventive strike and false targets. Reliab Eng Syst Saf 169:76–80
Yang J, Zhou C, Yang S, Xu H, Hu B (2018) Anomaly detection based on zone partition for security protection of industrial cyber-physical systems. IEEE Trans Ind Electron 65(5):4257– 4267
Yao JT, Vasilakos AV, Pedrycz W (2013) Granular computing: Perspectives and challenges. IEEE Trans Cybern 43(6):1977–1989
Yao Y Yao J, Lingras P, Wu WZ, Szczuka M, Cercone NJ, Ślzak D (eds) (2007) Decision-theoretic rough set models. Springer, Berlin
Yao Y (2016) Three-way decisions and cognitive computing. Cogn Comput 8(4):543–554
Zadeh LA (1997) Toward a theory of fuzzy information granulation and its centrality in human reasoning and fuzzy logic. Fuzzy Sets Syst 90(2):111–127
Zhang C, Ramirez-Marquez JE (2013) Protecting critical infrastructures against intentional attacks: a two-stage game with incomplete information. IIE Trans 45(3):244–258
Zhang L, Reniers G (2018) Applying a bayesian stackelberg game for securing a chemical plant. J Loss Prev Process Ind 51:72–83. https://doi.org/10.1016/j.jlp.2017.11.010. http://www.sciencedirect.com/science/article/pii/S0950423017310239
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Fujita, H., Gaeta, A., Loia, V. et al. Improving awareness in early stages of security analysis: A zone partition method based on GrC. Appl Intell 49, 1063–1077 (2019). https://doi.org/10.1007/s10489-018-1315-y
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10489-018-1315-y