Abstract
In recent years, attackers have shifted their attention in the Maritime domain, exploiting vulnerabilities of Maritime IT/OT systems and human resources, and impacting the situational picture onboard the ships and/or at shore infrastructures. Therefore, developing human skills and systems’ detection capabilities in the Maritime domain are a critical element to effectively manage the cyber risks related to different types of ships and/or Maritime infrastructures. Such capabilities can greatly contribute to developing a Maritime Cyber Situational Awareness, which can promote the Maritime domain key mission objectives, such as maintaining preparedness, safety, and security. The complexity of the Maritime environment poses a great challenge in detecting cyber threats and/or anomalies in the behavior of systems, due to the different ship-to-shore systems that form this environment. Not being able to detect cyber threats or detect them early enough can affect the effectiveness of decision-making and impact the mission objectives of the Maritime domain. This work investigates detection aspects in the Maritime domain and contributes towards a novel Maritime cyber threat detection framework, to guide the development of relevant human skills and systems’ cyber threat detection capabilities. A highlight of this work is the development of a Maritime attack matrix based on MITRE ATT&CK matrices, to clearly specify the cyber threats related to the Maritime surveillance and navigation systems.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Meland, P.H., Bernsmed, K., Wille, E., Rødseth, Ø., Nesheim, D.A.: A retrospective analysis of maritime cyber security incidents. TransNav Int. J. Mar. Navig. Saf. Sea Transp. 15(3) (2021)
Hyra, B.: Analyzing the attack surface of ships, p. 166 (2019)
Caprolu, M., Pietro, R.D., Raponi, S., Sciancalepore, S., Tedeschi, P.: Vessels cybersecurity: issues, challenges, and the road ahead. IEEE Commun. Mag. 58(6), 90–96 (2020). https://doi.org/10.1109/MCOM.001.1900632
Satellite Internet Market: Global Industry Analysis and Forecast 2021–2027: by Frequency Band, Bandwidth, Orbit, End User and Region. Maximize Market Research. https://www.maximizemarketresearch.com/market-report/satellite-internet-market/125907/. Accessed 30 Jan 2022
Jacq, O., Brosset, D., Kermarrec, Y., Simonin, J.: Cyber attacks real time detection: towards a cyber situational awareness for naval systems. In: 2019 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA), pp. 1–2, June 2019. https://doi.org/10.1109/CyberSA.2019.8899351
Jacq, O., Boudvin, X., Brosset, D., Kermarrec, Y., Simonin, J.: Detecting and hunting cyberthreats in a maritime environment: specification and experimentation of a maritime cybersecurity operations centre. In: 2018 2nd Cyber Security in Networking Conference (CSNet), pp. 1–8, October 2018. https://doi.org/10.1109/CSNET.2018.8602669
Canepa, M., Ballini, F., Dalaklis, D., Vakili, S.: Assessing the effectiveness of cybersecurity training and raising awareness within the maritime domain. In: Online Conference, pp. 3489–3499, March 2021. https://doi.org/10.21125/inted.2021.0726
Tam, K., Jones, K.: MaCRA: a model-based framework for maritime cyber-risk assessment. WMU J. Marit. Aff. 18(1), 129–163 (2019). https://doi.org/10.1007/s13437-019-00162-2
Hatzivasilis, G.: Modern aspects of cyber-security training and continuous adaptation of programmes to trainees. Appl. Sci. 10(16) (2020). https://doi.org/10.3390/app10165702
Hopcraft, R.: Developing maritime digital competencies. IEEE Commun. Stan. Mag. 5(3), 12–18 (2021). https://doi.org/10.1109/MCOMSTD.101.2000073
Mraković, I., Vojinović, R.: Maritime cyber security analysis – how to reduce threats? Trans. Marit. Sci. 08(01), 132–139 (2019). https://doi.org/10.7225/toms.v08.n01.013
Maritime Bulk Liquids Transfer Cybersecurity Framework Profile. United States. Coast Guard. https://www.hsdl.org/?abstract&did=797741. Accessed 12 Feb 2022
Potamos, G., Peratikou, A., Stavrou, S.: Towards a maritime cyber range training environment. In: 2021 IEEE International Conference on Cyber Security and Resilience (CSR), pp. 180–185, July 2021. https://doi.org/10.1109/CSR51186.2021.9527904
Tam, K., Moara-Nkwe, K., Jones, K.: The use of cyber ranges in the maritime context: assessing maritime-cyber risks, raising awareness, and providing training. Marit. Technol. Res. 3(1) (2020). https://doi.org/10.33175/mtr.2021.241410
The Guidelines on Cyber Security Onboard Ships. https://www.bimco.org/about-us-and-our-members/publications/the-guidelines-on-cyber-security-onboard-ships. Accessed 23 Oct 2021
European Union Agency for Cybersecurity. Cyber risk management for ports: guidelines for cyber security in the maritime sector. LU: Publications Office (2020). https://data.europa.eu/doi/10.2824/671060. Accessed 11 Feb 2022
Armando, A., Henauer, M., Rigoni, A.: Next Generation CERTs. IOS Press (2019)
Balduzzi, M., Pasta, A., Wilhoit, K.: A security evaluation of AIS automated identification system. In: Proceedings of the 30th Annual Computer Security Applications Conference, New Orleans Louisiana USA, pp. 436–445, December 2014. https://doi.org/10.1145/2664243.2664257
Ray, C., Gallen, R., Iphar, C., Napoli, A., Bouju, A.: DeAIS project: detection of AIS spoofing and resulting risks. In: OCEANS 2015 - Genova, pp. 1–6, May 2015. https://doi.org/10.1109/OCEANS-Genova.2015.7271729
Faragher, R., MacDoran, P.F., Mathews, M.B.: Spoofing mitigation, robust collision avoidance, and opportunistic receiver localisation using a new signal processing scheme for ADS-B or AIS, p. 11 (2014)
Hareide, O.S., Jøsok, Ø., Lund, M.S., Ostnes, R., Helkala, K.: Enhancing navigator competence by demonstrating maritime cyber security. J. Navig. 71(5), 1025–1039 (2018). https://doi.org/10.1017/S0373463318000164
DiRenzo, J., Goward, D.A., Roberts, F.S.: The little-known challenge of maritime cyber security. In: 2015 6th International Conference on Information, Intelligence, Systems and Applications (IISA), Corfu, Greece, pp. 1–5, July 2015. https://doi.org/10.1109/IISA.2015.7388071
Preparing for Cyber Battleships – Electronic Chart Display and Information System Security
Svilicic, B., Brčić, D., Žuškin, S., Kalebić, D.: Raising awareness on cyber security of ECDIS. TransNav Int. J. Mar. Navig. Saf. Sea Transp. 13(1) (2019). https://doi.org/10.12716/1001.13.01.24
Parrish, A.S., et al.: Global perspectives on cybersecurity education for 2030: a case for a meta-discipline. ITiCSE (2018). https://doi.org/10.1145/3293881.3295778
Acknowledgement
The authors would like to acknowledge the FORESIGHT project funded by the European Union’s Horizon 2020 research and innovation program (grant agreement: 833673), and the partners on the project.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 IFIP International Federation for Information Processing
About this paper
Cite this paper
Potamos, G., Theodoulou, S., Stavrou, E., Stavrou, S. (2022). Maritime Cyber Threats Detection Framework: Building Capabilities. In: Drevin, L., Miloslavskaya, N., Leung, W.S., von Solms, S. (eds) Information Security Education - Adapting to the Fourth Industrial Revolution. WISE 2022. IFIP Advances in Information and Communication Technology, vol 650. Springer, Cham. https://doi.org/10.1007/978-3-031-08172-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-031-08172-9_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-08171-2
Online ISBN: 978-3-031-08172-9
eBook Packages: Computer ScienceComputer Science (R0)