Algebraic Analysis of Attack Impacts and Countermeasures in Critical Infrastructures
Critical infrastructure systems are distributed environments in which the mixture of technologies and interdependencies between physical and logical components lead to complex interactions. Calculating the possible impacts of attacks and the success of proposed countermeasures in such environments represents a severe problem. We propose a process algebraic technique as a means of affecting such calculations. Our approach allows us to demonstrate equivalence w.r.t. attack and defense strategies respectively. It also forms a basis for determining the efficiency and effectiveness of countermeasures. In comparison with other methods, such as attack/defense trees and attack graphs, our approach allows us to relax assumptions regarding the ordering of events by applying structural reasoning to outcomes and reducing the state space for the analysis. An obvious application is to risk management.
Unable to display preview. Download preview PDF.
- 1.Langner, R.: Robust Control System Networks. Momentum Press, New York (2012)Google Scholar
- 6.Ingols, K., Chu, M., Lippmann, R., Webster, S., Boyer, S.: Modeling Modern Network Attacks and Countermeasures Using Attack Graphs. In: Annual Computer Security Applications Conference, ACSAC 2009, pp. 117–126 (December 2009)Google Scholar
- 7.Lippmann, R.P., Ingols, K.W.: An Annotated Review of Past Papers on Attack Graphs (1998)Google Scholar
- 11.McEvoy, T.R., Wolthusen, S.: Agent Interaction and State Determination in SCADA Systems. In: Butts, J., Shenoi, S. (eds.) Critical Infrastructure Protection. IFIP AICT, pp. 99–109. Springer, Heidelberg (2011)Google Scholar