Preventing Advanced Persistent Threats in Complex Control Networks

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10493)

Abstract

An Advanced Persistent Threat (APT) is an emerging attack against Industrial Control and Automation Systems, that is executed over a long period of time and is difficult to detect. In this context, graph theory can be applied to model the interaction among nodes and the complex attacks affecting them, as well as to design recovery techniques that ensure the survivability of the network. Accordingly, we leverage a decision model to study how a set of hierarchically selected nodes can collaborate to detect an APT within the network, concerning the presence of changes in its topology. Moreover, we implement a response service based on redundant links that dynamically uses a secret sharing scheme and applies a flexible routing protocol depending on the severity of the attack. The ultimate goal is twofold: ensuring the reachability between nodes despite the changes and preventing the path followed by messages from being discovered.

Keywords

Advanced Persistent Threat Attack Detection Response Consensus Opinion Dynamics Secret Sharing Redundant Topology 

Notes

Acknowledgements

The first author is supported by the Spanish Ministry of Education through the National F.P.U. Program under Grant Agreement No. FPU15/03213. In addition, this work has been partially supported by the Andalusian Government Research Program through the FISICCO project (P11-TIC-07223) and by the Spanish Ministry of Economy and Competitiveness through the PRECISE project (TIN2014-54427-JIN).

References

  1. 1.
    Chen, P., Desmet, L., Huygens, C.: A study on advanced persistent threats. In: Decker, B., Zúquete, A. (eds.) CMS 2014. LNCS, vol. 8735, pp. 63–72. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-44885-4_5Google Scholar
  2. 2.
    Virvilis, N., Gritzalis, D., Apostolopoulos, T.: Trusted computing vs. advanced persistent threats: can a defender win this game? In: Ubiquitous Intelligence and Computing, 2013 IEEE 10th International Conference on and 10th International Conference on Autonomic and Trusted Computing (UIC/ATC), pp. 396–403. IEEE (2013)Google Scholar
  3. 3.
    Pagani, G.A., Aiello, M.: The power grid as a complex network: a survey. Phys. A: Stat. Mech. Appl. 392(11), 2688–2700 (2013)MathSciNetCrossRefGoogle Scholar
  4. 4.
    Lin, C.-T.: Structural controllability. IEEE Trans. Autom. Control 19(3), 201–208 (1974)MathSciNetCrossRefMATHGoogle Scholar
  5. 5.
    Nie, S., Wang, X., Zhang, H., Li, Q., Wang, B.: Robustness of controllability for networks based on edge-attack. PLoS ONE 9(2), e89066 (2014)CrossRefGoogle Scholar
  6. 6.
    Haynes, T.W., Hedetniemi, S.M., Hedetniemi, S.T., Henning, M.A.: Domination in graphs applied to electric power networks. SIAM J. Discrete Math. 15(4), 519–529 (2002)MathSciNetCrossRefMATHGoogle Scholar
  7. 7.
    Kneis, J., Mölle, D., Richter, S., Rossmanith, P.: Parameterized power domination complexity. Inf. Process. Lett. 98(4), 145–149 (2006)MathSciNetCrossRefMATHGoogle Scholar
  8. 8.
    Blondel, V.D., Hendrickx, J.M., Olshevsky, A., Tsitsiklis, J.N.: Convergence in multiagent coordination, consensus, and flocking. In: 44th IEEE Conference on 2005 and 2005 European Control Conference Decision and Control, CDC-ECC 2005, pp. 2996–3000. IEEE (2005)Google Scholar
  9. 9.
    Hegselmann, R., Krause, U., et al.: Opinion dynamics and bounded confidence models, analysis, and simulation. J. Artif. Soc. Soc. Simul. 5(3) (2002). http://jasss.soc.surrey.ac.uk/5/3/contents.html
  10. 10.
    Alcaraz, C., Lopez, J.: Safeguarding structural controllability in cyber-physical control systems. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 471–489. Springer, Cham (2016). doi: 10.1007/978-3-319-45741-3_24CrossRefGoogle Scholar
  11. 11.
    Alcaraz, C., Wolthusen, S.: Recovery of structural controllability for control systems. In: Butts, J., Shenoi, S. (eds.) ICCIP 2014. IAICT, vol. 441, pp. 47–63. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-45355-1_4Google Scholar
  12. 12.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefMATHGoogle Scholar
  13. 13.
    Dijkstra, E.W.: A note on two problems in connexion with graphs. Numer. Math. 1(1), 269–271 (1959)MathSciNetCrossRefMATHGoogle Scholar
  14. 14.
    Lee, C.Y.: An algorithm for path connections and its applications. IRE Trans. Electron. Comput. 3, 346–365 (1961)MathSciNetCrossRefGoogle Scholar
  15. 15.
    Ek, B., VerSchneider, C., Narayan, D.A.: Global efficiency of graphs. AKCE Int. J. Graphs Comb. 12(1), 1–13 (2015)MathSciNetCrossRefMATHGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Juan E. Rubio
    • 1
  • Cristina Alcaraz
    • 1
  • Javier Lopez
    • 1
  1. 1.Department of Computer ScienceUniversity of MalagaMalagaSpain

Personalised recommendations