Abstract
Utility networks are becoming more and more interconnected. Besides the natural physical interdependencies (e.g., water networks heavily depend on power grids, etc.), utility networks are nowadays often monitored and operated by industrial control systems (ICS). While these systems enhance the level of control over utility networks, they also enable new forms of attacks, such as cyberattacks. During the last years, cyberattacks have occurred more frequently with sometimes a significant impact on the company as well as the society. The first step toward preventing such incidents is to understand how an infection of one component influences the rest of the network. This malware spreading can be modeled as a stochastic process on a graph where edges transmit an infection with a specific probability. In practice, this probability depends on the type of the malware (e.g., ransomware, spyware, virus, etc.) as well as on the type of the connection between the nodes (e.g., physical or logical connections). In this chapter, we illustrate how the abstract model can be put into practice for a concrete use case.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Chen, Z., Ji, C.: Spatial-temporal modeling of malware propagation in networks. IEEE Transactions on Neural networks 16(5), 1291–1303 (2005)
Cheng, S.M., Chon Ao, W., Chen, P.Y., Chen, K.C.: On modeling malware propagation in generalized social networks 15(1), 25–27 (2011)
Ganesh, A., Massoulie, L., Towsley, D.: The effect of network topology on the spread of epidemics. In: Proc. INFOCOM05, vol. 2, pp. 1455–1466 (2005)
Karnouskos, S.: Stuxnet worm impact on industrial cyber-physical system security. In: IECON 2011 - 37th Annual Conference of the IEEE Industrial Electronics Society (IECON 2011), pp. 4490–4494. IEEE (2011)
Knapp, E.D., Langill, J.T.: Industrial Network Security: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Syngress (2014)
Moore, D., Shannon, C., Voelker, G.M., Savage, S.: Internet quarantine: Requirements for containing self-propagating code. In: Proc. INFOCOM03, vol. 3, pp. 1901–1910 (2003)
Morrow, B.: BYOD security challenges: control and protect your most sensitive data. Network Security pp. 5–8 (2012)
Rass, S.: On Game-Theoretic Risk Management (Part One) – Toward a Theory of Games with Payoffs that are Probability-Distributions. ArXiv e-prints (2015). http://arxiv.org/abs/1506.07368
Rass, S., König, S.: R package ’hyrim’: Multicriteria risk management using zero-sum games with vector-valued payoffs that are probability distributions (2017). URL https://hyrim.net/software/
Scarfo, A.: New security perspectives around BYOD. In: Broadband, Wireless Computing, Communication and Applications (BWCCA), 2012 Seventh International Conference on, pp. 446–451 (2012)
Symantec: What you need to know about the wannacry ransomware (2017). URL https://www.symantec.com/connect/blogs/what-you-need-know-about-wannacry-ransomware,[retrieved:25/09/2017]
Thomson, G.: BYOD: enabling the chaos. Network Security pp. 5–8 (2012)
TrendMicro: Frequently asked questions: The petya ransomware outbreak (2017). URL https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/frequently-asked-questions-the-petya-ransomware-outbreak,[retrieved:25/09/2017]
Zou, C.C., Gong, W., Towsley, D.: code red worm propagation modeling and analysis. In: Proc. 9th ACM Conf. Computer and Communication Security, pp. 138–147 (2002)
Acknowledgements
The research leading to these results has received funding from the European Union Seventh Framework Programme under grant agreement no. 608090, Project HyRiM (Hybrid Risk Management for Utility Networks).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this chapter
Cite this chapter
König, S., Gouglidis, A., Green, B., Solar, A. (2018). Assessing the Impact of Malware Attacks in Utility Networks. In: Rass, S., Schauer, S. (eds) Game Theory for Security and Risk Management. Static & Dynamic Game Theory: Foundations & Applications. Birkhäuser, Cham. https://doi.org/10.1007/978-3-319-75268-6_14
Download citation
DOI: https://doi.org/10.1007/978-3-319-75268-6_14
Published:
Publisher Name: Birkhäuser, Cham
Print ISBN: 978-3-319-75267-9
Online ISBN: 978-3-319-75268-6
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)