Vulnerability Assessment of Industrial Control System with an Improved CVSS

• URL: http://arxiv.org/abs/2306.08631v1
• Date: Wed, 14 Jun 2023 16:48:06 GMT
• Title: Vulnerability Assessment of Industrial Control System with an Improved CVSS
• Authors: He Wen
• Abstract summary: This study proposes a method to assess the risk of cyberattacks on ICS with an improved Common Vulnerability Scoring System (CVSS) Results show the physical system levels of ICS have the highest severity once cyberattacked.
• Score: 3.9596068699962323
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Cyberattacks on industrial control systems (ICS) have been drawing attention in academia. However, this has not raised adequate concerns among some industrial practitioners. Therefore, it is necessary to identify the vulnerable locations and components in the ICS and investigate the attack scenarios and techniques. This study proposes a method to assess the risk of cyberattacks on ICS with an improved Common Vulnerability Scoring System (CVSS) and applies it to a continuous stirred tank reactor (CSTR) model. The results show the physical system levels of ICS have the highest severity once cyberattacked, and controllers, workstations, and human-machine interface are the crucial components in the cyberattack and defense.

Related papers

• EAIRiskBench: Towards Evaluating Physical Risk Awareness for Task Planning of Foundation Model-based Embodied AI Agents [47.69642609574771]
  Embodied artificial intelligence (EAI) integrates advanced AI models into physical entities for real-world interaction. Foundation models as the "brain" of EAI agents for high-level task planning have shown promising results. However, the deployment of these agents in physical environments presents significant safety challenges. This study introduces EAIRiskBench, a novel framework for automated physical risk assessment in EAI scenarios.
  arXiv  Detail & Related papers  (2024-08-08T13:19:37Z)
• FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids [53.2306792009435]
  FaultGuard is the first framework for fault type and zone classification resilient to adversarial attacks. We propose a low-complexity fault prediction model and an online adversarial training technique to enhance robustness. Our model outclasses the state-of-the-art for resilient fault prediction benchmarking, with an accuracy of up to 0.958.
  arXiv  Detail & Related papers  (2024-03-26T08:51:23Z)
• Towards Low-Barrier Cybersecurity Research and Education for Industrial Control Systems [1.2584276673531931]
  We develop a framework to automatically launch cyberattacks, collect data, train machine learning models, and evaluate for practical chemical and manufacturing processes. On our testbed, we validate our proposed intrusion detection model called Minimal Threshold and Window SVM. Results show that MinTWin SVM minimizes false positives and is responsive to physical process anomalies.
  arXiv  Detail & Related papers  (2023-08-31T14:46:05Z)
• A Deep Multi-Modal Cyber-Attack Detection in Industrial Control Systems [1.0312968200748118]
  This research utilizes network and sensor modality data from ICS processed with a deep multi-modal cyber-attack detection model for ICS. Results show that the proposed model can outperform existing single modality models and recent works in the literature.
  arXiv  Detail & Related papers  (2023-04-04T01:27:21Z)
• Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the Age of AI-NIDS [70.60975663021952]
  We study blackbox adversarial attacks on network classifiers. We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions. We show that a continual learning approach is required to study attacker-defender dynamics.
  arXiv  Detail & Related papers  (2021-11-23T23:42:16Z)
• A Framework for Evaluating the Cybersecurity Risk of Real World, Machine Learning Production Systems [41.470634460215564]
  We develop an extension to the MulVAL attack graph generation and analysis framework to incorporate cyberattacks on ML production systems. Using the proposed extension, security practitioners can apply attack graph analysis methods in environments that include ML components.
  arXiv  Detail & Related papers  (2021-07-05T05:58:11Z)
• GRAVITAS: Graphical Reticulated Attack Vectors for Internet-of-Things Aggregate Security [5.918387680589584]
  Internet-of-Things (IoT) and cyber-physical systems (CPSs) may consist of thousands of devices connected in a complex network topology. We describe a comprehensive risk management system, called GRAVITAS, for IoT/CPS that can identify undiscovered attack vectors.
  arXiv  Detail & Related papers  (2021-05-31T19:35:23Z)
• Adversarial defense for automatic speaker verification by cascaded self-supervised learning models [101.42920161993455]
  More and more malicious attackers attempt to launch adversarial attacks at automatic speaker verification (ASV) systems. We propose a standard and attack-agnostic method based on cascaded self-supervised learning models to purify the adversarial perturbations. Experimental results demonstrate that the proposed method achieves effective defense performance and can successfully counter adversarial attacks.
  arXiv  Detail & Related papers  (2021-02-14T01:56:43Z)
• Poisoning Attacks on Cyber Attack Detectors for Industrial Control Systems [34.86059492072526]
  We are first to demonstrate such poisoning attacks on ICS online neural network detectors. We propose two distinct attack algorithms, namely, back-gradient based poisoning, and demonstrate their effectiveness on both synthetic and real-world data.
  arXiv  Detail & Related papers  (2020-12-23T14:11:26Z)
• Machine Learning in Generation, Detection, and Mitigation of Cyberattacks in Smart Grid: A Survey [1.3299946892361474]
  Smart grid (SG) is a complex cyber-physical system that utilizes modern cyber and physical equipment to run at an optimal operating point. Cyberattacks are the principal threats confronting the usage and advancement of the state-of-the-art systems. Machine learning (ML) is being used to exploit and defend the cyberattacks in SG by the attackers and system operators.
  arXiv  Detail & Related papers  (2020-09-01T05:16:51Z)
• Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain [58.30296637276011]
  This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques. It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
  arXiv  Detail & Related papers  (2020-07-05T18:22:40Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.