Graph Analytics for Cyber-Physical System Resilience Quantification

• URL: http://arxiv.org/abs/2504.02120v1
• Date: Wed, 02 Apr 2025 20:43:40 GMT
• Title: Graph Analytics for Cyber-Physical System Resilience Quantification
• Authors: Romain Dagnas, Michel Barbeau, Joaquin Garcia-Alfaro, Reda Yaich,
• Abstract summary: This work focuses on the cyber resilience of Cyber-Physical Systems (CPSs)<n>We propose a methodology based on knowledge graph modeling and graph analytics to quantify the resilience potential of complex systems.<n>We show that the most resilient SWaT design has the necessary potential to bounce back and absorb the attacks.
• Score: 0.7999703756441754
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Critical infrastructures integrate a wide range of smart technologies and become highly connected to the cyber world. This is especially true for Cyber-Physical Systems (CPSs), which integrate hardware and software components. Despite the advantages of smart infrastructures, they remain vulnerable to cyberattacks. This work focuses on the cyber resilience of CPSs. We propose a methodology based on knowledge graph modeling and graph analytics to quantify the resilience potential of complex systems by using a multilayered model based on knowledge graphs. Our methodology also allows us to identify critical points. These critical points are components or functions of an architecture that can generate critical failures if attacked. Thus, identifying them can help enhance resilience and avoid cascading effects. We use the SWaT (Secure Water Treatment) testbed as a use case to achieve this objective. This system mimics the actual behavior of a water treatment station in Singapore. We model three resilient designs of SWaT according to our multilayered model. We conduct a resilience assessment based on three relevant metrics used in graph analytics. We compare the results obtained with each metric and discuss their accuracy in identifying critical points. We perform an experimentation analysis based on the knowledge gained by a cyber adversary about the system architecture. We show that the most resilient SWaT design has the necessary potential to bounce back and absorb the attacks. We discuss our results and conclude this work by providing further research axes.

Related papers

• Technical Upgrades to and Enhancements of a System Vulnerability Analysis Tool Based on the Blackboard Architecture [0.0]
  Generalization logic building on the Blackboard Architecture's rule-fact paradigm was implemented in this system. The paper concludes with a discussion of avenues of future work, including the implementation of multithreading.
  arXiv  Detail & Related papers  (2024-09-17T05:06:42Z)
• It Is Time To Steer: A Scalable Framework for Analysis-driven Attack Graph Generation [50.06412862964449]
  Attack Graph (AG) represents the best-suited solution to support cyber risk assessment for multi-step attacks on computer networks. Current solutions propose to address the generation problem from the algorithmic perspective and postulate the analysis only after the generation is complete. This paper rethinks the classic AG analysis through a novel workflow in which the analyst can query the system anytime.
  arXiv  Detail & Related papers  (2023-12-27T10:44:58Z)
• Robustness and Generalization Performance of Deep Learning Models on Cyber-Physical Systems: A Comparative Study [71.84852429039881]
  Investigation focuses on the models' ability to handle a range of perturbations, such as sensor faults and noise. We test the generalization and transfer learning capabilities of these models by exposing them to out-of-distribution (OOD) samples.
  arXiv  Detail & Related papers  (2023-06-13T12:43:59Z)
• Graph Mining for Cybersecurity: A Survey [61.505995908021525]
  The explosive growth of cyber attacks nowadays, such as malware, spam, and intrusions, caused severe consequences on society. Traditional Machine Learning (ML) based methods are extensively used in detecting cyber threats, but they hardly model the correlations between real-world cyber entities. With the proliferation of graph mining techniques, many researchers investigated these techniques for capturing correlations between cyber entities and achieving high performance.
  arXiv  Detail & Related papers  (2023-04-02T08:43:03Z)
• Quantitative Measurement of Cyber Resilience: Modeling and Experimentation [36.19235874144082]
  Cyber resilience is the ability of a system to resist and recover from a cyber attack.<n>This paper describes an experimental method and test bed for obtaining resilience-relevant data.
  arXiv  Detail & Related papers  (2023-03-28T21:01:17Z)
• Improving robustness of jet tagging algorithms with adversarial training [56.79800815519762]
  We investigate the vulnerability of flavor tagging algorithms via application of adversarial attacks. We present an adversarial training strategy that mitigates the impact of such simulated attacks.
  arXiv  Detail & Related papers  (2022-03-25T19:57:19Z)
• Unveiling the potential of Graph Neural Networks for robust Intrusion Detection [2.21481607673149]
  We propose a novel Graph Neural Network (GNN) model to learn flow patterns of attacks structured as graphs. Our model is able to maintain the same level of accuracy as in previous experiments, while state-of-the-art ML techniques degrade up to 50% their accuracy (F1-score) under adversarial attacks.
  arXiv  Detail & Related papers  (2021-07-30T16:56:39Z)
• Federated Learning with Unreliable Clients: Performance Analysis and Mechanism Design [76.29738151117583]
  Federated Learning (FL) has become a promising tool for training effective machine learning models among distributed clients. However, low quality models could be uploaded to the aggregator server by unreliable clients, leading to a degradation or even a collapse of training. We model these unreliable behaviors of clients and propose a defensive mechanism to mitigate such a security risk.
  arXiv  Detail & Related papers  (2021-05-10T08:02:27Z)
• SI-Score: An image dataset for fine-grained analysis of robustness to object location, rotation and size [95.00667357120442]
  Changing the object location, rotation and size may affect the predictions in non-trivial ways. We perform a fine-grained analysis of robustness with respect to these factors of variation using SI-Score, a synthetic dataset.
  arXiv  Detail & Related papers  (2021-04-09T05:00:49Z)
• Learning-Based Vulnerability Analysis of Cyber-Physical Systems [10.066594071800337]
  This work focuses on the use of deep learning for vulnerability analysis of cyber-physical systems. We consider a control architecture widely used in CPS (e.g., robotics) where the low-level control is based on e.g., the extended Kalman filter (EKF) and an anomaly detector. To facilitate analyzing the impact potential sensing attacks could have, our objective is to develop learning-enabled attack generators.
  arXiv  Detail & Related papers  (2021-03-10T06:52:26Z)
• Deep Learning based Covert Attack Identification for Industrial Control Systems [5.299113288020827]
  We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on smart grids. The framework has a hybrid design that combines an autoencoder, a recurrent neural network (RNN) with a Long-Short-Term-Memory layer, and a Deep Neural Network (DNN)
  arXiv  Detail & Related papers  (2020-09-25T17:48:43Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.