Critical Infrastructure Protection XV 15th IFIP WG 11.10 International Conference, ICCIP 2021, Virtual Event, March 15{u2013}16, 2021, Revised Selected Papers
معرفی کتاب «Critical Infrastructure Protection XV 15th IFIP WG 11.10 International Conference, ICCIP 2021, Virtual Event, March 15{u2013}16, 2021, Revised Selected Papers» نوشتهٔ Jason Staggs; Sujeet Shenoi; SpringerLink (Online service)، منتشرشده توسط نشر Springer International Publishing : Imprint: Springer در سال 2022. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
CRITICAL INFRASTRUCTURE PROTECTION XV Edited by: Jason Staggs and Sujeet Shenoi The information infrastructure---comprising computers, embedded devices, networks and software systems---is vital to operations in every sector: chemicals, commercial facilities, communications, critical manufacturing, dams, defense industrial base, emergency services, energy, financial services, food and agriculture, government facilities, healthcare and public health, information technology, nuclear reactors, materials and waste, transportation systems, and water and wastewater systems. Global business and industry, governments, indeed society itself, cannot function if major components of the critical information infrastructure are degraded, disabled or destroyed. Critical Infrastructure Protection XV describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated, yet practical, solutions that will help secure information, computer and network assets in the various critical infrastructure sectors. Areas of coverage include · Themes and Issues · Industrial Control Systems Security · Telecommunications Systems Security · Infrastructure Security This book is the fifteenth volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection. The book contains a selection of twelve edited papers from the Fifteenth Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, which was held virtually in the spring of 2021. Critical Infrastructure Protection XV is an important resource for researchers, faculty members and graduate students, as well as for policy makers, practitioners and other individuals with interests in homeland security. Jason Staggs is an Adjunct Assistant Professor of Computer Science at the University of Tulsa, Tulsa, Oklahoma, USA. Sujeet Shenoi is the F.P. Walter Professor of Computer Science and a Professor of Chemical Engineering at the University of Tulsa, Tulsa, Oklahoma, USA. Contents Contributing Authors Preface THEMES AND ISSUES 1 CYBER SECURITY REQUIREMENTS INTHE NORWEGIAN ENERGY SECTOR 1. Introduction 2. Norwegian Electric Power Sector 3. Cyber Security Regulation Development 4. New Cyber Security Contingency Regulations 5. Development of Guidelines 6. Interoperability Principles 7. Cyber Security Policy Implementation 8. Regulatory Requirement Compliance 9. Audits 10. Potential Improvements 11. Conclusions Acknowledgements References 2 CYBER SECURITY AWARENESS REQUIREMENTS FOR OPERATIONAL TECHNOLOGY SYSTEMS 1. Introduction 2. CADOT Concept 3. Related Work 4. Cyber Security Awareness Requirements 5. Key Recommendations 5.1 CADOT User Types 5.2 CADOT Data Access and Display Needs 5.3 CADOT Cyber Security Baseline 5.4 Relevant Additional Information 5.5 CADOT Monitoring Frequencies 5.6 CADOT Query Support 5.7 CADOT Data Extensibility 5.8 Configurable CADOT Alerting 5.9 CADOT Design Constraints 6. CADOT Key Design Features 7. Commercially-Available Technologies 8. Conclusions Acknowledgements References 3 ANALYZING ADVANCED PERSISTENT THREATS USING GAME THEORY: A CRITICAL LITERATURE REVIEW 1. Introduction 2. Preliminaries 2.1 Advanced Persistent Threats 2.2 Information Security Risk Management 2.3 Game Theory 3. Literature Review 4. Application-Area-Based Classification 4.1 Resource Allocation 4.2 Cyber Deception 4.3 Information Leakage 4.4 Optimal Design 5. Metric-Based Classification 5.1 Mitigation Measures 5.2 Risk Management Stages 5.3 Advanced Persistent Threat Stages 5.4 Validation Methods 5.5 Model Assumptions 5.6 Tool Support 6. Critical Analysis 7. Conclusions References INDUSTRIAL CONTROLSYSTEMS SECURITY 4 ATTACKING THE IEC 61131 LOGIC ENGINE IN PROGRAMMABLE LOGIC CONTROLLERS 1. Introduction 2. Background and Related Work 2.1 Industrial Control Systems 2.2 Related Work 3. Attacking Control Logic Engines 4. Case Study 1: SEL-3505 RTAC 4.1 Controller Details 4.2 Vulnerabilities and Attacks 4.3 Experimental Evaluation 5. Case Study 2: Traditional Controllers 5.1 Case Study 2(a): Modicon M221 5.2 Case Study 2(b): MicroLogix 1100 and 1400 6. Mitigation 7. Conclusions Acknowledgements References 5 ANOMALY DETECTION IN AUTOMATION CONTROLLERS 1. Introduction 2. SEL-3505 RTAC Device 3. Anomaly Detection System 3.1 Workload 3.2 System Outputs 3.3 Tuning Parameters 3.4 Decision Algorithm 4. Experimental Design 4.1 Experimental Factors 4.2 Data Collection 4.3 Discriminator Selection 4.4 System Evaluation 5. Experimental Results 5.1 Anomaly Detection Rates 5.2 Improving Detection Rates 6. Conclusions References 6 DETECTING ANOMALOUS PROGRAMMABLE LOGIC CONTROLLER EVENTS USING PROCESS MINING 1. Introduction 2. Related Work 3. Process Mining 4. Overview 5. Proposed Methodology 5.1 Traffic Light System 5.2 Programmable Logic Controller Behavior 5.3 Petri Net Model 5.4 Invalid State Transition Detector 5.5 Anomalous Traffic Light Operations 5.6 Anomalous Behavior Detection 6. Conclusions References 7 SIMULATINGMEASUREMENTATTACKS IN A SCADA SYSTEM TESTBED 1. Introduction 2. Related Work 3. Gas System Model and Experimental Setup 3.1 Gas System Model 3.2 Experimental Setup 4. Single Point of Failure 5. Sophisticated Measurement Attack 6. Discussion 7. Future Work 8. Conclusions Acknowledgements References 8 A COMMUNICATIONS VALIDITYDETECTOR FOR SCADA NETWORKS 1. Introduction 2. Background and Related Work 2.1 SCADA Systems 2.2 SCADA Network Attacks 2.3 Language-Theoretic Security 2.4 SCADA System Forensics 2.5 Software-Defined Networks 2.6 Anomaly Detection 3. Tool Design 3.1 Design Techniques 3.2 Continuous Data Collection and Monitoring 3.3 Distributed Data Collection 3.4 Publish-Subscribe Minion Model 3.5 Detecting Syntactically-Invalid Packets 3.6 Setpoint Monitors 3.7 Detecting Semantically-Incorrect Packets 3.8 User Interfaces 4. Tool Evaluation 4.1 Parser Correctness 4.2 Resilience to Fuzzing 4.3 Crafted Packet Detection 4.4 Parser Performance 4.5 Visualization Capabilities 5. Discussion 6. Conclusions Acknowledgement References TELECOMMUNICATIONS SYSTEMS SECURITY 9 INFINIBAND NETWORK MONITORING: CHALLENGES AND POSSIBILITIES 1. Introduction 2. InfiniBand Architecture 2.1 InfiniBand Hardware 2.2 InfiniBand Software Architecture 2.3 InfiniBand Transport Services 3. Related Work 4. Experimental Setup and Case Studies 4.1 Experimental Setup 4.2 Network Monitoring Tools 4.3 Data Collection Metrics 4.4 Case Study 1 4.5 Case Study 2 4.6 Case Study 3 5. Results 5.1 Case Study 1 Results 5.2 Case Study 2 Results 5.3 Case Study 3 Results 6. Conclusions References 10 GPS SIGNAL AUTHENTICATION USING A CHAMELEON HASH KEYCHAIN 1. Introduction 2. Background and Related Work 2.1 GPS Signals 2.2 Chameleon Hashing 2.3 Related Work 3. GPS Signal Authentication 3.1 Threat Model and Assumptions 3.2 Chameleon Hash Keychain 3.3 Architecture Overview 4. Prototype Implementation 5. Evaluation Results and Discussion 5.1 Execution Time 5.2 Communications Overhead 5.3 Security Aspect 6. Conclusions References INFRASTRUCTURE SECURITY 11SECURITY ANALYSIS OF SOFTWARE UPDATES FOR INDUSTRIAL ROBOTS 1. Introduction 2. Collaborative Robot 3. Previous Work 4. Experiments and Results 4.1 Software Update File 4.2 Symmetric Key 4.3 Software Update Process Flow 5. Software Update Process Vulnerabilities 5.1 Malicious Software Update File Creation 5.2 Arbitrary Script Execution 5.3 Password Integrity 5.4 Arbitrary File Creation 6. Discussion 7. Conclusions Acknowledgement References 12 A SECURITY FRAMEWORK FOR RAILWAY SYSTEM DEPLOYMENTS 1. Introduction 2. Related Work 3. Security Framework 3.1 Procurement Phase 3.2 Testing Phase 3.3 Deployment Phase 3.4 Post-Deployment Phase 4. Conclusions References The information infrastructure – comprising computers, embedded devices, networks and software systems – is vital to operations in every sector: chemicals, commercial facilities, communications, critical manufacturing, dams, defense industrial base, emergency services, energy, financial services, food and agriculture, government facilities, healthcare and public health, information technology, nuclear reactors, materials and waste, transportation systems, and water and wastewater systems. Global business and industry, governments, indeed society itself, cannot function if major components of the critical information infrastructure are degraded, disabled or destroyed.Critical Infrastructure Protection XV describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated, yet practical, solutions that willhelp secure information, computer and network assets in the various critical infrastructure sectors. Areas of coverage include: Industrial Control Systems Security; Telecommunications Systems Security; Infrastructure Security. This book is the fourteenth volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection. The book contains a selection of 13 edited papers from the Fifteenth Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, held as a virtual event during the spring of 2021. Critical Infrastructure Protection XV is an important resource for researchers, faculty members and graduate students, as well as for policy makers, practitioners and other individuals with interests in homeland security.
دانلود کتاب Critical Infrastructure Protection XV 15th IFIP WG 11.10 International Conference, ICCIP 2021, Virtual Event, March 15{u2013}16, 2021, Revised Selected Papers