Abstract
The progression of cyber-attacks on the cyber-physical system is analyzed by the Probabilistic, Learning Attacker, and Dynamic Defender (PLADD) model. Although our research does apply to all cyber-physical systems, we focus on power grid infrastructure. The PLADD model evaluates the effectiveness of moving target defense (MTD) techniques. We consider the power grid attack scenarios in the AND configurations and OR configurations. In addition, we consider, for the first time ever, power grid attack scenarios involving both AND configurations and OR configurations simultaneously. Cyber-security managers can use the strategy introduced in this manuscript to optimize their defense strategies. Specifically, our research provides insight into when to reset access controls (such as passwords, internet protocol addresses, and session keys), to minimize the probability of a successful attack. Our mathematical proof for the OR configuration of multiple PLADD games shows that it is best if all access controls are reset simultaneously. For the AND configuration, our mathematical proof shows that it is best (in terms of minimizing the attacker′s average probability of success) that the resets are equally spaced apart. We introduce a novel concept called hierarchical parallel PLADD system to cover additional attack scenarios that require combinations of AND and OR configurations.
Highlights
If the randomization of the secret information is not changed periodically, these moving target defense (MTD) can be vulnerable over time
Based on0 the results shown in Tables 4 and 5, we show that the steady-state solution of the attacker s expected probability of success is minimized that the steady-state solution of the attacker′s expected probability of success is minimized when (a) each individual subsystem applies Theorem 1 and Theorem 2 to minimize an when (a) each individual subsystem applies Theorem 1 and Theorem 2 to minimize an attacker0 s expected probability of success and (b) the upper layers of the hierarchical attacker′s expected probability of success and (b) the upper layers of the hierarchical parallel PLADD system apply Theorem 1 and Theorem 2 to minimize an attacker′s expected probability of success
Our research can determine whether the access controls in a cyber-physical system are working together to improve the overall security
Summary
If the randomization of the secret information (e.g., address space position of key data areas of a process) is not changed periodically, these MTDs can be vulnerable over time. Another MTD example is periodically changing passwords or authentication keys. The attacker may use password cracking tools such as Openwall [8] and Hashcat [11] to steal passwords. Note that a password reset from the user will not affect the password cracking tool0 s current progress because the key logger keeps a list of everything the user types. If field cyber-components in a system implement MTDs, the security analysts may have the ability to coordinate each
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
