A Threat Hunting Framework for Industrial Control Systems
نویسندگان
چکیده
An Industrial Control System (ICS) adversary often takes different actions to exploit vulnerabilities, pass the border between Information Technology (IT) and Operational (OT) networks, launch a targeted attack against OT networks. Detecting these threat in early phases before final stage of attacks can be executed industrial endpoints help prevent adversaries from achieving their goals. Threat hunting IT networks has been previously studied, several methods have proposed. However, are not sufficient for ICSs, as integration legacy systems with advanced introduced new types vulnerabilities changed behaviour attacks. The lack unified solution integrated is gap that considered our paper. contribution this paper an ICS Hunting Framework (ICS-THF) which focuses on detecting cyber threats devices earliest lifecycle. ICS-THF consists three stages, triggers, hunting, intelligence. trigger identifies events or external resources stage. uses combination MITRE ATT&CK Matrix Diamond model intrusion analysis generate hypothesis predict future adversary. This will validated by analysing models actions. Finally, intelligence responsible generating Indicators Compromise (IoCs) used hunting. Black Energy 3 malware, PLC-Blaster SWaT dataset evaluate efficiency proposed framework.
منابع مشابه
A Framework for Threat Assessment in Access Control Systems
We describe a framework for threat assessment specifically within the context of access control systems, where subjects request access to resources for which they may not be pre-authorized. The framework that we describe includes four different approaches for conducting threat assessment: an object sensitivity-based approach, a subject trustworthiness-based approach and two additional approache...
متن کاملA New Hunting Control Method for Permanent Magnet Hysteresis Motors
Hunting is a flutter associated with the synchronous speed that gives rise to the gyro drifting errors and may cause objectionable time-displacement errors in video head wheel drives and other precision scanning systems. In this paper, dynamic characteristics of permanent Magnet hysteresis motors are presented and hunting is explained. New damping techniques have been developed using optimi...
متن کاملBuilding a Comprehensive Conceptual Framework for Power Systems Resilience Metrics
Recently, the frequency and severity of natural and man-made disasters (extreme events), which have a high-impact low-frequency (HILF) property, are increased. These disasters can lead to extensive outages, damages, and costs in electric power systems. A power system must be built with “resilience” against disasters, which means its ability to withstand disasters efficiently while ensuring the ...
متن کاملA Cybersecurity Testbed for Industrial Control Systems
The National Institute of Standards and Technology (NIST) is developing a cybersecurity testbed for industrial control systems (ICS). The goal of this testbed is to measure the performance of an ICS when instrumented with cybersecurity protections in accordance with practices prescribed by prevailing standards and guidelines. This paper outlines the testbed design and lists research goals, use ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Access
سال: 2021
ISSN: ['2169-3536']
DOI: https://doi.org/10.1109/access.2021.3133260