Automatic Security Assessment of Critical Cyber-Infrastructures

被引:10
作者
Anwar, Zahid [1 ]
Shankesi, Ravinder [1 ]
Campbell, Roy. H. [1 ]
机构
[1] Univ Illinois, Urbana, IL USA
来源
2008 IEEE INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS & NETWORKS WITH FTCS & DCC | 2008年
关键词
D O I
10.1109/DSN.2008.4630105
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 [计算机科学与技术];
摘要
This research investigates the automation of security assessment of the static and dynamic properties of cyberinfrastructures, with emphasis on the electrical power grid. We describe a network model representing the static elements of a cyberinfrastructure including devices, services, network connectivity, vulnerabilities, and access controls. The dynamic elements include workflow models of the operating procedures, processes and the state of a working power grid. We introduce a toolkit that with a little manual assistance can automatically generate these models from specifications, continuously update attributes from online event aggregators, and perform security assessment. The assessment reveals whether observed anomalies about the system could indicate possible security problems and permit dynamic ranking of alternative recovery procedures to minimize the total risk We motivate the use of the tool-chain by showing an example scenario where the recovery procedure recommended to minimize security risk depends on the current state of system as well as the network topology.
引用
收藏
页码:366 / 375
页数:10
相关论文
共 23 条
[1]
[Anonymous], 2004, P INT INFR SURV WORK
[2]
ANWAR Z, 2008, IFIP WG 11 10 INT C
[3]
AXEL B, 2004, SPRINGER LNCS
[4]
*BRIT COL I TECHN, 2001, BRIT COL I TECHN IND
[5]
Clavel M, 2003, LECT NOTES COMPUT SC, V2706, P76
[6]
Clavel M, 2007, SPRINGER LNCS, V4350, DOI 10.1007/978-3-540-71999-1.
[7]
MCQUEEN MA, 2006, 39 ANN HAW INT C SYS
[8]
CONDITIONAL REWRITING LOGIC AS A UNIFIED MODEL OF CONCURRENCY [J].
MESEGUER, J .
THEORETICAL COMPUTER SCIENCE, 1992, 96 (01) :73-155
[9]
MESERVE J, 2007, CNN ARTICLE SEP
[10]
NOEL S, 2004, COMPUTER SECURITY AP