Αναγνώριση, μοντελοποίηση και αξιολόγηση κυβερνο-φυσικών μονοπατιών επίθεσης προερχόμενα από το Διαδίκτυο των Πραγμάτων, κατά κρίσιμων υποδομών και υπηρεσιών
Identification, modeling and assessment of IoT-enabled, cyber-physical attack paths against critical infrastructures and services
View/
Keywords
Internet of Things ; Critical infrastructures ; Attack paths ; Cyber-physical interactions ; Risk assessmentAbstract
Critical Infrastructures (CIs) play a vital role to the well-being of our society, as their disruption would have a significant effect on the security, safety, economy and public health at a national or even international level. Power grids, communication networks,
industry infrastructures, transportation networks, health services, financial services, agriculture as well as urban environments can be considered as the most important CI sectors. In the last few decades the growth of Information and Communication Technologies (ICT) have introduced Industrial Control Systems (ICS) which, in turn, play a vital role on most CIs environments. Unfortunately, cyber-physical threats evolved to fit this new environment. Attacks that formerly required physical access
to be triggered, have not become cyber-enabled: A remote adversary could disrupt the operations of a CI just by attacking the corresponding ICS systems.
Furthermore, the introduction of Industry 4.0 as well as the Internet of Things (IoT) related technologies have further transformed the CIs. Enabling features such as system automation and operating efficiency, remote management, command & control, production programming and optimization, human error as well as production cost reduction became the norm to otherwise isolated complex cyber-physical systems.
But all this interconnectivity, interoperability and physical proximity transformed the threat landscape by introducing complex and hard-to-identify attack vectors against Cyber-Physical Systems (CPS) that used to be isolated systems. In addition, the lack of up-to-date security controls and frameworks, the use of commercial, off-the-shelf IoT devices in manufacturing and industrial facilities, the plethora of vulnerabilities found in both hardware and software, the adoption of insecure wireless network protocols and the copious cyber-physical capabilities of IoT-devices, have enabled remote adversaries to extend their reach from cyber to cyber-physical thus resulting in complex, subliminal attack scenarios. Most of these attacks can be considered as IoT-enabled : The attacker initially exploits some vulnerable IoT technology as a first step towards compromising a critical system that is connected with it, in some way.
Unfortunately, existing Risk Assessment (RA) methodologies cannot address these new threat types. In the literature, there is a lack of risk assessment methodologies targeted in identifying, modelling and assessing such complex cyber-physical attack
vectors. The main research goal of this thesis is to contribute in understanding, identifying and assessing these novel IoT-enabled, cyber-physical attacks paths against critical infrastructures and services.
The thesis is structured in five sections, each of which includes a number of chapters. In Section I the foundations (Chapter 1) and the related work (Chapter 2) is introduced, to assist the reader in understanding the current state-of-the-art and the open research challenges related with the identification and assessment of IoT-enabled, cyber-physical attacks. Section II (Chapters 3-4) analyzes the relevant threat landscape. In particular, in Chapter 3 we review recent, Proof-of-Concept (PoC) as well as real incidents of IoT-enabled attacks on critical infrastructures and services whereas in Chapter 4 we dive into a deeper analysis of high-profile attacks presented in the previous chapter.
Section III (Chapters 5-6) introduces the novel risk assessment methodologies introduced in this thesis. Specifically, in Chapter 5 we propose a high-level framework in order to assess the criticality of the attack scenarios presented in Chapters 3 and 4. Then, in Chapter 6, we develop a low-level, detailed RA methodology to identify, model and assess complex, IoT-enabled cyber-physical attacks. Section IV (Chapters 7-9) focuses on the validation of the methodologies presented in Chapters 5 and 6. Particularly, in Chapter 7 we apply the framework presented in Chapter 5 on the cyber-physical attacks presented in Chapters 3 and 4, considering a worst-case scenario approach. Then, we test the low-level RA methodology presented in Chapter 6, in two different cases: a smart city scenario (Chapter 8) and a healthcare scenario (Chapter 9).
Finally, Section V (Chapters 10-11) summarizes the results of this thesis that are related with the mitigation of IoT-enabled attack paths, along with open research challenges that require additional future work respectively. In Chapter 10 state-of-the-art mitigation controls are proposed for specific domains. In particular, countermeasures that aim at reducing the threat and/or the vulnerability level, in the context of the attack scenarios presented in Chapter 10. Additionally, mitigation strategies based on the results of our low-level methodology are presented for the e-healthcare PoC scenario. Finally, Chapter 11 concludes this thesis by providing an overview of the proposed methodologies, along with their limitations and the future research challenges that have been identified.