IDEAS home Printed from https://ideas.repec.org/a/igg/jaci00/v15y2024i1p1-27.html

Threat Attribution and Reasoning for Industrial Control System Asset

Author

Listed:
  • Shuqin Zhang

    (Zhongyuan University of Technology, China)

  • Peiyu Shi

    (School of Computer Science, Zhongyuan University of Technology, China)

  • Tianhui Du

    (Zhongyuan University of Technology, China)

  • Xinyu Su

    (Zhongyuan University of Technology, China)

  • Yunfei Han

    (Zhongyuan University of Technology, China)

Abstract

Due to the widespread use of the industrial internet of things, the industrial control system has steadily transformed into an intelligent and informational one. To increase the industrial control system's security, based on industrial control system assets, this paper provides a method of threat modeling, attributing, and reasoning. First, this method characterizes the asset threat of an industrial control system by constructing an asset security ontology based on the asset structure. Second, this approach makes use of machine learning to identify assets and attribute the attacker's attack path. Subsequently, inference rules are devised to replicate the attacker's attack path, thereby reducing the response time of security personnel to threats and strengthening the semantic relationship between asset security within industrial control systems. Finally, the process is used in the simulation environment and real case scenario based on the power grid, where the assets and attacks are mapped. The actual attack path is deduced, and it demonstrates the approach's effectiveness.

Suggested Citation

  • Shuqin Zhang & Peiyu Shi & Tianhui Du & Xinyu Su & Yunfei Han, 2024. "Threat Attribution and Reasoning for Industrial Control System Asset," International Journal of Ambient Computing and Intelligence (IJACI), IGI Global Scientific Publishing, vol. 15(1), pages 1-27, January.
    • Handle: RePEc:igg:jaci00:v:15:y:2024:i:1:p:1-27
    as

    Download full text from publisher

    File URL: https://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/IJACI.333853
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Firoozjaei, Mahdi Daghmehchi & Mahmoudyar, Nastaran & Baseri, Yaser & Ghorbani, Ali A., 2022. "An evaluation framework for industrial control system cyber incidents," International Journal of Critical Infrastructure Protection, Elsevier, vol. 36(C).
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Ramaki, Ali Ahmadian & Ghaemi-Bafghi, Abbas & Rasoolzadegan, Abbas, 2023. "CAPTAIN: Community-based Advanced Persistent Threat Analysis in IT Networks," International Journal of Critical Infrastructure Protection, Elsevier, vol. 42(C).

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:igg:jaci00:v:15:y:2024:i:1:p:1-27. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Journal Editor (email available below). General contact details of provider: https://www.igi-global.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.