Research on SCADA system security reinforcement method based on distributed Pareto algorithm

As the SCADA system develops continuously, the dissemination of malicious network behaviors has brought great risk to the normal operation of enterprises, meanwhile resulting in huge economic burden to personal work and life. Therefore, the security reinforcement strategy is crucial to the field of network security management and analysis of the SCADA system. Some researchers have started to investigate on how to minimize the cost of realizing the SCADA system reinforcement strategy. However, the SCADA system administrators are facing a very challenging problem, that’s the reinforcement budget is less than the minimal input of SCADA system security reinforcement. The core of this problem lies on how to choose a subset from massive security reinforcement strategies, so as to minimize the risks from not patching all essential security vulnerabilities within the budget. Based on a deep comparative analysis of existing multi-objective optimization technologies, this paper proposes a multi-objective optimization method based on system attack tree model, and uses Pareto algorithm to solve this problem. The experimental results demonstrate that the Pareto algorithm can effectively make the multi-objective decision in security reinforcement strategy, and can solve practical issues in actual SCADA system security reinforcement practice.

A hybrid threat model for system-centric and attack-centric for effective security design in SDLC

Threat modeling is an essential activity in the security development lifecycle. To provide security at the design phase of software development, Microsoft introduced threat modeling stride to identify the vulnerabilities and attacks of application. An efficient solution is necessary to deal with these issues in the software development life cycle. In this context, the paper focused on the analysis of threats and attack tree techniques that are traditionally available and frequently used. Automated Threat modeling enables to simulate attacks and visualized the existing vulnerabilities and misconfiguration. A hybrid model is proposed based on system-centric and attacker-centric to identify the threats in the software application during the software design phase. This model is built by STRIDE by defining security architecture and then analyzed the risks regarding its security characteristics and applied to its real application system. Our model is applied in a case study of the health center management system and shows a better result is identifying the threats and severity in the design phase. And also attack tree defines the stages of threats to understand the severity.

Field Assessment of the Host Range of Aculus mosoniensis (Acari: Eriophyidae), a Biological Control Agent of the Tree of Heaven (Ailanthus altissima)

Tree of heaven (Ailanthus altissima) is a fast-growing deciduous tree native to China, considered a serious invasive species worldwide, with several socio-economic and ecological impacts attributed to it. Chemical and mechanical methods have limited efficacy in its management, and biological controls may offer a suitable and sustainable option. Aculus mosoniensis (Ripka) is an eriophyid mite that has been recorded to attack tree of heaven in 13 European countries. This study aims to explore the host range of this mite by exposing 13 plant species, selected either for their phylogenetic and ecological similarity to the target weed or their economic importance. Shortly after inoculation with the mite, we recorded a quick decrease in mite number on all nontarget species and no sign of mite reproduction. Whereas, after just one month, the population of mites on tree of heaven numbered in the thousands, irrespective of the starting population, and included both adults and juveniles. Significantly, we observed evidence of damage due to the mite only on target plants. Due to the specificity, strong impact on the target, and the ability to increase its population to high levels in a relatively short amount of time, we find A. mosoniensis to be a very promising candidate for the biological control of tree of heaven.

A prediction model of urban counterterrorism based on stochastic strategy

With ever increasing complexity and intelligence of the modern cities, protecting key public facilities and important targets from any damage is a major challenge for the security sector. In all types of anti-terrorism prediction models, the prediction of attack behaviour is indispensable. Therefore, the attack behaviour model plays an important role in the anti-terrorism security system. This paper builds the attacker’s behaviour model, and carries out the prediction about the possible attack behaviour by the attacker model based on random strategy. According to the attack strategies, analysis and construction of the attack tree and attack graph are carried out based on the state-based stochastic model. The paper describes the security system in detail taking use of the state-based stochastic model method, so as to clarify the state distribution and the transfer relationship between the states of various security resources after threatened by attacks. At the same time, this paper applies the state-based stochastic model to establish the attacker model through the impact of attack on the security system.

A Systematic Risk Assessment Framework of Automotive Cybersecurity

The increasingly intelligent and connected vehicles have brought many unprecedented automotive cybersecurity threats, which may cause privacy breaches, personal injuries, and even national security issues. Before providing effective security solutions, a comprehensive risk assessment of the automotive cybersecurity must be carried out. A systematic cybersecurity risk assessment framework for automobiles is proposed in this study. It consists of an assessment process and systematic assessment methods considering the changes of threat environment, evaluation target, and available information in vehicle lifecycle. In the process of risk identification and risk analysis, the impact level and attack feasibility level are assessed based on the STRIDE model and attack tree method. An automotive cybersecurity risk matrix using a global rating algorithm is then constructed to create a quantitative risk metric. Finally, the applicability and feasibility of the proposed risk assessment framework are demonstrated through a use case, and the results prove that the proposed framework is effective. The proposed assessment framework helps to systematically derive automotive cybersecurity requirements.

A risk and security assessment of VANET availability using attack tree concept

The challenging nature of insecure wireless channels and the open-access environment make the protection of vehicular ad hoc network (VANET) a particularly critical issue. Researchers and interested authorities have therefore paid more attention to this issue. Therefore, robust approaches to protect this network's security and privacy against adversaries and attacks need to be improved, trying to achieve an adequate level, to secure the confidential information of drivers and passengers. Accordingly, to improve the security of VANET, it is necessary to carry out a risk assessment, in order to evaluate the risk that faces this network. This paper focuses on the security threats in vehicular network especially on the availability of this network. We propose a novel risk assessment approach to evaluate the risk of the attack that the attacker can lead against the availability of VANET. We adopt a tree structure called attack tree to model the attacker's potential attack strategies. Based on this attack tree model, we can estimate the degree that a certain threat can lead to the VANET and identify possible attack sequences that an attacker may launch against the availability of this network. Then we utilize the multi-attribute utility theory to calculate the system’s total risk value also the probabilities of each attack sequence. The analysis results can provide support for decision-makers to make corresponding protection measures against the attack on the availability of this network.