From sinking to saving: MITRE ATT &CK and D3FEND frameworks for maritime cybersecurity

Springer Science and Business Media LLC
Awais Yousaf1, Jianying Zhou1
1iTrust, Centre for Research in Cyber Security, Singapore University of Technology and Design (SUTD), Singapore, Singapore

Tóm tắt

Từ khóa


Tài liệu tham khảo

Outcome of the regulatory scoping exercise for the use of maritime autonomous surface ships (mass). https://www.imo.org/en/MediaCentre/PressBriefings/pages/MASSRSE2021.aspx, Accessed on July 14 (2023)

Zhou, X.Y., Liu, Z.J., Wang, F.W., Zhao Lin, W.: A system-theoretic approach to safety and security co-analysis of autonomous ships. Ocean Eng. 222, 108569 (2021)

Initial sea trials successfully completed by wärtsilä & psa marine’s ground-breaking ‘intellitug’ project. https://www.wartsila.com/media/news/13-03-2020-initial-sea-trials-successfully-completed-by-wartsila-psa-marine-s-ground-breaking-intellitug-project-3290931. Accessed 14 July 2023

Yara birkeland | yara international. https://www.yara.com/news-and-media/media-library/press-kits/yara-birkeland-press-kit/. Accessed 14 July 2023

Autonomous systems | l3harris® fast. forward. https://www.l3harris.com/all-capabilities/autonomous-systems. Accessed 14 July 2023

The nippon foundation meguri2040 fully autonomous ship program | the nippon foundation. https://www.nippon-foundation.or.jp/en/what/projects/meguri2040. Accessed 14 July 2023

Uncrewed surface vessel (usv) cetus: university of plymouth. https://www.plymouth.ac.uk/research/esif-funded-projects/usv-cetus. Accessed 14 July 2023

Autoferry - ntnu. https://www.ntnu.edu/autoferry. Accessed 14 July 2023

Rajaram, P., Goh, M., Zhou, J.: Guidelines for cyber risk management in shipboard operational technology systems. J. Phys.: Conf. Ser. 2311, 012002 (2022)

Huang, B., Liu, Y.: A network vulnerability assessment method using general attack tree. In: 2022 5th International Conference on Data Science and Information Technology, DSIT 2022—Proceedings (2022)

Morikawa, I., Yamaoka, Y.: Threat tree templates to ease difficulties in threat modeling. In: Proceedings: 2011 International Conference on Network-Based Information Systems, NBiS 2011, pp. 673–678 (2011)

Khan, M.S., Siddiqui, S., Ferens, K.: A cognitive and concurrent cyber kill chain model. Comput. Netw. Secur. Essent. (2017). https://doi.org/10.1007/978-3-319-58424-9_34

Khan, R., McLaughlin, K., Laverty, D., Sezer, S.: Stride-based threat modeling for cyber-physical systems. In: 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe, ISGT-Europe 2017—Proceedings, 2018-January:1–6, 7 (2017)

Straub, J.: Modeling attack, defense and threat trees and the cyber kill chain, attck and stride frameworks as blackboard architecture networks. In: Proceedings: 2020 IEEE International Conference on Smart Cloud, SmartCloud 2020, pp. 148–153 (2020)

Bistarelli, S., Fioravanti, F., Peretti, P.: Defense trees for economic evaluation of security investments. In: Proceedings: First International Conference on Availability, Reliability and Security, ARES 2006(2006), pp. 416–423 (2006)

Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of attack-defense trees. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 6561 LNCS, pp. 80–95 (2011)

Roy, A., Kim, D.S., Trivedi, K.S.: Attack countermeasure trees (act): towards unifying the constructs of attack and defense trees. Secur. Commun. Netw. 5, 929–943 (2012)

Kaloroumakis, P.E., Smith, M.J.: Toward a knowledge graph of cybersecurity countermeasures. The MITRE Corporation, Case 20-2034 (2021)

Mitre att &ck®. https://attack.mitre.org/. Accessed 14 July 2023

Welcome to the cyber analytics repository | mitre cyber analytics repository. https://car.mitre.org/. Accessed 14 July 2023

Introduction to stix. https://oasis-open.github.io/cti-documentation/stix/intro.html. Accessed 14 July 2023

D3fend matrix | mitre d3fend$$^{{\rm TM}}$$. https://d3fend.mitre.org/. Accessed 14 July 2023

Karim, M.S.: Maritime cybersecurity and the imo legal instruments: Sluggish response to an escalating threat? Mar. Policy 143, 105138, 9 (2022)

Imo international convention for the safety of life at sea (solas) 1974. UN Treaty Series 1974, MSC.519(106), 11 (2022)

Msc 98-23-add.1 - report of the maritime safety committee on its ninety-eighth session (secretariat). https://www.imo.org. Accessed 14 July 2023

Iacs adopts new requirements on cyber safety - e26 and e27. https://iacs.org.uk/news/iacs-adopts-new-requirements-on-cyber-safety/. Accessed 14 July 2023

Luh, R., Eresheim, S., Grosbacher, S., Petelin, T., Mayr, F., Tavolato, P., Schrittwieser, S.: Penquest reloaded: A digital cyber defense game for technical education. IEEE Global Engineering Education Conference, EDUCON, 2022-March:906–914 (2022)

Kaiser, F.K., Andris, L.J., Tennig, T.F., Iser, J.M., Wiens, M., Schultmann, F.: Cyber threat intelligence enabled automated attack incident response. In: Proceedings: 3rd International Conference on Next Generation Computing Applications, NextComp 2022 (2022)

Aghamohammadpour, A., Mahdipour, E., Attarzadeh, I.: Architecting threat hunting system based on the DODAF framework. J. Supercomput. 79, 4215–4242, 3 (2023)

Benedetti, G., Verderame, L., Merlo, A.: Alice in (software supply) chains: risk identification and evaluation. Commun. Comput. Inf. Sci. 1621 CCIS, 281–295 (2022)

Sikos, L.F.: Cybersecurity knowledge graphs. Knowledge and Information Systems, pp. 1–21 (2023)

Lund, M.S., Hareide, O.S., Jøsok, Ø.: An attack on an integrated navigation system. Necesse 3(2), 149–163 (2018)

Lund, M.S., Gulland, J.E., Hareide, O.S., Josok, E., Weum, K.O.C.: Integrity of integrated navigation systems. In: 2018 IEEE Conference on Communications and Network Security, CNS 2018, 8 (2018)

Svilicic, B., Brčić, D., Žuškin, S., Kalebić, D.: Raising awareness on cyber security of ECDIS. Int. J. Mar. Navig. Saf. Sea Transp. 13(1), 231–236 (2019)

Svilicic, B., Rudan, I., Frančić, V., Doričić, M.: Shipboard ECDIS cyber security: third-party component threats. Pomorstvo 33(2), 176–180 (2019)

Svilicic, B., Rudan, I., Jugović, A., Zec, D.: A study on cyber security threats in a shipboard integrated navigational system. J. Mar. Sci. Eng. 7, 364 (2019)

Nessus: vulnerability scanning tool. https://www.tenable.com/. Accessed 14 July 14 2023

Amro, A., Gkioulos, V.: From click to sink: Utilizing ais for command and control in maritime cyber attacks. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 13556 LNCS, pp. 535–553 (2022)

Svilicic, B., Kamahara, J., Rooks, M., Yano, Y.: Maritime cyber risk management: an experimental ship assessment. J. Navig. 72, 1108–1120 (2019)

Cwe: common weakness enumeration. https://cwe.mitre.org/. Accessed 14 July 2023

Cve: common vulnerabilities and exposures. https://cve.mitre.org. Accessed 14 July 2023

Ahmed, A., Vasileios, G., Sokratis, K.: Assessing cyber risk in cyber-physical systems using the att &ck framework. ACM Trans. Priv. Secur. 26(2), 1–33 (2021)

Iec 60812 ed. 3.0 b:2018—failure modes and effects analysis (fmea and fmeca). https://webstore.ansi.org/standards/iec/iec60812ed2018?gclid=EAIaIQobChMIg9PTzIyS_gIVYZlmAh3APQdPEAAYASAAEgILdvD_BwE. Accessed 14 July 2023

Oruc, A., Amro, A., Gkioulos, V.: Assessing cyber risks of an ins using the mitre att &ck framework. Sensors 22, 8745 (2022)

Longo, G., Russo, E., Armando, A., Merlo, A.: Attacking (and defending) the maritime radar system. IEEE Trans. Inf. Forens. Secur. 18, 3575–3589 (2023)

Longo, G., Merlo, A., Armando, A., Russo, E.: Electronic attacks as a cyber false flag against maritime radars systems. In: IEEE Proceedings—48th Conference on Local Computer Networks, LCN 2023, pp. 1–6 (2023)

Silverajan, B., Ocak, M., Nagel, B.: Cybersecurity attacks and defences for unmanned smart ships. pp. 15–20 (2018)

Secret files show alleged iranian plans to sink ships using cyberattacks | the times of israel. https://www.timesofisrael.com/secret-files-show-alleged-iranian-plans-to-sink-ships-using-cyberattacks/. Accessed 14 July 2023

International convention for the control and management of ships’ ballast water and sediments (bwm). https://www.imo.org/en/About/Conventions/Pages/International-Convention-for-the-Control-and-Management-of-Ships%27-Ballast-Water-and-Sediments-(BWM).aspx. Accessed 14 July 2023

Jo, Y., Choi, O., You, J., Cha, Y., Lee, D.H.: Cyberattack models for ship equipment based on the mitre att &ck framework. Sensors 22, 1860 (2022)

What is persistent xss | acunetix. https://www.acunetix.com/blog/articles/persistent-xss/. Accessed 14 July 2023

Timm, C., Perez, R.: Seven deadliest social network attacks. Seven Deadliest Social Network Attacks (2010)

York, D.: Seven deadliest unified communications attacks. Seven Deadliest Unified Communications Attacks (2010)

Stouffer, K., Pillitteri, V., Lightman, S., Abrams, M., Hahn, A.: Nist special publication 800-82 revision 2 guide to industrial control systems (ics) security supervisory control and data acquisition (scada) systems, distributed control systems (dcs), and other control system configurations such as programmable logic controllers (plc)

Att &ck mitigations to d3fend mappings | mitre d3fend$$^{{\rm TM}}$$. https://d3fend.mitre.org/mappings/attack-mitigations/. Accessed 14 July 2023

Digital artifact ontology | mitre d3fend$$^{{\rm TM}}$$. https://d3fend.mitre.org/dao/. Accessed 14 July 2023

Ray, K.D.: Intrusion detection using a heartbeat, 4 (2023)

Kornaros, G., Harteros, K., Christoforakis, I., Astrinaki, M.: I/o virtualization utilizing an efficient hardware system-level memory management unit. 2014 International Symposium on System-on-Chip, SoC 2014, 12 (2014)

BIMCO and ICS Witherbys. Cyber Security Workbook for On Board Ship Use - 4th Edition, 2023 - Witherbys. 4th edition, 10 (2022)

Williams, T.J.: The purdue enterprise reference architecture. IFAC Proc. Vol. 26, 559–564, 7 (1993)

Yousaf, A., Loan, A., Babiceanu, R.F., Maglaras, L., Yousaf, O.: Convergence of detection probability, computational gains, and asymptotic analysis of an algorithm for physical-layer intrusion detection system. Trans. Emerg. Telecommun Technol. 29(8), e3430 (2018)

Li, D., Guo, H., Zhou, J., Zhou, L., Wong, J.W.: Scadawall: a cpi-enabled firewall model for scada security. Comput. Secur. 80, 134–154, 1 (2019)

Bothur, D., Zheng, G., Valli, C.: A critical analysis of security vulnerabilities and countermeasures in a smart ship system. In: 15th Australian Information Security Management Conference, pp. 81–87 (2017)

Zăgan, R., Raicu, G.: Understanding of the cyber risk on board ship and ship stability. Annals of “Dunarea de Jos’’ University of Galati. Fascicle XI Shipbuild. 42, 81–90, 11 (2019)

Kavallieratos, G., Spathoulas, G., Katsikas, S.: Cyber risk propagation and optimal selection of cybersecurity controls for complex cyberphysical systems. Sensors 21, 1691 (2021)

Kavallieratos, G., Katsikas, S.: Managing cyber security risks of the cyber-enabled ship. J. Mar. Sci. Eng. 8, 768 (2020)

Bhatti, J., Humphreys, T.E.: Hostile control of ships via false gps signals: demonstration and detection. Navigation 64, 51–66, 3 (2017)

Kozak, P., Klaban, I., Slajs, T.: Industroyer cyber-attacks on ukraine’s critical infrastructure. In: 2023 9th International Conference on Military Technologies, ICMT 2023—Proceedings (2023)

Mitre | atlas$$^{{\rm TM}}$$. https://atlas.mitre.org. Accessed 22 Oct 2023

Thông tin
Thông tin xuất bản

Springer Science and Business Media LLC

Thông tin tác giả