The effect of layering perimeter defenses on adversarial behavior within an industrial control system

Posted on:2016-05-13

Degree:Ph.D

Type:Dissertation

University:Indiana State University

Candidate:Combs-Ford, Marcia

Full Text:PDF

GTID:1478390017480873

Subject:Technical Communication

Abstract/Summary:

Industrial control systems are integrated communication networks implemented to fulfill the needs of an automation system. Many industrial and automation control end devices, such as programmable logic controllers, were developed without cyber security software or hardware assurance. Consequently, when the industrial control systems merged with corporate enterprise networks industrial control systems were subject to an increase in cyber risks resulting in the exposure of critical infrastructures and industrial automation systems to security breaches. Industrial and automation hosts and field devices were originally designed for the reliable and safe operation of industrial processes; therefore, security was not built into their design. The fragility of hosts and field devices does not lend itself to system maintenance like software upgrades, firmware updates, or antivirus deployment. With limited end device security protection, control engineers layer network perimeter defenses according to Industrial Control Systems (ICS) industry best practices, standards, and recommendations. The purpose of this study was to evaluate the security effectiveness of layering perimeter defenses by analyzing the attack behavior of a mock adversarial group as perimeter defenses were applied to an ICS test network. Using a single-subject A-B-BC-BCD design, this study compared a mock adversarial group's programmable logic controller attack time in an ICS test bed with no perimeter defenses (no treatment) to the same mock adversarial group's programmable logic controller attack time under three varied perimeter defenses. The single subject data analysis based upon visual inspection examining for three parameters, level, trend, and variability. Visual analysis was supported with paired sample t test and standard deviation band statistical analysis. The results of the data analysis was inconclusive due to limited data set, therefore further research with larger sample size is necessary to establish effect of perimeter defenses on adversarial behavior. However, this study revealed by reducing attack vectors and adversaries' network access time lateral movement within a network is negatively impacted as demonstrated by the adversaries' inability to circumvent Treatment B and withdraw.

Keywords/Search Tags:

Industrial control, Perimeter defenses, Network, Adversarial, Behavior, Automation

Related items

1	Adversarial Attack And Defense Algorithms Based On Mid-and High-level Features Of Deep Models
2	Research On Adversarial Attack And Defense Technology In Machine Learning
3	Research Of Attacks And Defenses On Face Recognition Based On Generative Adversarial Network
4	Research On Active Vulnerability Mining Of Industrial Control Protocols Based On Generative Adversarial Learning
5	Industrial Control Network And Its Applied Research, The Control System Of The Sulfide Group
6	Research On Industrial Control Network Intrusion Detection With Recurrent Neural Network
7	Characterizing the Limits and Defenses of Machine Learning in Adversarial Setting
8	Vulnerability Mining Of Industrial Control Protocol Based On Deep Adversarial Learning
9	Research And Application Of Malicious Behavior Detection In Industrial Control Network
10	Research On Adversarial Attacks And Defenses For Image Texture Malware Detection Models