Strategies for Combating Sophisticated Attacks

ABSTRACT
Industrial control systems (ICS) monitor and control the processes of public utility infrastructures that society depends on—the electric power grid, oil and gas pipelines, transportation and water facilities. Attacks that impact the operations of these critical assets could have devastating consequences. Yet, the complexity and desire to interconnect ICS components have introduced vulnerabilities and attack surfaces that previously did not exist. Cyber attacks are increasing in sophistication and have demonstrated an ability to cross over and create effects in the physical domain. Most notably, ICS associated with the critical infrastructure have proven susceptible to sophisticated, targeted attacks.
The numerous communication paths, various ingress and egress points, diversity of technology and operating requirements provide myriad opportunities for a motivated adversary. Indeed, the complex systems enable both traditional and nontraditional attack surfaces. Current defense strategies and guidelines focus on defense-in-depth as a core component to protect critical resources. System security relies on multiple protection mechanisms to present an attacker with various challenges to overcome. This strategy, however, is not adequate for safeguarding critical assets against sophisticated attacks. This paper analyzes current ICS defense strategies and demonstrates that defense-in-depth alone is not a successful means for preventing attacks. Findings indicate that a paradigm shift is required to thwart advanced threats. As an alternative, cyber security for ICS is examined from the notion of weakest link as opposed to the current recommended strategies. Recent examples, including Stuxnet, are examined to shed light on the next-generation targeted attack in the context of current defensive strategies. The results demonstrate that current defense-in-depth strategies are necessary but not sufficient.
AUTHORS

Department of Computer Science and Engineering, Wright State University
Dayton, OH, USA
Chad Arnold, received a B.A. degree in computer science from DePauw University in 2006 and a M.S. in computer science from California Lutheran University in 2008. He is currently working toward a Ph.D. in computer engineering and computer science at Wright State University while participating in collaborative research with the Air Force Institute of Technology.

Department of Electrical & Computer Engineering
 Air Force Institute of Technology
Wright-Patterson Air Force Base, OH, United States
Jonathan Butts, PhD (Major, USAF) Center for Cyberspace Research Air Force Institute of Technology Dr. Jonathan Butts is an assistant professor of computer science and member of the Center for Cyberspace Research at the Air Force Institute of Technology. He received his PhD in Computer Science from the University of Tulsa in 2010, an MS in Information Assurance from the Air Force Institute of Technology in 2006, and a BS in Computer Science from Chapman University in 2001. Jonathan is an active duty Major in the United States Air Force with 15 years of service. He is a fellow of the National Board of Information Security Examiners and committee Chair for the International Federation for Information Processing Working Group on Critical Infrastructure Protection. He has performed research and worked extensively with the Department of Defense, Department of Homeland Security, Department of Energy, National Security Agency, Central Intelligence Agency and US Secret Service.

Department of Computer Science and Engineering, Wright State University
Dayton, OH, USA
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive

