Open AccessDemystifying Advanced Persistent Threats for Industrial Control Systems
Author(s) -
Anastasis Keliris,
Michail Maniatakos
Publication year - 2017
Publication title -
mechanical engineering
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.117
H-Index - 17
eISSN - 1943-5649
pISSN - 0025-6501
DOI - 10.1115/1.2017-mar-6
Subject(s) - sophistication , computer security , industrial control system , process (computing) , field (mathematics) , intrusion detection system , computer science , engineering , critical infrastructure , control (management) , network security , risk analysis (engineering) , systems engineering , business , social science , mathematics , artificial intelligence , sociology , pure mathematics , operating system
This article discusses a comprehensive methodology for designing an Advanced Persistent Threat (APT), which is a stealthy and continuous type of cyberattack with a high level of sophistication suitable for the complex environment of Industrial Control Systems (ICS). The article also explains defensive strategies that can assist in thwarting cyberattacks. The APT design process begins with Reconnaissance, which is continuously undertaken throughout the lifetime of a cyberattack campaign. With regard to securing the network infrastructure of an ICS, best practices for network security should be enforced. These could include the use of firewalls, Intrusion Detection or Prevention Systems (IDS/IPS), and network separation between corporate and field networks. A new field of research for securing ICS relates to process-aware defense mechanisms. These mechanisms analyze information directly from the field and try to detect anomalies specific to the physical characteristics of an ICS process.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom