Optimal Defense Policies for Cost-Constrained Cyber Physical System

被引:1
作者
Cheng, Yong [1 ]
Yang, Yonggang [1 ]
Guo, Qian [2 ]
Xu, Bingfeng [3 ]
He, Gaofeng [4 ,5 ]
机构
[1] State Grid Shanxi Eelect Power Co, Xian 710048, Peoples R China
[2] Global Energy Interconnect Res Inst Co Ltd, Nanjing 210003, Peoples R China
[3] Nanjing Forestry Univ, Coll Informat Sci & Technol, Nanjing 210037, Peoples R China
[4] Nanjing Univ Posts & Telecommun, Coll Internet Things, Nanjing 210003, Peoples R China
[5] Southeast Univ, Minist Educ, Key Lab Comp Network & Informat Integrat, Nanjing, Peoples R China
来源
2020 EIGHTH INTERNATIONAL CONFERENCE ON ADVANCED CLOUD AND BIG DATA (CBD 2020) | 2020年
基金
中国国家自然科学基金;
关键词
CPS; attack defense tree; cost constraint; minimum cut set;
D O I
10.1109/CBD51900.2020.00048
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Cyber-Physical System (CPS) usually consists of vast amounts of heterogeneous nodes, and several types of nodes may not be upgraded or installed with new programs during their life spans. How to choose appropriate nodes to deploy security defense mechanisms to ensure system security is a vital and challenging issue. This paper considers the selection of optimal defense policies under a given cost constraint. First, we use the Attack Defense Tree (ADTree) to model attacks and countermeasures for CPS. Then, each defense node in ADTree is given a defense cost attribute and a defense success probability attribute as security evaluation indicators. After that, a probability tree model is proposed for evaluating the final defense success probability. Finally, based on the Minimum Cut Set (MCS) theory, the nodes that can maximize the defense probability with acceptable cost are selected as the optimal defense nodes. An open-source calculation tool is implemented, and the evaluation is performed through a denial of service attack against CPS. The results show that the proposed method is accurate and efficient, which can guide the formulation of CPS security protection.
引用
收藏
页码:225 / 230
页数:6
相关论文
共 18 条
[1]   Cyber-physical systems and their security issues [J].
Alguliyev, Rasim ;
Imamverdiyev, Yadigar ;
Sukhostat, Lyudmila .
COMPUTERS IN INDUSTRY, 2018, 100 :212-223
[2]  
[Anonymous], 2015, NEUROPSYCHOLOGIA
[3]  
Berro S, P 6 INT WORKSH GRAPH P 6 INT WORKSH GRAPH
[4]  
Bolbot V, 2018, RELIAB ENG SYST SAFE
[5]  
Dean Ting P.-K., 1999, Engineering Economist, V44, P303, DOI 10.1080/00137919908967526
[6]  
[丁明 Ding Ming], 2018, [电力系统保护与控制, Power System Protection and Control], V46, P37
[7]  
Eisentraut J, QUANTITATIVE EVALUAT
[8]   Algorithm model research oil the logical cutting tree on the network maximum flow [J].
Fang, Z ;
Liu, SF ;
Xu, BG .
KYBERNETES, 2004, 33 (02) :255-262
[9]   Fault diagnostics of dynamic system operation using a fault tree based method [J].
Hurdle, E. E. ;
Bartlett, L. M. ;
Andrews, J. D. .
RELIABILITY ENGINEERING & SYSTEM SAFETY, 2009, 94 (09) :1371-1380
[10]  
Ji X, 2016, 2016 17TH IEEE/ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCE, NETWORKING AND PARALLEL/DISTRIBUTED COMPUTING (SNPD), P693, DOI 10.1109/SNPD.2016.7515980