Novel security models, metrics and security assessment for maritime vessel networks
| Autor: | Dong Seong Kim, Simon Yusuf Enoch, Jang Se Lee |
|---|---|
| Rok vydání: | 2021 |
| Předmět: |
Computer Networks and Communications
business.industry Computer science media_common.quotation_subject Probabilistic logic Vulnerability Navigation system 020206 networking & telecommunications Usability 02 engineering and technology Computer security model Computer security computer.software_genre GeneralLiterature_MISCELLANEOUS Countermeasure Management system 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing The Internet Function (engineering) business Risk assessment computer media_common |
| Zdroj: | Computer Networks. 189:107934 |
| ISSN: | 1389-1286 |
| DOI: | 10.1016/j.comnet.2021.107934 |
| Popis: | In the past few years, maritime vessels have become computerized and connected to the internet. However, with this technology, critical systems based on-board ships that manage the vessel’s navigation system, radar, cargo management system, etc have become more prone to cyber-attacks. Moreover, attackers are now becoming aware of the vulnerabilities associated with such maritime vessel systems. As a result, it is of vital importance to manage and secure the maritime vessel networks against cyber-attacks, but there is a lack of capabilities to efficiently manage the identifications of vulnerabilities, security risk assessment, and evaluate the effectiveness of countermeasures. Hence, we propose a novel framework and security risk modeling and assessment method to evaluate the security of maritime vessel networks. We develop (1) a security model for maritime vessels to capture probabilistic events, vulnerabilities, and network configurations of vessel components; (2) propose an approach to assess the network with a single function, multiple functions, and the inter-dependencies between the functions as attack goal(s); (3) adopt three well-defined security metrics with the proposed model to evaluate possible attacks and/or threats; and (4) compare the effectiveness of cyber-defense strategies based on different attack scenarios on the maritime vessel network. Besides, we perform sensitivity analysis based on temporal and permanent connections that are associated with the vessels’ systems to understand the effect of the connections on security. Our results demonstrate the applicability and usability of the proposed model for finding potential attack paths, assessing security, and mitigating the impact of cyber-attacks and threats on a vessel network. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|
Full Text from ScienceDirect