TY - GEN
T1 - Analysis of Attack Actions on the Railway Infrastructure Based on the Integrated Model
AU - Levshun, Dmitry
AU - Bakhtin, Yurii
AU - Chechulin, Andrey
AU - Kotenko, Igor
N1 - Publisher Copyright:
© 2020, Springer Nature Singapore Pte Ltd.
PY - 2020
Y1 - 2020
N2 - In this paper we present analysis of attack actions on the railway infrastructure based on the integrated model. The novelty of the presented solution is in combination of the component-based approach, which is used to detect attack vectors based on the presence of vulnerabilities, the semi-natural model, which is used to model vulnerabilities exploitation, the simulation model, which is used to analyze attack scenarios that are affecting timetable planning process and the analytical model, which is used to analyze multi-step attack scenarios. The integrated model also contains the model of attacker, which distinguish them by type of access to the railway infrastructure as well as by level of capabilities and resources. The integrated model is used due to the fact that none of the listed approaches can effectively analyze all classes of attacks, while combining these approaches allows one to represent various aspects of the investigated object and provides the ability for attack actions effective analysis. The proposed solution has a strong focus on security, which determines the main contribution to the research field. The objective of the proposed model is to increase the security of critical infrastructure by improving the quality of attack actions analysis. The correctness of the proposed model is validated by various application examples.
AB - In this paper we present analysis of attack actions on the railway infrastructure based on the integrated model. The novelty of the presented solution is in combination of the component-based approach, which is used to detect attack vectors based on the presence of vulnerabilities, the semi-natural model, which is used to model vulnerabilities exploitation, the simulation model, which is used to analyze attack scenarios that are affecting timetable planning process and the analytical model, which is used to analyze multi-step attack scenarios. The integrated model also contains the model of attacker, which distinguish them by type of access to the railway infrastructure as well as by level of capabilities and resources. The integrated model is used due to the fact that none of the listed approaches can effectively analyze all classes of attacks, while combining these approaches allows one to represent various aspects of the investigated object and provides the ability for attack actions effective analysis. The proposed solution has a strong focus on security, which determines the main contribution to the research field. The objective of the proposed model is to increase the security of critical infrastructure by improving the quality of attack actions analysis. The correctness of the proposed model is validated by various application examples.
KW - Analytical modeling
KW - Attack actions analysis
KW - Component-based approach
KW - Integrated model
KW - Railway infrastructure
KW - Semi-natural modeling
KW - Simulation modeling
UR - http://www.scopus.com/inward/record.url?scp=85096480607&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85096480607&partnerID=8YFLogxK
U2 - 10.1007/978-981-15-9609-4_11
DO - 10.1007/978-981-15-9609-4_11
M3 - Conference contribution
AN - SCOPUS:85096480607
SN - 9789811596087
T3 - Communications in Computer and Information Science
SP - 145
EP - 162
BT - Mobile Internet Security - 4th International Symposium, MobiSec 2019, Revised Selected Papers
A2 - You, Ilsun
A2 - Chen, Hsing-Chung
A2 - Leu, Fang-Yie
A2 - Kotenko, Igor
PB - Springer Science and Business Media Deutschland GmbH
T2 - 4th International Symposium on Mobile Internet Security, MobiSec 2019
Y2 - 17 October 2019 through 19 October 2019
ER -