Vol. 4 No. 1 (2024): Journal of Millimeterwave Communication, Optimization and Modelling
Articles

Methods for Increasing the Cyber Resilience of Critical Infrastructures

Sıla Şibil Bardak
HAVELSAN

Published 29.02.2024

Abstract

Cybersecurity is a critical topic that has become increasingly important in today's world, due to the increasing dependency on technology and interconnected systems. As digitalization increases, the need for cybersecurity measures becomes even more important for several systems that are crucial for society, nuclear facilities, energy systems, finance transportation and healthcare systems. Any damage to critical infrastructures from inside or outside will lead to the deterioration of the social order of countries, the loss of international reputation and the undermining of their credibility. The integration of information technology (IT) and operational technology (OT) within industrial control systems (ICS) has resulted in an expanding attack surface for cyber threats. In order to establish complete cyber-defence solution, innovative artificial intelligence solutions must be utilized alongside traditional cyber security approaches. In the digital transformation process of countries and organizations, the increasing cyber threats are addressed by explaining the five crucial solutions needed, based on international standards. This study aims to provide an overview of strategies to enhance the cyber security maturity level of critical infrastructures, examines both traditional cyber security approaches and artificial intelligence approaches. An architecture is specified to build cyber resilient critical infrastructures.

References

  1. “Operational Technology (OT).” Gartner, Gartner, www.gartner.com/en/information-technology/glossary/operational-technology-ot. Accessed 15 Jan. 2023.
  2. Clinton, William Jefferson. “Executive order 13010-critical infrastructure protection.” Federal register 61.138 (1996): 37347-37350.
  3. Shah, Rajiv. Protecting critical national infrastructure in an era of IT and OT convergence. Australian Strategic Policy Institute, 2019.
  4. Hemsley, Kevin E., and E. Fisher. History of industrial control system cyber incidents. No. INL/CON-18-44411-Rev002. Idaho National Lab.(INL), Idaho Falls, ID (United States), 2018.
  5. Rrushi, Julian, et al. “A quantitative evaluation of the target selection of havex ics malware plugin.” Industrial control system security (ICSS) workshop. 2015.
  6. Farwell, James P., and Rafal Rohozinski. “Stuxnet and the future of cyber war.” Survival 53.1 (2011): 23-40.
  7. “Threat Landscape for Industrial Automation Systems in H1 2021.” Securelist, Kaspersky Lab, securelist.com/threat-landscape-for-industrial-automation-systems-in-h1-2021/104017/. Accessed 17 Jan. 2023.
  8. Bristow, Mark. “A SANS 2021 Survey: OT/ICS Cybersecurity.” eng. In (2021).
  9. “Understanding IEC 62443.” IEC, International Electrotechnical Commission, www.iec.ch/blog/understanding-iec-62443.
  10. Cybersecurity, Critical Infrastructure. “Framework for improving critical infrastructure cybersecurity.” URL: https://nvlpubs. nist. gov/nistpubs/CSWP/NIST. CSWP 4162018 (2018).
  11. “Cybersecurity Capability Maturity Model (C2M2).” Energy.gov, U.S. Department of Energy, 2023, www.energy.gov/ceser/cybersecurity-capability-maturity-model-c2m2. Accessed 18 Jan. 2023.
  12. Wedgbury, Adam, and Kevin Jones. “Automated asset discovery in industrial control systems-exploring the problem.” 3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015) 3. 2015.
  13. Mytilinaios, Artemis, Michel van Veen, and Pavlos Lontorfos. “Real time asset inventory in ICS.” (2021).
  14. Lal Rajora, Gopal, Miguel A. Sanz-Bobi, and Carlos Mateo Domingo. “Application of Machine Learning Methods for Asset Management on Power Distribution Networks.” Emerging Science Journal 6.4 (2022): 905-920.
  15. Adebayo, Abimbola, Mhd Saeed Sharif, and Wael Elmedany. “The Role of Artificial Intelligence in Asset Management of Enterprise Systems.” 2022 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT). IEEE, 2022.
  16. Mir, Yawar Rasool, and Navneet Kaur Sandhu. “Port Scan Detection using AI.” (2019).
  17. Guevara, Isaac, and Chen Fradkin. “Growing ICS vulnerabilities mandate prioritization: Use vulnerability management at the convergence of information and operational technologies to lower risk to industrial control systems.” Control Engineering 68.2 (2021): 31-34.
  18. “The Ultimate Guide to OT Vulnerability Management.” Verve Industrial, verveindustrial.com/resources/guide/the-ultimate-guide-to-ot-vulnerability-management/. Accessed 20 Jan. 2023.
  19. Yosifova, Veneta, Antoniya Tasheva, and Roumen Trifonov. “Predicting vulnerability type in common vulnerabilities and exposures (CVE) database with machine learning classifiers.” 2021 12th National Conference with International Participation (ELECTRONICA). IEEE, 2021.
  20. Yosifova, Veneta. “Vulnerability Type Prediction in Common Vulnerabilities and Exposures Database with Ensemble Machine Learning.” 2021 International Conference Automatics and Informatics (ICAI). IEEE, 2021.
  21. Khan, Saad, and Simon Parkinson. “Review into state of the art of vulnerability assessment using artificial intelligence.” Guide to Vulnerability Analysis for Computer Networks and Systems: An Artificial Intelligence Approach (2018): 3-32.
  22. Kaplan, Stanley, and B. John Garrick. “On the quantitative definition of risk.” Risk analysis 1.1 (1981): 11-27.
  23. "About Risk Management Framework (RMF)." NIST Computer Security Resource Center, National Institute of Standards and Technology, csrc.nist.gov/projects/risk-management/about-rmf. Accessed 12 Mar. 2023.
  24. National Institute of Standards and Technology. "Guide to Industrial Control Systems (ICS) Security." NIST Special Publication 800-82 Revision 2, U.S. Department of Commerce, 1 May 2015, doi: 10.6028/nist.sp.800-82r2.
  25. “Zero-Day Malware: Q1 2021.” Help Net Security, 29 June 2021, www.helpnetsecurity.com/2021/06/29/zero-day-malware-q1-2021. Accessed 20 Jan. 2023.
  26. Murray, Glenn, et al. “Detection techniques in operational technology infrastructure.”(2018).
  27. Fernandes, Gilberto, et al. “A comprehensive survey on network anomaly detection.” Telecommunication Systems 70 (2019): 447-489.
  28. Purba, Anton, and Mohammad Soetomo. “Assessing Privileged Access Management (PAM) using ISO 27001: 2013 Control.” ACMIT Proceedings 5.1 (2018): 65-76.
  29. Anderson, Dwight, and Nathan Kipp. “Implementing firewalls for modern substation cybersecurity.” proceedings of the 12th Annual Western Power Delivery Automation Conference, Spokane, WA. 2010.
  30. Korman, Matus, et al. “Analyzing the effectiveness of attack countermeasures in a scada system.” Proceedings of the 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids. 2017.
  31. “Snort.” Snort.org, snort.org. Accessed 21 Jan. 2023.
  32. “Suricata.” Suricata, suricata.io. Accessed 21 Jan. 2023.
  33. Hamid, Yasir, M. Sugumaran, and Ludovic Journaux. “Machine learning techniques for intrusion detection: a comparative analysis.” Proceedings of the International Conference on Informatics and Analytics. 2016.
  34. Klaver, Marieke, and Eric Luiijf. “Analyzing the cyber risk in critical infrastructures.” Issues on Risk Analysis for Critical Infrastructure Protection. IntechOpen, 2021.
  35. Onwubiko, Cyril. “Cyber security operations centre: Security monitoring for protecting business and supporting cyber defense strategy.” 2015 international conference on cyber situational awareness, data analytics and assessment (cybersa). IEEE, 2015.
  36. Pandey, Himanshu, and Er Kushagra Mittal. “Analogy between Agent Less Monitoring and Agent Based Monitoring.” Reliability: Theory & Applications 15.3 (2020): 117-124.
  37. Wenge, Olga, et al. “Security information and event monitoring as a service: a survey on current concerns and solutions.” PIK-Praxis der Informationsverarbeitung und Kommunikation 37.2 (2014): 163-170.
  38. Anumol, E. T. “Use of machine learning algorithms with SIEM for attack prediction.” Intelligent Computing, Communication and Devices: Proceedings of ICCD 2014, Volume 1. Springer India, 2015.
  39. Hindy, Hanan, et al. “Improving SIEM for critical SCADA water infrastructures using machine learning.” Computer Security: ESORICS 2018 International Workshops, CyberICPS 2018 and SECPRE 2018, Barcelona, Spain, September 6–7, 2018, Revised Selected Papers 2. Springer International Publishing, 2019.
  40. Garton, D. “Purdue Model Framework for Industrial Control Systems & Cybersecurity Segmentation.” U.S. Department of Energy, 14 Oct. 2022, www.energy.gov/sites/default/files/2022-10/Infra_Topic_Paper_4-14_FINAL.pdf. Accessed 21 Jan. 2023