attack graph based metrics for identifying critical cyber
play

Attack Graph Based Metrics for Identifying Critical Cyber Assets in - PowerPoint PPT Presentation

Jul 29, 2023 •167 likes •378 views

Attack Graph Based Metrics for Identifying Critical Cyber Assets in Electric Grid Infrastructure Chen Huo Panini Sai Patapanchala Dr. Rakesh B. Bobba Dr. Eduardo Cotilla-Sanchez 1 Our Goal Short-term : Developing a method that takes

  1. Attack Graph Based Metrics for Identifying Critical Cyber Assets in Electric Grid Infrastructure Chen Huo Panini Sai Patapanchala Dr. Rakesh B. Bobba Dr. Eduardo Cotilla-Sanchez 1

  2. Our Goal • Short-term : Developing a method that takes cyber-physical dependency into account and assesses the risk of cyber-attack induced cascading failures. • Long-term : Providing real-time situational awareness of threat to the system by characterizing “how far or close” a given grid system is to a cyber-induced cascading failure, and how to mitigate it. 2

  3. Research Overview 3

  4. Data Needed • Physical Model – Bus-Branch -> Node-Breaker – Protection Schemes • Cyber Model – Network Topology – Access/Firewall Rules 4

  5. Previous Work • Cosmic-based Cyber Physical Models for IEEE 9-bus and 39-bus cases. • Risk Metrics for: – Target Nodes (Ex: Relays) – Intermediate Nodes (Ex: HMIs) – Source Nodes (Ex: Attack Origins/Jump Hosts) – Total Security Exposure 5

  6. Current Focus • Risk Metrics for Cascading Outages – Compare configurations with respect to cyber risk for cascading outages 6

  7. Single-bus-single-breaker Configuration Bus-branch model Node-breaker model 7

  8. Ring-bus Configuration Bus-branch model Node-breaker model 8

  9. Breaker-and-a-half Configuration Bus-branch model Node-breaker model 9

  10. Double-bus-double-breaker Configuration Bus-branch model Node-breaker model 10

  11. Example: IEEE Case 9 11

  12. Example: IEEE Case 9 12

  13. Types of Protection • Overcurrent & directional overcurrent • Under-voltage load shedding • Under-frequency load shedding • Distance • Differential • Phase balance 13

  14. Protection Scheme Templates • • Directional Directional • • Phase balance Distance • Differential • (Under-voltage load shedding) • (Under-frequency load shedding) 14

  15. Cyber Topology • Synthetic but realistic network topology and access rules • Synthetic but realistic vulnerability distributions 15

  16. RTS-96 N-x Simulation Procedure • N-1 simulations: – Secure for 93 out of 120 branch failures (with baseline RTS-96 data). • N-1-1 simulations: – There are 7,140 combinations for 120 choose 2, and therefore, 14,280 permutations. – From 14,280 cases choose both first and second failure belong to those 93 secure branches. – 798 out of 14,280 N-1-1 simulations with two N-1 secure branches failures cause a certain physical impact. 16

  17. N-1-1 Results 100 56 11 11 100 56 17

  18. N-1-1 Results First Failure Second Failure Branch ID/From-To Count for Times Branch ID/From-To Count for Times 100/312-323 58 100/312-323 60 22/112-123 38 11/107-108 51 56/209-212 36 101/313-323 32 11/107-108 30 22/112-123 28 101/313-323 30 18/110-112 26 18

  19. Currently, we are working on … • Fixing Cyber topology data format for RTS-96 • Top k actions to improve network’s security posture for cascading outages • Cyber topology for Poland model (2000+ buses) 19

  20. Thank You! & Questions? 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security

Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security

Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security Centre (NCSC) This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation.

197 views • 8 slides
Identifying interventions to improve NMHS capacities based on GFCS pillars and associated metrics

Identifying interventions to improve NMHS capacities based on GFCS pillars and associated metrics

Identifying interventions to improve NMHS capacities based on GFCS pillars and associated metrics Mark Tadross, Anna Steynor, Christopher Lennard, Kate Kloppers, Luleka Dlamini (CSAG) Methodological steps assessing capacity Metrics associated

330 views • 11 slides
Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques (NIT-K) S. K. Pal Defence Research & Development Organization (DRDO) SAG, Metcalfe House, Delhi 27-Jul-2020 1 What is Cyberspace? Refers to

766 views • 17 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager

CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager

CYBER ATTACK ON YOUR UMBILICALS SUT YES CYBER SECURITY EVENT Andrea Kesterson | Change Manager Loai Khalayli | Operational Technology Engineer 25 May 2017 Disclaimer and important notice Outline Current, real and ever increasing threat

152 views • 11 slides
The cyber attack surface of the aerospace industry Andy Davis, Transport Assurance Practice

The cyber attack surface of the aerospace industry Andy Davis, Transport Assurance Practice

The cyber attack surface of the aerospace industry Andy Davis, Transport Assurance Practice Director Global experts in cyber security & risk mitigation Agenda Space attack surface overview Attacks against terrestrial assets

310 views • 30 slides
Right way to establish critical pro-active defences against emerging cyber threats Andrew J

Right way to establish critical pro-active defences against emerging cyber threats Andrew J

Right way to establish critical pro-active defences against emerging cyber threats Andrew J Clarke Director, One Identity A fast changing world Digital Transformation Internet of Things (IoT) 2 Andrew J Clarke - One Identity The new attack

498 views • 24 slides
Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models,

Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models,

Important Examples of Cyber-Physical Systems Cyber-Physical Systems under Attack Models, Fundamental Limitations, and Monitor Design Fabio Pasqualetti Florian D orfler Francesco Bullo Center for Control, Dynamical systems and Computation

994 views • 11 slides
From weak online reputation metrics to standardized attack-resistant trust metrics Dr. Jean-Marc

From weak online reputation metrics to standardized attack-resistant trust metrics Dr. Jean-Marc

ITU Workshop on Future Trust and Knowledge Infrastructure, Phase 2 Geneva, Switzerland 1 July 2016 From weak online reputation metrics to standardized attack-resistant trust metrics Dr. Jean-Marc Seigneur President at Rputaction SAS,

599 views • 26 slides
Wargames in the 5th Domain The next Pearl Harbor could very well be a cyber attack. - Leon

Wargames in the 5th Domain The next Pearl Harbor could very well be a cyber attack. - Leon

Wargames in the 5th Domain The next Pearl Harbor could very well be a cyber attack. - Leon Panetta, US Secretary of Defense The United States is fighting a cyber-war today, and we are losing. - Mike McConnell, former Director of

298 views • 28 slides
Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44

Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44

Cyber: Protect yourselves against the growing reality of a cyber- attack Dibble Clark M: +44 17917 623 068 T: +44 1684 878178 F: +44 1684 878171 dibble.clark@3sdl.com What is Cyber? Commercial in Confidence Policy in Action Commercial in

275 views • 25 slides
Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems

Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems

Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems Nothing is in isolation Attack surface An attack surface is the total number of possible attack vectors Think of a house, with the

309 views • 15 slides
Performance Metrics for Graph Mining Tasks 1 Outline Introduction to Performance Metrics

Performance Metrics for Graph Mining Tasks 1 Outline Introduction to Performance Metrics

Performance Metrics for Graph Mining Tasks 1 Outline Introduction to Performance Metrics Supervised Learning Performance Metrics Unsupervised Learning Performance Metrics Optimizing Metrics Statistical Significance

1.19k views • 40 slides
Nationwide Cyber Situational Awareness Framework for Critical In Infrastructures Hayretdin

Nationwide Cyber Situational Awareness Framework for Critical In Infrastructures Hayretdin

A A Conceptual Nationwide Cyber Situational Awareness Framework for Critical In Infrastructures Hayretdin Bahi , Olaf Manuel Maennel Centre For Digital Forensics and Cyber Security Tallinn University of Technology Evolvement of Cyber

470 views • 13 slides
Shape-Based Quality Metrics for Large Graph Visualization* Peter Eades 1 Seok-Hee Hong 1 Karsten

Shape-Based Quality Metrics for Large Graph Visualization* Peter Eades 1 Seok-Hee Hong 1 Karsten

Shape-Based Quality Metrics for Large Graph Visualization* Peter Eades 1 Seok-Hee Hong 1 Karsten Klein 2 An Nguyen 1 1. University of Sydney 2. Monash University *Supported by the Australian Research Council, Tom Sawyer Software, and

803 views • 61 slides
Graph Based Role Mining Techniques for Cyber Security KIRI OLER, SUTANAY CHOUDHURY Pacific

Graph Based Role Mining Techniques for Cyber Security KIRI OLER, SUTANAY CHOUDHURY Pacific

Graph Based Role Mining Techniques for Cyber Security KIRI OLER, SUTANAY CHOUDHURY Pacific Northwest National Laboratory Flocon 2015, Portland, OR, USA January 15, 2015 1 Motivation Analyzing a machines past behavior in the face of an

625 views • 23 slides
Wireless data networks Link Layer Martin Heusse X L A TEX E Aloha (1972) i = 1 while (i

Wireless data networks Link Layer Martin Heusse X L A TEX E Aloha (1972) i = 1 while (i

Wireless data networks Link Layer Martin Heusse X L A TEX E Aloha (1972) i = 1 while (i <= maxAttempts) do send packet wait for acknowledgement or timeout if ack received then Central DATA host leave ACK wait for random time

326 views • 18 slides
TicToc: Time Traveling Optimistic Concurrency Control Authors: Xiangyao Yu, Andrew Pavlo, Daniel

TicToc: Time Traveling Optimistic Concurrency Control Authors: Xiangyao Yu, Andrew Pavlo, Daniel

TicToc: Time Traveling Optimistic Concurrency Control Authors: Xiangyao Yu, Andrew Pavlo, Daniel Sanchez, Srinivas Devadas Presented By: Shreejit Nair 1 Background: Optimistic Concurrency Control Read Phase: Transaction executes on a private

551 views • 20 slides
Recreational Therapy and Therapeutic Recreation Chapter 7 1 Learning Outcomes Recall

Recreational Therapy and Therapeutic Recreation Chapter 7 1 Learning Outcomes Recall

Recreational Therapy and Therapeutic Recreation Chapter 7 1 Learning Outcomes Recall advice for professionals working in the recreational therapy profession Define recreational therapy and remember key terms, events and people that

103 views • 9 slides
15-415/615 - DB Applications Lecture #23: Alternative Concurrency Control Methods (R&G ch.

15-415/615 - DB Applications Lecture #23: Alternative Concurrency Control Methods (R&G ch.

Faloutsos SCS 15-415/615 CMU SCS Carnegie Mellon Univ. Dept. of Computer Science 15-415/615 - DB Applications Lecture #23: Alternative Concurrency Control Methods (R&G ch. 17) Faloutsos SCS 15-415/615 #1 CMU SCS Outline

355 views • 19 slides
Improving Improving AI Decision Modeling AI Decision Modeling Through Through Utility Theory

Improving Improving AI Decision Modeling AI Decision Modeling Through Through Utility Theory

Improving Improving AI Decision Modeling AI Decision Modeling Through Through Utility Theory Utility Theory Dave Mark Kevin Dill Dave Mark Kevin Dill President & Lead AI Engineer President & Lead AI Engineer Designer

1.1k views • 84 slides
802.11 Denial-of-Service Attacks Real Vulnerabilities and Practical Solutions John Bellardo and

802.11 Denial-of-Service Attacks Real Vulnerabilities and Practical Solutions John Bellardo and

802.11 Denial-of-Service Attacks Real Vulnerabilities and Practical Solutions John Bellardo and Stefan Savage Department of Computer Science and Engineering University of California, San Diego Motivation n 802.11-based networks have flourished

389 views • 25 slides
Optimistic Concurrency Control April 13, 2017 1 Serializability Executing transactions

Optimistic Concurrency Control April 13, 2017 1 Serializability Executing transactions

Optimistic Concurrency Control April 13, 2017 1 Serializability Executing transactions serially wastes resources Interleaving transactions creates correctness errors Give transactions the illusion of isolation 2 Serializability Read Read

743 views • 32 slides
CS 839: Design the Next-Generation Database Lecture 4: Multicore (Part I) Xiangyao Yu 1/30/2020

CS 839: Design the Next-Generation Database Lecture 4: Multicore (Part I) Xiangyao Yu 1/30/2020

CS 839: Design the Next-Generation Database Lecture 4: Multicore (Part I) Xiangyao Yu 1/30/2020 1 Announcements Email me if you are not in HotCRP https://wisc-cs839-ngdb20.hotcrp.com New deadline for submitting paper review: Before lecture

1.34k views • 46 slides

More recommend