Quantifying the Impact of Defensive Cybersecurity Effort Against Advanced Persistent Threats For Industrial Control Systems

Loading...
Thumbnail Image

Authors

Zappe, Mackenzie

Issue Date

2023

Type

Thesis

Language

Keywords

Advanced Persistent Threat , Cybersecurity , Industrial Control Systems

Research Projects

Organizational Units

Journal Issue

Alternative Title

Abstract

In the dynamic landscape of cybersecurity, where cyber attacks on Critical Infrastructure (CI) environments are increasingly frequent and sophisticated, a strategic and resource-conscious response is crucial. Current cybersecurity defense strategies have limited scope of an attack's impact until an actual attack occurs. Utilizing elements of game theory, this project explores strategic defense tactics for countering cybersecurity threats within Industrial Control Systems (ICS) by modeling the offensive and defense interactions between ICS organizations and Advanced Persistent Threats (APTs). In recognizing the persistent and targeted nature of APTs, this research underscores the imperative need for a calculated defense strategy attuned to the evolving threat landscape. This thesis introduces an interactive modeling system for ICS organizations to gauge the impact of their cybersecurity investments against various APT strategies. The cybersecurity effort impact game offers a means to conceptualize defense strategy impact and aid organizations in informed decision-making about resource allocation and direct costs. The cybersecurity effort impact game model's defensive strategies, rely on the idea of possessing a defensible architecture. Furthermore, the strategies defined by the cybersecurity effort impact game model are relevant to the industry-known APT attack strategies outlined in Lockheed Martin's Cyber Kill Chain. Numerical trials utilizing the cybersecurity effort impact game theoretic model reveal that the general solution is to expect the attackers to employ a more aggressive, \emph{Active} strategy. The relationship between the defender's costs and payoffs determines the likelihood of the defender selecting to put effort towards a defensible architecture vs not putting effort towards a defensible architecture. The primary goal is to empower organizations with a strategic perspective on APT threats, enabling them to make informed decisions concerning resource allocation and effort in their cybersecurity initiatives.

Description

Citation

Publisher

License

Journal

Volume

Issue

PubMed ID

DOI

ISSN

EISSN