Visible to the public Network Security Analysis of Industrial Control System Based on Attack-Defense Tree

TitleNetwork Security Analysis of Industrial Control System Based on Attack-Defense Tree
Publication TypeConference Paper
Year of Publication2020
AuthorsHe, S., Lei, D., Shuang, W., Liu, C., Gu, Z.
Conference Name2020 IEEE International Conference on Artificial Intelligence and Information Systems (ICAIIS)
KeywordsAirports, analytic hierarchy process, Analytical models, Atmospheric modeling, attack behavior, attack-defense tree model, automatic control system, computer network security, decision making, defense leaf nodes, defense measures, defense node, fuel systems, fuzzy analytic hierarchy process, fuzzy consistency matrix, industrial control, industrial control system, industrial control systems, leaf node characteristics, matrix algebra, network attack, network risk assessment, network security analysis, network security scheme, Oils, Petroleum, probability, pubcrawl, quantifiable attack-defense tree model, resilience, Resiliency, risk management, Scalability, security, security attribute weight, security attributes, trees (mathematics), typical airport oil supply
AbstractIn order to cope with the network attack of industrial control system, this paper proposes a quantifiable attack-defense tree model. In order to reduce the influence of subjective factors on weight calculation and the probability of attack events, the Fuzzy Analytic Hierarchy Process and the Attack-Defense Tree model are combined. First, the model provides a variety of security attributes for attack and defense leaf nodes. Secondly, combining the characteristics of leaf nodes, a fuzzy consistency matrix is constructed to calculate the security attribute weight of leaf nodes, and the probability of attack and defense leaf nodes. Then, the influence of defense node on attack behavior is analyzed. Finally, the network risk assessment of typical airport oil supply automatic control system has been undertaken as a case study using this attack-defense tree model. The result shows that this model can truly reflect the impact of defense measures on the attack behavior, and provide a reference for the network security scheme.
Citation Keyhe_network_2020