Summaries - Office of Research & Innovation
Back Development of a Theoretical Framework to Anticipate an Imminent Cyber Attack
|Division||Research & Sponsored Programs|
|Department||Naval Research Program|
O'Halloran, Bryan M.
Hernandez, Alejandro D.S.
Pollman, Anthony G.
|Sponsor||NPS Naval Research Program (Navy)|
Cyber-physical systems are vulnerable to various anomalies. Some anomalies exist naturally, but when anomalies are introduced by an actor with malicious intent, the outcome can be devastating. Many methods exist to defend cyber-physical systems to respond as an attack unfolds. While these methods can be effective, they are reactive.
Using a combination of systems engineering, modeling & simulation, & proven mathematical approaches, this work proposes the development of a predictive framework. This effort will build upon or apply the work of Derler et al., Langford, Axelrod & Illiev, and Connett & O’Halloran. It is envisioned that predictions from the framework could serve as a decision tool for cyber-physical system owners, enabling them to proactively posture in anticipation of an imminent attack.
To date, an overall framework has been developed. General output graphs have been hypothesized to understand the output of the framework. These are described in this ASME magazine article . Within this framework, the relative importance of attacks has been characterized by a taxonomy of attack vectors. This will inform the overall timing of the defense posture in the recursive methodology desired at the beginning of this work. The medium from which an attacker can deliver attacks into a system is varied and include types such as a power failure, network failure, etc. Each medium has a quantitative value for persistence, stealth, and perceived attack value. As research to support the architecture framework matures, and modeling of the framework develops, arbitrary values will be modified to realize the potential effect of these attack characteristics.
 Brian Connett, CDR., and Bryan O'Halloran. "Modeling cyber conflict to inform critical infrastructure defense." Mechanical Engineering 139.3 (2017): S9.