Deceptive Patch Solutions for Protecting Industrial Control Systems Based on Discovered Vulnerabilities

Abstract

An increase has been observed in concerns about cyber security threats in smart energy management on a global scale. Industrial Control Systems, or simply ICSs, are frequently present in industries and essential infrastructures, e.g., water treatment facilities, nuclear and thermal plants, heavy industries, power production, and distribution systems. ICS devices are high-risk targets for attacks and exploitation with significant security difficulties for ICS vendors and asset owners. Like many consumer electronics, industrial systems are susceptible to a bevy of vulnerabilities that hackers can exploit to launch cyber attacks. Extensive use of ICSs in Critical Infrastructures (CI) increases the vulnerability of CI to cyber attacks and makes their protection a critical subject. This study first contributes to a novel line of research considering how deception can be used by defenders in strategic terms with the objective of introducing uncertainty into an adversary’s perception of a system patch management process in order to protect ICSs. Thus, we mention the advantages of patch models to improve the vulnerabilities of ICSs. We explore deceptive patch management models for the purpose of providing better insight into developing future cyber security techniques for ICS attacks. We propose deceptive patch management solutions as case studies for common ICS attacks.

Keywords

• Cyber security
• Software vulnerability prediciton
• Industrial control system
• Patch management

References

1. Alladi T, Chamola V, Zeadally S. Industrial control systems: Cyberattack trends and countermeasures. Computer Communications. 2020; 155(22):1–9.
2. Asghar MR, Hu Q, Zeadally S. Cybersecurity in industrial control systems: Issues, technologies, and challenges. Computer Networks. 2019; (165):1389-1286.
3. Jeffrey K, Avery. Application of deception to software security patching [dissertation]. Indiana: Purdue University, West Lafayette; 2017.
4. Mughaid A, Al-Zu’bi S, Al Arjan A, Al-Amrat R, Alajmi R, Zitar RA, et al. An intelligent cybersecurity system for detecting fake news on social media websites. Soft Computing. 2022; 26(12):5577–5591.
5. Mughaid A, AlZu’bi S, Alnajjar A, AbuElsoud E, Salhi SE, et al. Improved dropping attacks in 5G networks using machine learning and deep learning approaches. Multimedia Tools and Applications. 2022: 82(1): 1–23.
6. Idrissi OE, Mezrioui A, Belmekki A. Cybersecurity challenges and issues of industrial control systems–some security recommendations. IEEE International Smart Cities Conference (ISC2). Casablanca: April; 2019. p. 330-335.
7. Yantz M. [Internet]. Importance of patch management to avoid business vulnerabilities; 2023 [cited 2023 March 13]. Available from:https://itsupportguys.com/importance-of-patch-management-to-avoid-business-vulnerabilities.
8. Hassani P. Implementing patch management process [dissertation]. School of Technology Degree Programme in Information and Communication Technology; 2020.

9. Koskenkorva H. The role of security patch management in vulnerability management [dissertation]. Finland: South-Eastern Finland University of Applied Sciences; 2021.
10. Söğüt E, Erdem OA. Endüstriyel kontrol sistemlerine (SCADA) yönelik siber terör saldırı analizi. Politeknik Dergisi.2020;23(2):557-566.
11. Holloway M. Slammer worm and David-Besse nuclear plant [Internet]; 2015 [cited 2022 April 12]. Available from: http://large.stanford.edu/courses/2015/ph241/holloway2/.
12. Nourian A, Madnick S. A systems theoretic approach to the security threats in cyber-physical systems applied to Stuxnet. IEEE Transactions on Dependable and Secure Computing. 2015;15 (1):2–13.
13. Largent W [Internet]. New VPNFilter malware targets at least 500k networking devices worldwide; 2018. [cited 2022 Jun 6]. Available from: http://blog.talosintelligence.com/2018/05/ VPNFilter.html.
14. Xiang Y, Wang L, Liu N. Coordinated attacks on electric power systems in a cyber-physical environment. Electric Power Systems Research. 2017;149(6): 156–168.
15. Furnell S, Emm D. The ABC of ransomware protection, Computer Fraud & Security. 2017;(10):5–11.
16. Cherepanov [Internet]. A new threat for industrial control systems; 2021 [cited 10 August 2023]. Available from: https://www.nae.edu/ File.aspx?id=266340.
17. Lee RM, Assante MJ, Conway T. German steel mill cyber attack. Industrial Control Systems. 2014;1-15.
18. Johnson B, Caban D, Krotofil M, Dan S, Brubaker N, Glyer C [Internet]. Attackers deploy new ics attack framework triton and cause operational disruption to critical infrastructure; 2023 [cited 2023 September 10]. Available from:https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html.
19. Symantec [Internet]. The shamoon attacks. [cited 2022 March 6]. Available from: http://www.symantec.com/connect/blogs/shamoon-attacks.
20. Panetta K. [Internet]. Gartner top 10 security projects for 2020-2021; 2021.[cited 2023 January 15]. Available from: https://www.gartner.com/smarterwithgartner/gartner-top-security-projects-for-2020-2021/
21. Olswang A, Gonda T, Puzis R, Shani G, Shapira B, Tractinsky N. Prioritizing vulnerability patches in large networks. Expert Systems with Applications.2022; 116467.
22. Corallo A, Lazoi M, Lezzi M, Luperto A. Cybersecurity awareness in the context of the Industrial Internet of Things: A systematic literature review. Computers in Industry. 2022; 137(4):1-16.
23. Bristow M, Sans A [Internet]. A SANS 2021 Survey: OT/ICS Cybersecurity. Survey; 2021. [cited 2023 Januray 15]. Available from: https://www.sans.org/white-papers/SANS-2021-Survey-OTICS-Cybersecurity/
24. Yang B, Zhang Y. Cybersecurity analysis of wind farm industrial control system based on hierarchical threat analysis model framework. International Conference on Computing, Communication, Perception, and Quantum Technology, CCPQT 2022. Xiamen: IEEE p. 6-13.