Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Estimates of Success Rates of Denial-of-Service Attacks
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.ORCID iD: 0000-0003-3922-9606
2011 (English)In: 2011 IEEE 10th International Conference: Trust, Security and Privacy in Computing and Communications (TrustCom), IEEE conference proceedings, 2011, 21-28 p.Conference paper, Published paper (Refereed)
Abstract [en]

Denial-of-service (DoS) attacks are an imminent and real threat to many enterprises. Decision makers in these enterprises need be able to assess the risk associated with such attacks and to make decisions regarding measures to put in place to increase the security posture of their systems. Experiments, simulations and analytical research have produced data related to DoS attacks. However, these results have been produced for different environments and are difficult to interpret, compare, and aggregate for the purpose of decision making. This paper aims to summarize knowledge available in the field by synthesizing the judgment of 23 domain experts using an establishing method for expert judgment analysis. Different system architecture's vulnerability to DoS attacks are assessed together with the impact of a number of countermeasures against DoS attacks.

Place, publisher, year, edition, pages
IEEE conference proceedings, 2011. 21-28 p.
Keyword [en]
denial of service, DoS, distributed denial of service, flooding attack, semantic attack, expert judgment, Cooke’s classical method
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:kth:diva-73608DOI: 10.1109/TrustCom.2011.7Scopus ID: 2-s2.0-84856180318ISBN: 978-1-4577-2135-9 (print)OAI: oai:DiVA.org:kth-73608DiVA: diva2:489000
Conference
2011 IEEE 10th International Conference onTrust, Security and Privacy in Computing and Communications (TrustCom). Changsha, China. 16-18 Nov 2011
Note

QC 20120203

Available from: 2013-03-13 Created: 2012-02-02 Last updated: 2013-03-13Bibliographically approved
In thesis
1. A framework and theory for cyber security assessments
Open this publication in new window or tab >>A framework and theory for cyber security assessments
2012 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Information technology (IT) is critical and valuable to our society. An important type of IT system is Supervisor Control And Data Acquisition (SCADA) systems. These systems are used to control and monitor physical industrial processes like electrical power supply, water supply and railroad transport. Since our society is heavily dependent on these industrial processes we are also dependent on the behavior of our SCADA systems. SCADA systems have become (and continue to be) integrated with other IT systems they are thereby becoming increasingly vulnerable to cyber threats. Decision makers need to assess the security that a SCADA system’s architecture offers in order to make informed decisions concerning its appropriateness. However, data collection costs often restrict how much information that can be collected about the SCADA system’s architecture and it is difficult for a decision maker to know how important different variables are or what their value mean for the SCADA system’s security.

The contribution of this thesis is a modeling framework and a theory to support cyber security vulnerability assessments. It has a particular focus on SCADA systems. The thesis is a composite of six papers. Paper A describes a template stating how probabilistic relational models can be used to connect architecture models with cyber security theory. Papers B through E contribute with theory on operational security. More precisely, they contribute with theory on: discovery of software vulnerabilities (paper B), remote arbitrary code exploits (paper C), intrusion detection (paper D) and denial-of-service attacks (paper E). Paper F describes how the contribution of paper A is combined with the contributions of papers B through E and other operationalized cyber security theory. The result is a decision support tool called the Cyber Security Modeling Language (CySeMoL). This tool produces a vulnerability assessment for a system based on an architecture model of it.

Abstract [sv]

Informationsteknik (IT) är kritiskt och värdefullt för vårt samhälle. En viktig typ av IT-system är de styrsystem som ofta kallas SCADA-system (från engelskans "Supervisor Control And Data Acquisition"). Dessa system styr och övervakar fysiska industriella processer så som kraftförsörjning, vattenförsörjning och järnvägstransport. Eftersom vårt samhälle är beroende av dessa industriella processer så är vi också beroende av våra SCADA-systems beteende. SCADA-system har blivit (och fortsätter bli) integrerade med andra IT system och blir därmed mer sårbara för cyberhot. Beslutsfattare behöver utvärdera säkerheten som en systemarkitektur erbjuder för att kunna fatta informerade beslut rörande dess lämplighet. Men datainsamlingskostnader begränsar ofta hur mycket information som kan samlas in om ett SCADA-systems arkitektur och det är svårt för en beslutsfattare att veta hur viktiga olika variabler är eller vad deras värden betyder för SCADA-systemets säkerhet.

Bidraget i denna avhandling är ett modelleringsramverk och en teori för att stödja cybersäkerhetsutvärderingar. Det har ett särskilt focus på SCADA-system. Avhandlingen är av sammanläggningstyp och består av sex artiklar. Artikel A beskriver en mall för hur probabilistiska relationsmodeller kan användas för att koppla samman cybersäkerhetsteori med arkitekturmodeller. Artikel B till E bidrar med teori inom operationell säkerhet. Mer exakt, de bidrar med teori angående: upptäckt av mjukvarusårbarheter (artikel B), fjärrexekvering av godtycklig kod (artikel C), intrångsdetektering (artikel D) och attacker mot tillgänglighet (artikel E). Artikel F beskriver hur bidraget i artikel A kombineras med bidragen i artikel B till E och annan operationell cybersäkerhetsteori. Resultatet är ett beslutsstödsverktyg kallat Cyber Security Modeling Language (CySeMoL). Beslutsstödsverktyget producerar sårbarhetsutvärdering för ett system baserat på en arkitekturmodell av det.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2012. 42 p.
Series
TRITA-EE, ISSN 1653-5146 ; 2012:43
Keyword
cyber security, security assessment, vulnerability assessment, architecture modeling, enterprise architecture
National Category
Computer Systems
Identifiers
urn:nbn:se:kth:diva-103690 (URN)978-91-7501-511-8 (ISBN)
Public defence
2012-11-15, F3, Lindstedtvägen 26, KTH, Stockholm, 10:00 (English)
Opponent
Supervisors
Note

QC 20121018

Available from: 2012-10-18 Created: 2012-10-17 Last updated: 2014-02-11Bibliographically approved

Open Access in DiVA

fulltext(1018 kB)142 downloads
File information
File name FULLTEXT02.pdfFile size 1018 kBChecksum SHA-512
8c5fefaba0cafd96731fe9f84c986a14fcf4bbe880bac55a54625d1fffaa6d8a6cdce6c0f19bb2b19cbec291aa83adcf31b5ed858bd48a6e4a951fed21913778
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopusIEEEXplore

Authority records BETA

Ekstedt, Mathias

Search in DiVA

By author/editor
Sommestad, TeodorHolm, HannesEkstedt, Mathias
By organisation
Industrial Information and Control Systems
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 142 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 156 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf