Ontology type: schema:Chapter
2018-07-07
AUTHORSAntonios Gouglidis , Sandra König , Benjamin Green , Karl Rossegger , David Hutchison
ABSTRACTThe sovereignty and well-being of nations are highly dependent on the continuous and uninterrupted operation of critical infrastructures. Thus, the protection of utilities that provision critical services (e.g., water, electricity, telecommunications) is of vital importance given the severity imposed by any failure of these services. Recent security incidents in the context of critical infrastructures indicate that threats in such environments appear to be increasing both in frequency and intensity. The complexity of typical critical infrastructures is among the factors that make these environments vulnerable to threats. One of the most problematic types of threat is an advanced persistent threat (APT). This usually refers to a sophisticated, targeted, and costly attack that employs multiple attack vectors to gain access to the target system, then to operate in stealth mode when penetration is achieved, and to exfiltrate data or cause failures inside the system. In this chapter, we demonstrate how a set of processes developed in the context of HyRiM’s framework can assist in minimizing the damage caused to a utility organization that is subjected to an APT style of attack. Specifically, the framework is demonstrated using data from a real-world water utility network and an industrial control system (ICS) test-bed, and in which optimal defensive strategies are investigated. More... »
PAGES313-333
Game Theory for Security and Risk Management
ISBN
978-3-319-75267-9
978-3-319-75268-6
http://scigraph.springernature.com/pub.10.1007/978-3-319-75268-6_13
DOIhttp://dx.doi.org/10.1007/978-3-319-75268-6_13
DIMENSIONShttps://app.dimensions.ai/details/publication/pub.1105344159
JSON-LD is the canonical representation for SciGraph data.
TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT
[
{
"@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json",
"about": [
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Information and Computing Sciences",
"type": "DefinedTerm"
},
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0806",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Information Systems",
"type": "DefinedTerm"
}
],
"author": [
{
"affiliation": {
"alternateName": "School of Computing and Communications, InfoLab21, Lancaster University, LA1 4WA, Lancaster, UK",
"id": "http://www.grid.ac/institutes/grid.9835.7",
"name": [
"School of Computing and Communications, InfoLab21, Lancaster University, LA1 4WA, Lancaster, UK"
],
"type": "Organization"
},
"familyName": "Gouglidis",
"givenName": "Antonios",
"id": "sg:person.011353374772.69",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011353374772.69"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "AIT Austrian Institute of Technology GmbH, Centre for Digital Safety and Security, Giefinggasse 4, 1210, Vienna, Austria",
"id": "http://www.grid.ac/institutes/grid.4332.6",
"name": [
"AIT Austrian Institute of Technology GmbH, Centre for Digital Safety and Security, Giefinggasse 4, 1210, Vienna, Austria"
],
"type": "Organization"
},
"familyName": "K\u00f6nig",
"givenName": "Sandra",
"id": "sg:person.07522234405.16",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07522234405.16"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "School of Computing and Communications, InfoLab21, Lancaster University, LA1 4WA, Lancaster, UK",
"id": "http://www.grid.ac/institutes/grid.9835.7",
"name": [
"School of Computing and Communications, InfoLab21, Lancaster University, LA1 4WA, Lancaster, UK"
],
"type": "Organization"
},
"familyName": "Green",
"givenName": "Benjamin",
"id": "sg:person.013311511622.89",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013311511622.89"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Linz AG Telekom, Wiener Stra\u00dfe 151, 4021, Linz, Austria",
"id": "http://www.grid.ac/institutes/None",
"name": [
"Linz AG Telekom, Wiener Stra\u00dfe 151, 4021, Linz, Austria"
],
"type": "Organization"
},
"familyName": "Rossegger",
"givenName": "Karl",
"type": "Person"
},
{
"affiliation": {
"alternateName": "School of Computing and Communications, InfoLab21, Lancaster University, LA1 4WA, Lancaster, UK",
"id": "http://www.grid.ac/institutes/grid.9835.7",
"name": [
"School of Computing and Communications, InfoLab21, Lancaster University, LA1 4WA, Lancaster, UK"
],
"type": "Organization"
},
"familyName": "Hutchison",
"givenName": "David",
"id": "sg:person.012636622347.55",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012636622347.55"
],
"type": "Person"
}
],
"datePublished": "2018-07-07",
"datePublishedReg": "2018-07-07",
"description": "The sovereignty and well-being of nations are highly dependent on the continuous and uninterrupted operation of critical infrastructures. Thus, the protection of utilities that provision critical services (e.g., water, electricity, telecommunications) is of vital importance given the severity imposed by any failure of these services. Recent security incidents in the context of critical infrastructures indicate that threats in such environments appear to be increasing both in frequency and intensity. The complexity of typical critical infrastructures is among the factors that make these environments vulnerable to threats. One of the most problematic types of threat is an advanced persistent threat (APT). This usually refers to a sophisticated, targeted, and costly attack that employs multiple attack vectors to gain access to the target system, then to operate in stealth mode when penetration is achieved, and to exfiltrate data or cause failures inside the system. In this chapter, we demonstrate how a set of processes developed in the context of HyRiM\u2019s framework can assist in minimizing the damage caused to a utility organization that is subjected to an APT style of attack. Specifically, the framework is demonstrated using data from a real-world water utility network and an industrial control system (ICS) test-bed, and in which optimal defensive strategies are investigated.",
"editor": [
{
"familyName": "Rass",
"givenName": "Stefan",
"type": "Person"
},
{
"familyName": "Schauer",
"givenName": "Stefan",
"type": "Person"
}
],
"genre": "chapter",
"id": "sg:pub.10.1007/978-3-319-75268-6_13",
"inLanguage": "en",
"isAccessibleForFree": false,
"isPartOf": {
"isbn": [
"978-3-319-75267-9",
"978-3-319-75268-6"
],
"name": "Game Theory for Security and Risk Management",
"type": "Book"
},
"keywords": [
"Advanced Persistent Threats",
"industrial control systems",
"critical infrastructure",
"persistent threat",
"recent security incidents",
"multiple attack vectors",
"utility network",
"costly attacks",
"optimal defensive strategy",
"attack vectors",
"security incidents",
"critical services",
"such environments",
"set of processes",
"stealth mode",
"target system",
"infrastructure",
"control system",
"network",
"uninterrupted operation",
"utility organizations",
"framework",
"attacks",
"services",
"environment",
"case study",
"system",
"threat",
"complexity",
"vital importance",
"set",
"context",
"access",
"operation",
"data",
"defensive strategies",
"vector",
"organization",
"style",
"utility",
"strategies",
"process",
"incidents",
"chapter",
"protection",
"failure",
"types",
"mode",
"problematic types",
"importance",
"frequency",
"penetration",
"study",
"factors",
"nations",
"intensity",
"damage",
"sovereignty",
"severity",
"protection of utilities",
"provision critical services",
"typical critical infrastructures",
"HyRiM\u2019s framework",
"APT style",
"real-world water utility network",
"water utility network"
],
"name": "Protecting Water Utility Networks from Advanced Persistent Threats: A Case Study",
"pagination": "313-333",
"productId": [
{
"name": "dimensions_id",
"type": "PropertyValue",
"value": [
"pub.1105344159"
]
},
{
"name": "doi",
"type": "PropertyValue",
"value": [
"10.1007/978-3-319-75268-6_13"
]
}
],
"publisher": {
"name": "Springer Nature",
"type": "Organisation"
},
"sameAs": [
"https://doi.org/10.1007/978-3-319-75268-6_13",
"https://app.dimensions.ai/details/publication/pub.1105344159"
],
"sdDataset": "chapters",
"sdDatePublished": "2022-01-01T19:26",
"sdLicense": "https://scigraph.springernature.com/explorer/license/",
"sdPublisher": {
"name": "Springer Nature - SN SciGraph project",
"type": "Organization"
},
"sdSource": "s3://com-springernature-scigraph/baseset/20220101/entities/gbq_results/chapter/chapter_62.jsonl",
"type": "Chapter",
"url": "https://doi.org/10.1007/978-3-319-75268-6_13"
}
]Download the RDF metadata as: json-ld nt turtle xml License info
JSON-LD is a popular format for linked data which is fully compatible with JSON.
curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-75268-6_13'
N-Triples is a line-based linked data format ideal for batch operations.
curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-75268-6_13'
Turtle is a human-readable linked data format.
curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-75268-6_13'
RDF/XML is a standard XML format for linked data.
curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-75268-6_13'
This table displays all metadata directly associated to this object as RDF triples.
164 TRIPLES
23 PREDICATES
90 URIs
83 LITERALS
7 BLANK NODES
| Subject | Predicate | Object | |
|---|---|---|---|
| 1 | sg:pub.10.1007/978-3-319-75268-6_13 | schema:about | anzsrc-for:08 |
| 2 | ″ | ″ | anzsrc-for:0806 |
| 3 | ″ | schema:author | N217f93f6c37c4c66a73d2a7127dbcec0 |
| 4 | ″ | schema:datePublished | 2018-07-07 |
| 5 | ″ | schema:datePublishedReg | 2018-07-07 |
| 6 | ″ | schema:description | The sovereignty and well-being of nations are highly dependent on the continuous and uninterrupted operation of critical infrastructures. Thus, the protection of utilities that provision critical services (e.g., water, electricity, telecommunications) is of vital importance given the severity imposed by any failure of these services. Recent security incidents in the context of critical infrastructures indicate that threats in such environments appear to be increasing both in frequency and intensity. The complexity of typical critical infrastructures is among the factors that make these environments vulnerable to threats. One of the most problematic types of threat is an advanced persistent threat (APT). This usually refers to a sophisticated, targeted, and costly attack that employs multiple attack vectors to gain access to the target system, then to operate in stealth mode when penetration is achieved, and to exfiltrate data or cause failures inside the system. In this chapter, we demonstrate how a set of processes developed in the context of HyRiM’s framework can assist in minimizing the damage caused to a utility organization that is subjected to an APT style of attack. Specifically, the framework is demonstrated using data from a real-world water utility network and an industrial control system (ICS) test-bed, and in which optimal defensive strategies are investigated. |
| 7 | ″ | schema:editor | N884710f0a34c4578a43feccd97beae11 |
| 8 | ″ | schema:genre | chapter |
| 9 | ″ | schema:inLanguage | en |
| 10 | ″ | schema:isAccessibleForFree | false |
| 11 | ″ | schema:isPartOf | N231580b8cf3c4aa8a000d963f136d442 |
| 12 | ″ | schema:keywords | APT style |
| 13 | ″ | ″ | Advanced Persistent Threats |
| 14 | ″ | ″ | HyRiM’s framework |
| 15 | ″ | ″ | access |
| 16 | ″ | ″ | attack vectors |
| 17 | ″ | ″ | attacks |
| 18 | ″ | ″ | case study |
| 19 | ″ | ″ | chapter |
| 20 | ″ | ″ | complexity |
| 21 | ″ | ″ | context |
| 22 | ″ | ″ | control system |
| 23 | ″ | ″ | costly attacks |
| 24 | ″ | ″ | critical infrastructure |
| 25 | ″ | ″ | critical services |
| 26 | ″ | ″ | damage |
| 27 | ″ | ″ | data |
| 28 | ″ | ″ | defensive strategies |
| 29 | ″ | ″ | environment |
| 30 | ″ | ″ | factors |
| 31 | ″ | ″ | failure |
| 32 | ″ | ″ | framework |
| 33 | ″ | ″ | frequency |
| 34 | ″ | ″ | importance |
| 35 | ″ | ″ | incidents |
| 36 | ″ | ″ | industrial control systems |
| 37 | ″ | ″ | infrastructure |
| 38 | ″ | ″ | intensity |
| 39 | ″ | ″ | mode |
| 40 | ″ | ″ | multiple attack vectors |
| 41 | ″ | ″ | nations |
| 42 | ″ | ″ | network |
| 43 | ″ | ″ | operation |
| 44 | ″ | ″ | optimal defensive strategy |
| 45 | ″ | ″ | organization |
| 46 | ″ | ″ | penetration |
| 47 | ″ | ″ | persistent threat |
| 48 | ″ | ″ | problematic types |
| 49 | ″ | ″ | process |
| 50 | ″ | ″ | protection |
| 51 | ″ | ″ | protection of utilities |
| 52 | ″ | ″ | provision critical services |
| 53 | ″ | ″ | real-world water utility network |
| 54 | ″ | ″ | recent security incidents |
| 55 | ″ | ″ | security incidents |
| 56 | ″ | ″ | services |
| 57 | ″ | ″ | set |
| 58 | ″ | ″ | set of processes |
| 59 | ″ | ″ | severity |
| 60 | ″ | ″ | sovereignty |
| 61 | ″ | ″ | stealth mode |
| 62 | ″ | ″ | strategies |
| 63 | ″ | ″ | study |
| 64 | ″ | ″ | style |
| 65 | ″ | ″ | such environments |
| 66 | ″ | ″ | system |
| 67 | ″ | ″ | target system |
| 68 | ″ | ″ | threat |
| 69 | ″ | ″ | types |
| 70 | ″ | ″ | typical critical infrastructures |
| 71 | ″ | ″ | uninterrupted operation |
| 72 | ″ | ″ | utility |
| 73 | ″ | ″ | utility network |
| 74 | ″ | ″ | utility organizations |
| 75 | ″ | ″ | vector |
| 76 | ″ | ″ | vital importance |
| 77 | ″ | ″ | water utility network |
| 78 | ″ | schema:name | Protecting Water Utility Networks from Advanced Persistent Threats: A Case Study |
| 79 | ″ | schema:pagination | 313-333 |
| 80 | ″ | schema:productId | N8aad685f2150446b8c25c9ef50a65aba |
| 81 | ″ | ″ | Nb94cd3a2b72a44d3844f7228f97bd12d |
| 82 | ″ | schema:publisher | N6ac79d52a674461fa588742f5165b4ef |
| 83 | ″ | schema:sameAs | https://app.dimensions.ai/details/publication/pub.1105344159 |
| 84 | ″ | ″ | https://doi.org/10.1007/978-3-319-75268-6_13 |
| 85 | ″ | schema:sdDatePublished | 2022-01-01T19:26 |
| 86 | ″ | schema:sdLicense | https://scigraph.springernature.com/explorer/license/ |
| 87 | ″ | schema:sdPublisher | N7ca6f5778109448fb02e16ec6892f6c5 |
| 88 | ″ | schema:url | https://doi.org/10.1007/978-3-319-75268-6_13 |
| 89 | ″ | sgo:license | sg:explorer/license/ |
| 90 | ″ | sgo:sdDataset | chapters |
| 91 | ″ | rdf:type | schema:Chapter |
| 92 | N1fff764f56f740a58dd27cf01b11e250 | rdf:first | N5a50c119a3384892b1a5449f9bc8edbf |
| 93 | ″ | rdf:rest | rdf:nil |
| 94 | N217f93f6c37c4c66a73d2a7127dbcec0 | rdf:first | sg:person.011353374772.69 |
| 95 | ″ | rdf:rest | Na6be800a81e24838a2bd84b3c184c02e |
| 96 | N231580b8cf3c4aa8a000d963f136d442 | schema:isbn | 978-3-319-75267-9 |
| 97 | ″ | ″ | 978-3-319-75268-6 |
| 98 | ″ | schema:name | Game Theory for Security and Risk Management |
| 99 | ″ | rdf:type | schema:Book |
| 100 | N5a50c119a3384892b1a5449f9bc8edbf | schema:familyName | Schauer |
| 101 | ″ | schema:givenName | Stefan |
| 102 | ″ | rdf:type | schema:Person |
| 103 | N6ac79d52a674461fa588742f5165b4ef | schema:name | Springer Nature |
| 104 | ″ | rdf:type | schema:Organisation |
| 105 | N767fc934781a45ceb0b2fda572ad9919 | rdf:first | sg:person.012636622347.55 |
| 106 | ″ | rdf:rest | rdf:nil |
| 107 | N7ca6f5778109448fb02e16ec6892f6c5 | schema:name | Springer Nature - SN SciGraph project |
| 108 | ″ | rdf:type | schema:Organization |
| 109 | N884710f0a34c4578a43feccd97beae11 | rdf:first | Nd8d6ae03e5e04919a4e56dcb2fc6721d |
| 110 | ″ | rdf:rest | N1fff764f56f740a58dd27cf01b11e250 |
| 111 | N8aad685f2150446b8c25c9ef50a65aba | schema:name | dimensions_id |
| 112 | ″ | schema:value | pub.1105344159 |
| 113 | ″ | rdf:type | schema:PropertyValue |
| 114 | Na6be800a81e24838a2bd84b3c184c02e | rdf:first | sg:person.07522234405.16 |
| 115 | ″ | rdf:rest | Nc6cc37bcb399436ab3f3b3ce0265143d |
| 116 | Nb94cd3a2b72a44d3844f7228f97bd12d | schema:name | doi |
| 117 | ″ | schema:value | 10.1007/978-3-319-75268-6_13 |
| 118 | ″ | rdf:type | schema:PropertyValue |
| 119 | Nb95bc206493e45d99c52b4e330774415 | schema:affiliation | grid-institutes:None |
| 120 | ″ | schema:familyName | Rossegger |
| 121 | ″ | schema:givenName | Karl |
| 122 | ″ | rdf:type | schema:Person |
| 123 | Nc6cc37bcb399436ab3f3b3ce0265143d | rdf:first | sg:person.013311511622.89 |
| 124 | ″ | rdf:rest | Ncc6d9a138de74531b760e8a836ba5c05 |
| 125 | Ncc6d9a138de74531b760e8a836ba5c05 | rdf:first | Nb95bc206493e45d99c52b4e330774415 |
| 126 | ″ | rdf:rest | N767fc934781a45ceb0b2fda572ad9919 |
| 127 | Nd8d6ae03e5e04919a4e56dcb2fc6721d | schema:familyName | Rass |
| 128 | ″ | schema:givenName | Stefan |
| 129 | ″ | rdf:type | schema:Person |
| 130 | anzsrc-for:08 | schema:inDefinedTermSet | anzsrc-for: |
| 131 | ″ | schema:name | Information and Computing Sciences |
| 132 | ″ | rdf:type | schema:DefinedTerm |
| 133 | anzsrc-for:0806 | schema:inDefinedTermSet | anzsrc-for: |
| 134 | ″ | schema:name | Information Systems |
| 135 | ″ | rdf:type | schema:DefinedTerm |
| 136 | sg:person.011353374772.69 | schema:affiliation | grid-institutes:grid.9835.7 |
| 137 | ″ | schema:familyName | Gouglidis |
| 138 | ″ | schema:givenName | Antonios |
| 139 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011353374772.69 |
| 140 | ″ | rdf:type | schema:Person |
| 141 | sg:person.012636622347.55 | schema:affiliation | grid-institutes:grid.9835.7 |
| 142 | ″ | schema:familyName | Hutchison |
| 143 | ″ | schema:givenName | David |
| 144 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012636622347.55 |
| 145 | ″ | rdf:type | schema:Person |
| 146 | sg:person.013311511622.89 | schema:affiliation | grid-institutes:grid.9835.7 |
| 147 | ″ | schema:familyName | Green |
| 148 | ″ | schema:givenName | Benjamin |
| 149 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013311511622.89 |
| 150 | ″ | rdf:type | schema:Person |
| 151 | sg:person.07522234405.16 | schema:affiliation | grid-institutes:grid.4332.6 |
| 152 | ″ | schema:familyName | König |
| 153 | ″ | schema:givenName | Sandra |
| 154 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07522234405.16 |
| 155 | ″ | rdf:type | schema:Person |
| 156 | grid-institutes:None | schema:alternateName | Linz AG Telekom, Wiener Straße 151, 4021, Linz, Austria |
| 157 | ″ | schema:name | Linz AG Telekom, Wiener Straße 151, 4021, Linz, Austria |
| 158 | ″ | rdf:type | schema:Organization |
| 159 | grid-institutes:grid.4332.6 | schema:alternateName | AIT Austrian Institute of Technology GmbH, Centre for Digital Safety and Security, Giefinggasse 4, 1210, Vienna, Austria |
| 160 | ″ | schema:name | AIT Austrian Institute of Technology GmbH, Centre for Digital Safety and Security, Giefinggasse 4, 1210, Vienna, Austria |
| 161 | ″ | rdf:type | schema:Organization |
| 162 | grid-institutes:grid.9835.7 | schema:alternateName | School of Computing and Communications, InfoLab21, Lancaster University, LA1 4WA, Lancaster, UK |
| 163 | ″ | schema:name | School of Computing and Communications, InfoLab21, Lancaster University, LA1 4WA, Lancaster, UK |
| 164 | ″ | rdf:type | schema:Organization |