RULE-BASED APPROACH USING THREATGET FOR AUTOMATICALLY GENERATING ATTACK PATHS IN INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS

Abdelkader Shaaban; Korbinian Christl; Christoph Schmittner

doi:10.35011/IDIMT-2024-195

RULE-BASED APPROACH USING THREATGET FOR AUTOMATICALLY GENERATING ATTACK PATHS IN INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS

Abdelkader Shaaban (Autor:in und Vortragende:r), Korbinian Christl, Christoph Schmittner

Security & Communication Technologies

Publikation: Beitrag in Buch oder Tagungsband › Vortrag mit Beitrag in Tagungsband › Begutachtung

Abstract

The rapid development and integration of Internet-based technologies in recent years have become essential for fully automating industrial control systems and enhancing decision-making, precision, and efficiency in managing complex and large-scale production systems. However, due to these remote connections, any vulnerable cybersecurity point could expose the entire system to cyberattacks. Therefore, it is essential and highly needed in such complex systems to identify any possible threats that could be triggered within the system. Additionally, building all possible paths based on the identified threats will be essential to highlight all attack paths that could pave the way for attackers to reach malicious goals. This paper introduces a novel, rule-based approach to determine and build any possible attack paths for critical assets in complex systems such as automated industrial environments. This approach is part of ThreatGet, which deeply investigates all attack steps, emphasizing the violated security prop

Originalsprache	Englisch
Titel	IDIMT-2024 Changes to ICT, Management, and Business Processes through AI
Untertitel	32nd Interdisciplinary Information Management Talks
Redakteure/-innen	Petr Doucek, Michael Sonntag, Lea Nedomova
Kapitel	Autonomous Vehicles
Seiten	195-202
Seitenumfang	8
Band	53
DOIs	https://doi.org/10.35011/IDIMT-2024-195
Publikationsstatus	Veröffentlicht - Sept. 2024
Veranstaltung	Interdisciplinary Information Management Talks - Czech Republic, Hradec Králové, Tschechische Republik Dauer: 4 Sept. 2024 → 6 Sept. 2024 https://idimt.org/

Konferenz

Konferenz	Interdisciplinary Information Management Talks
Kurztitel	IDIMT2024
Land/Gebiet	Tschechische Republik
Stadt	Hradec Králové
Zeitraum	4/09/24 → 6/09/24
Internetadresse	https://idimt.org/

Research Field

Dependable Systems Engineering

Zugriff auf Dokument

10.35011/IDIMT-2024-195

Andere Dateien und Links

https://idimt.org/wp-content/uploads/2024/09/IDIMT-2024-proceedings.pdf

Diese Publikation zitieren

Shaaban, A., Christl, K., & Schmittner, C. (2024). RULE-BASED APPROACH USING THREATGET FOR AUTOMATICALLY GENERATING ATTACK PATHS IN INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS. in P. Doucek, M. Sonntag, & L. Nedomova (Hrsg.), IDIMT-2024 Changes to ICT, Management, and Business Processes through AI: 32nd Interdisciplinary Information Management Talks (Band 53, S. 195-202) https://doi.org/10.35011/IDIMT-2024-195

Shaaban, Abdelkader ; Christl, Korbinian ; Schmittner, Christoph. / RULE-BASED APPROACH USING THREATGET FOR AUTOMATICALLY GENERATING ATTACK PATHS IN INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS. IDIMT-2024 Changes to ICT, Management, and Business Processes through AI: 32nd Interdisciplinary Information Management Talks. Hrsg. / Petr Doucek ; Michael Sonntag ; Lea Nedomova. Band 53 2024. S. 195-202

@inproceedings{94de173c151845c18da1b9707b892230,

title = "RULE-BASED APPROACH USING THREATGET FOR AUTOMATICALLY GENERATING ATTACK PATHS IN INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS",

abstract = "The rapid development and integration of Internet-based technologies in recent years have become essential for fully automating industrial control systems and enhancing decision-making, precision, and efficiency in managing complex and large-scale production systems. However, due to these remote connections, any vulnerable cybersecurity point could expose the entire system to cyberattacks. Therefore, it is essential and highly needed in such complex systems to identify any possible threats that could be triggered within the system. Additionally, building all possible paths based on the identified threats will be essential to highlight all attack paths that could pave the way for attackers to reach malicious goals. This paper introduces a novel, rule-based approach to determine and build any possible attack paths for critical assets in complex systems such as automated industrial environments. This approach is part of ThreatGet, which deeply investigates all attack steps, emphasizing the violated security prop",

keywords = "cybersecurity, attack paths, industrial automation and control systems",

author = "Abdelkader Shaaban and Korbinian Christl and Christoph Schmittner",

year = "2024",

month = sep,

doi = "10.35011/IDIMT-2024-195",

language = "English",

isbn = " 978-3-99151-527-2",

volume = "53",

pages = "195--202",

editor = "Petr Doucek and Michael Sonntag and Lea Nedomova",

booktitle = "IDIMT-2024 Changes to ICT, Management, and Business Processes through AI",

note = "Interdisciplinary Information Management Talks, IDIMT2024 ; Conference date: 04-09-2024 Through 06-09-2024",

url = "https://idimt.org/",

}

Shaaban, A , Christl, K & Schmittner, C 2024, RULE-BASED APPROACH USING THREATGET FOR AUTOMATICALLY GENERATING ATTACK PATHS IN INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS. in P Doucek, M Sonntag & L Nedomova (Hrsg.), IDIMT-2024 Changes to ICT, Management, and Business Processes through AI: 32nd Interdisciplinary Information Management Talks. Bd. 53, S. 195-202, Interdisciplinary Information Management Talks, Hradec Králové, Tschechische Republik, 4/09/24. https://doi.org/10.35011/IDIMT-2024-195

RULE-BASED APPROACH USING THREATGET FOR AUTOMATICALLY GENERATING ATTACK PATHS IN INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS. / Shaaban, Abdelkader (Autor:in und Vortragende:r); Christl, Korbinian ; Schmittner, Christoph.
IDIMT-2024 Changes to ICT, Management, and Business Processes through AI: 32nd Interdisciplinary Information Management Talks. Hrsg. / Petr Doucek; Michael Sonntag; Lea Nedomova. Band 53 2024. S. 195-202.

Publikation: Beitrag in Buch oder Tagungsband › Vortrag mit Beitrag in Tagungsband › Begutachtung

TY - GEN

T1 - RULE-BASED APPROACH USING THREATGET FOR AUTOMATICALLY GENERATING ATTACK PATHS IN INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS

AU - Christl, Korbinian

AU - Schmittner, Christoph

A2 - Shaaban, Abdelkader

A2 - Doucek, Petr

A2 - Sonntag, Michael

A2 - Nedomova, Lea

PY - 2024/9

Y1 - 2024/9

N2 - The rapid development and integration of Internet-based technologies in recent years have become essential for fully automating industrial control systems and enhancing decision-making, precision, and efficiency in managing complex and large-scale production systems. However, due to these remote connections, any vulnerable cybersecurity point could expose the entire system to cyberattacks. Therefore, it is essential and highly needed in such complex systems to identify any possible threats that could be triggered within the system. Additionally, building all possible paths based on the identified threats will be essential to highlight all attack paths that could pave the way for attackers to reach malicious goals. This paper introduces a novel, rule-based approach to determine and build any possible attack paths for critical assets in complex systems such as automated industrial environments. This approach is part of ThreatGet, which deeply investigates all attack steps, emphasizing the violated security prop

AB - The rapid development and integration of Internet-based technologies in recent years have become essential for fully automating industrial control systems and enhancing decision-making, precision, and efficiency in managing complex and large-scale production systems. However, due to these remote connections, any vulnerable cybersecurity point could expose the entire system to cyberattacks. Therefore, it is essential and highly needed in such complex systems to identify any possible threats that could be triggered within the system. Additionally, building all possible paths based on the identified threats will be essential to highlight all attack paths that could pave the way for attackers to reach malicious goals. This paper introduces a novel, rule-based approach to determine and build any possible attack paths for critical assets in complex systems such as automated industrial environments. This approach is part of ThreatGet, which deeply investigates all attack steps, emphasizing the violated security prop

KW - cybersecurity

KW - attack paths

KW - industrial automation and control systems

UR - https://idimt.org/wp-content/uploads/2024/09/IDIMT-2024-proceedings.pdf

U2 - 10.35011/IDIMT-2024-195

DO - 10.35011/IDIMT-2024-195

M3 - Conference Proceedings with Oral Presentation

SN - 978-3-99151-527-2

VL - 53

SP - 195

EP - 202

BT - IDIMT-2024 Changes to ICT, Management, and Business Processes through AI

T2 - Interdisciplinary Information Management Talks

Y2 - 4 September 2024 through 6 September 2024

ER -

Shaaban A , Christl K , Schmittner C. RULE-BASED APPROACH USING THREATGET FOR AUTOMATICALLY GENERATING ATTACK PATHS IN INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS. in Doucek P, Sonntag M, Nedomova L, Hrsg., IDIMT-2024 Changes to ICT, Management, and Business Processes through AI: 32nd Interdisciplinary Information Management Talks. Band 53. 2024. S. 195-202 doi: 10.35011/IDIMT-2024-195

RULE-BASED APPROACH USING THREATGET FOR AUTOMATICALLY GENERATING ATTACK PATHS IN INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS

Abstract

Konferenz

Research Field

Zugriff auf Dokument

Andere Dateien und Links

Fingerprint

Diese Publikation zitieren