Vulnerability modelling for hybrid IT systems
- Ur-Rehman, Attiq, Gondal, Iqbal, Kamruzzuman, Joarder, Jolfaei, Alireza, IEEE
- Authors: Ur-Rehman, Attiq , Gondal, Iqbal , Kamruzzuman, Joarder , Jolfaei, Alireza , IEEE
- Date: 2019
- Type: Text , Book chapter
- Relation: 2019 IEEE International Conference on Industrial Technology p. 1186-1191
- Full Text: false
- Reviewed:
- Description: Common vulnerability scoring system (CVSS) is an industry standard that can assess the vulnerability of nodes in traditional computer systems. The metrics computed by CVSS would determine critical nodes and attack paths. However, traditional IT security models would not fit IoT embedded networks due to distinct nature and unique characteristics of IoT systems. This paper analyses the application of CVSS for IoT embedded systems and proposes an improved vulnerability scoring system based on CVSS v3 framework. The proposed framework, named CVSSIoT, is applied to a realistic IT supply chain system and the results are compared with the actual vulnerabilities from the national vulnerability database. The comparison result validates the proposed model. CVSSIoT is not only effective, simple and capable of vulnerability evaluation for traditional IT system, but also exploits unique characteristics of IoT devices.
Sensitivity analysis for vulnerability mitigation in hybrid networks
- Ur‐rehman, Attiq, Gondal, Iqbal, Kamruzzaman, Joarder, Jolfaei, Alireza
- Authors: Ur‐rehman, Attiq , Gondal, Iqbal , Kamruzzaman, Joarder , Jolfaei, Alireza
- Date: 2022
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 11, no. 2 (2022), p.
- Full Text:
- Reviewed:
- Description: The development of cyber‐assured systems is a challenging task, particularly due to the cost and complexities associated with the modern hybrid networks architectures, as well as the recent advancements in cloud computing. For this reason, the early detection of vulnerabilities and threat strategies are vital for minimising the risks for enterprise networks configured with a variety of node types, which are called hybrid networks. Existing vulnerability assessment techniques are unable to exhaustively analyse all vulnerabilities in modern dynamic IT networks, which utilise a wide range of IoT and industrial control devices (ICS). This could lead to having a less optimal risk evaluation. In this paper, we present a novel framework to analyse the mitigation strategies for a variety of nodes, including traditional IT systems and their dependability on IoT devices, as well as industrial control systems. The framework adopts avoid, reduce, and manage as its core principles in characterising mitigation strategies. Our results confirmed the effectiveness of our mitigation strategy framework, which took node types, their criticality, and the network topology into account. Our results showed that our proposed framework was highly effective at reducing the risks in dynamic and resource constraint environments, in contrast to the existing techniques in the literature. © 2022 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Ur‐rehman, Attiq , Gondal, Iqbal , Kamruzzaman, Joarder , Jolfaei, Alireza
- Date: 2022
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 11, no. 2 (2022), p.
- Full Text:
- Reviewed:
- Description: The development of cyber‐assured systems is a challenging task, particularly due to the cost and complexities associated with the modern hybrid networks architectures, as well as the recent advancements in cloud computing. For this reason, the early detection of vulnerabilities and threat strategies are vital for minimising the risks for enterprise networks configured with a variety of node types, which are called hybrid networks. Existing vulnerability assessment techniques are unable to exhaustively analyse all vulnerabilities in modern dynamic IT networks, which utilise a wide range of IoT and industrial control devices (ICS). This could lead to having a less optimal risk evaluation. In this paper, we present a novel framework to analyse the mitigation strategies for a variety of nodes, including traditional IT systems and their dependability on IoT devices, as well as industrial control systems. The framework adopts avoid, reduce, and manage as its core principles in characterising mitigation strategies. Our results confirmed the effectiveness of our mitigation strategy framework, which took node types, their criticality, and the network topology into account. Our results showed that our proposed framework was highly effective at reducing the risks in dynamic and resource constraint environments, in contrast to the existing techniques in the literature. © 2022 by the authors. Licensee MDPI, Basel, Switzerland.
Cyber resilience modelling for the operations of hybrid network
- Ur-Rehman, Attiq, Kamruzzuman, Joarder, Gondal, Iqbal, Jolfaei, Alireza
- Authors: Ur-Rehman, Attiq , Kamruzzuman, Joarder , Gondal, Iqbal , Jolfaei, Alireza
- Date: 2022
- Type: Text , Conference paper
- Relation: 20th IEEE International Conference on Dependable, Autonomic and Secure Computing, 20th IEEE International Conference on Pervasive Intelligence and Computing, 7th IEEE International Conference on Cloud and Big Data Computing, 2022 IEEE International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022, Falerna, Italy, 12-15 September 2022, Proceedings 2022 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech)
- Full Text: false
- Reviewed:
- Description: Cyber resilience is referred to as the ability to resist cyber-attacks and it has several dimensions to evaluate. This study focuses on cyber resilience evaluation of nodes in hybrid network operations. This paper proposes a framework to evaluate cyber resilience and its integration with the CVSS (Common Vulnerability Scoring System) framework. CVSS is an industry standard to assess node vulnerabilities. The integration of cyber resilience with the CVSS framework will help cyber industry to standardise the node resilience capabilities for their operations. The proposed modelling is assessed and compared with our previous work on CVSS-based vulnerability evaluation for IoT and industrial integrated systems called CVSSIoT-ICS. The comparison results validate that the proposed model better evaluates the node vulnerabilities by incorporating the resilience capability of that nodes. © 2022 IEEE.
Vulnerability modelling and mitigation strategies for hybrid networks
- Authors: Ur-Rehman, Attiq
- Date: 2023
- Type: Text , Thesis , PhD
- Full Text:
- Description: Hybrid networks nowadays consist of traditional IT components, Internet of Things (IoT) and industrial control systems (ICS) nodes with varying characteristics, making them genuinely heterogeneous in nature. Historically evolving from traditional internet-enabled IT servers, hybrid networks allow organisations to strengthen cybersecurity, increase flexibility, improve efficiency, enhance reliability, boost remote connectivity and easy management. Though hybrid networks offer significant benefits from business and operational perspectives, this integration has increased the complexity and security challenges to all connected nodes. The IT servers of these hybrid networks are high-budget devices with tremendous processing power and significant storage capacity. In contrast, IoT nodes are low-cost devices with limited processing power and capacity. In addition, the ICS nodes are programmed for dedicated functions with the least interference. The available cybersecurity solutions for hybrid networks are either for specific node types or address particular weaknesses. Due to these distinct characteristics, these solutions may place other nodes in vulnerable positions. This study addresses this gap by proposing a comprehensive vulnerability modelling and mitigation strategy. This proposed solution equally applies to each node type of hybrid network while considering their unique characteristics. For this purpose, the industry-wide adoption of the Common Vulnerability Scoring System (CVSS) has been extended to embed the distinct characteristics of each node type in a hybrid network. To embed IoT features, the ‘attack vectors’ and ‘attack complexity vectors’ are modified and another metric “human safety index”, is integrated in the ‘Base metric group’ of CVSS. In addition, the ICS related characteristics are included in the ‘Environmental metric group’ of CVSS. This metric group is further enhanced to reflect the node resilience capabilities when evaluating the vulnerability score. The resilience of a node is evaluated by analysing the complex relationship of numerous contributing cyber security factors and practices. The evolved CVSSR-IoT-ICS framework proposed in the thesis measures the given vulnerabilities by adopting the unique dynamics of each node. These vulnerability scores are then mapped in the attack tree to reveal the critical nodes and shortest path to the target node. The mitigating strategy framework suggests the most efficient mitigation strategy to counter vulnerabilities by examining the node’s functionality, its locality, centrality, criticality, cascading impacts, available resources, and performance thresholds. Various case studies were conducted to analyse and evaluate our proposed vulnerability modelling and mitigation strategies on realistic supply chain systems. These analyses and evaluations confirm that the proposed solutions are highly effective for modelling the vulnerabilities while the mitigation strategies reduce the risks in dynamic and resource-constrained environments. The unified vulnerability modelling of hybrid networks minimises ambiguities, reduces complexities and identifies hidden deficiencies. It also improves system reliability and performance of heterogeneous networks while at the same time gaining acceptance for a universal vulnerability modelling framework across the cyber industry. The contributions have been published in reputable journals and conferences.
- Description: Doctor of Philosophy
- Authors: Ur-Rehman, Attiq
- Date: 2023
- Type: Text , Thesis , PhD
- Full Text:
- Description: Hybrid networks nowadays consist of traditional IT components, Internet of Things (IoT) and industrial control systems (ICS) nodes with varying characteristics, making them genuinely heterogeneous in nature. Historically evolving from traditional internet-enabled IT servers, hybrid networks allow organisations to strengthen cybersecurity, increase flexibility, improve efficiency, enhance reliability, boost remote connectivity and easy management. Though hybrid networks offer significant benefits from business and operational perspectives, this integration has increased the complexity and security challenges to all connected nodes. The IT servers of these hybrid networks are high-budget devices with tremendous processing power and significant storage capacity. In contrast, IoT nodes are low-cost devices with limited processing power and capacity. In addition, the ICS nodes are programmed for dedicated functions with the least interference. The available cybersecurity solutions for hybrid networks are either for specific node types or address particular weaknesses. Due to these distinct characteristics, these solutions may place other nodes in vulnerable positions. This study addresses this gap by proposing a comprehensive vulnerability modelling and mitigation strategy. This proposed solution equally applies to each node type of hybrid network while considering their unique characteristics. For this purpose, the industry-wide adoption of the Common Vulnerability Scoring System (CVSS) has been extended to embed the distinct characteristics of each node type in a hybrid network. To embed IoT features, the ‘attack vectors’ and ‘attack complexity vectors’ are modified and another metric “human safety index”, is integrated in the ‘Base metric group’ of CVSS. In addition, the ICS related characteristics are included in the ‘Environmental metric group’ of CVSS. This metric group is further enhanced to reflect the node resilience capabilities when evaluating the vulnerability score. The resilience of a node is evaluated by analysing the complex relationship of numerous contributing cyber security factors and practices. The evolved CVSSR-IoT-ICS framework proposed in the thesis measures the given vulnerabilities by adopting the unique dynamics of each node. These vulnerability scores are then mapped in the attack tree to reveal the critical nodes and shortest path to the target node. The mitigating strategy framework suggests the most efficient mitigation strategy to counter vulnerabilities by examining the node’s functionality, its locality, centrality, criticality, cascading impacts, available resources, and performance thresholds. Various case studies were conducted to analyse and evaluate our proposed vulnerability modelling and mitigation strategies on realistic supply chain systems. These analyses and evaluations confirm that the proposed solutions are highly effective for modelling the vulnerabilities while the mitigation strategies reduce the risks in dynamic and resource-constrained environments. The unified vulnerability modelling of hybrid networks minimises ambiguities, reduces complexities and identifies hidden deficiencies. It also improves system reliability and performance of heterogeneous networks while at the same time gaining acceptance for a universal vulnerability modelling framework across the cyber industry. The contributions have been published in reputable journals and conferences.
- Description: Doctor of Philosophy
- «
- ‹
- 1
- ›
- »