عنوان
پدید آورنده
موضوع
رده
کتابخانه
محل استقرار
NATIONAL BIBLIOGRAPHY NUMBER
Number
TL52592
LANGUAGE OF THE ITEM
.Language of Text, Soundtrack etc
انگلیسی
TITLE AND STATEMENT OF RESPONSIBILITY
Title Proper
Predicting Threat Capability in Control Systems to Enhance Cybersecurity Risk Determination
General Material Designation
[Thesis]
First Statement of Responsibility
Price, Peyton T.
Subsequent Statement of Responsibility
Marufuzzaman, Mohammad
.PUBLICATION, DISTRIBUTION, ETC
Name of Publisher, Distributor, etc.
Mississippi State University
Date of Publication, Distribution, etc.
2020
GENERAL NOTES
Text of Note
67 p.
DISSERTATION (THESIS) NOTE
Dissertation or thesis details and type of degree
Ph.D.
Body granting the degree
Mississippi State University
Text preceding or following the note
2020
SUMMARY OR ABSTRACT
Text of Note
Risk assessment is a critical aspect of all businesses, and leaders are tasked with lim- iting risk to the lowest reasonable level within their systems. Industrial Control Systems (ICS) operate in a different cybersecurity risk environment than business systems due to the possibility of second and third-order effects when an attack occurs. We present a process for predicting when an adversary gains the ability to attack an industrial control system. We assist leaders in understanding how attackers are targeting ICS by providing visualiza- tions and percentages that can be applied to updating infrastructure or shifting personnel responsibilities to counter the threat. This new process seeks to integrate defenders and threat intelligence providers, allowing defenders to proactively defend their networks prior to devastating attacks. We apply the process by observing it under randomness with con- straints and through a case study of the 2015 attack on the Ukrainian power grid. We find that this process answers the question of what an attacker can do, provides the ability for the defender to possess an updated understanding of the threat's capability, and can both increase and decrease the probability that an attacker has a capability against a control system. This process will allow leaders to provide strategic vision to the businesses and systems that they manage.
UNCONTROLLED SUBJECT TERMS
Subject Term
Information science
Subject Term
Operations research
PERSONAL NAME - PRIMARY RESPONSIBILITY
Price, Peyton T.
PERSONAL NAME - SECONDARY RESPONSIBILITY
Marufuzzaman, Mohammad
CORPORATE BODY NAME - SECONDARY RESPONSIBILITY
Mississippi State University
ELECTRONIC LOCATION AND ACCESS
Electronic name
مطالعه متن کتاب p
[Thesis]
276903
a
Y
