TY - GEN
T1 - Insider attack scenario assessment framework
AU - Song, Jinwoo
AU - He, Xinyu
AU - Moon, Young
N1 - Publisher Copyright:
Copyright © 2021 by ASME.
PY - 2021
Y1 - 2021
N2 - Cyber Manufacturing Systems (CMS) brings improvements to the manufacturing system and offers an information-transparent environment. Although CMS’s enhanced system brings many advantages to its manufacturing process, it is at a higher risk of security breach ironically due to its accessibility and connectivity. Therefore, implementing CMS without adequate security measures will make the system vulnerable to intruders including insiders. To identify insider threats, a risk assessment-based framework has been explored by many researchers in the information security community. however, less work has been done to analyze CMS’s vulnerabilities. Therefore, an Insider Attack Scenario Assessment Framework (IASAF) is proposed in this paper. IASAF is developed to detect the system’s security vulnerabilities and evaluate the insider attack scenarios by using five domains including: actor, preparation, implementation, consequence, and recovery. To validate and demonstrate the effectiveness of the framework, a testbed was used to study a case.
AB - Cyber Manufacturing Systems (CMS) brings improvements to the manufacturing system and offers an information-transparent environment. Although CMS’s enhanced system brings many advantages to its manufacturing process, it is at a higher risk of security breach ironically due to its accessibility and connectivity. Therefore, implementing CMS without adequate security measures will make the system vulnerable to intruders including insiders. To identify insider threats, a risk assessment-based framework has been explored by many researchers in the information security community. however, less work has been done to analyze CMS’s vulnerabilities. Therefore, an Insider Attack Scenario Assessment Framework (IASAF) is proposed in this paper. IASAF is developed to detect the system’s security vulnerabilities and evaluate the insider attack scenarios by using five domains including: actor, preparation, implementation, consequence, and recovery. To validate and demonstrate the effectiveness of the framework, a testbed was used to study a case.
KW - Attack detection
KW - Cyber-physical manufacturing system
KW - Insider attack
KW - Insider threats
KW - Manufacturing
KW - Risk assessment framework
KW - Vulnerability
UR - http://www.scopus.com/inward/record.url?scp=85124386151&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85124386151&partnerID=8YFLogxK
U2 - 10.1115/IMECE2021-69907
DO - 10.1115/IMECE2021-69907
M3 - Conference contribution
AN - SCOPUS:85124386151
T3 - ASME International Mechanical Engineering Congress and Exposition, Proceedings (IMECE)
BT - Advanced Manufacturing
PB - American Society of Mechanical Engineers (ASME)
T2 - ASME 2021 International Mechanical Engineering Congress and Exposition, IMECE 2021
Y2 - 1 November 2021 through 5 November 2021
ER -