Developing Resilient Cyber-Physical Systems: A Review of State-of-the-Art Malware Detection Approaches, Gaps, and Future Directions-Reference-Cited by-同舟云学术

Developing Resilient Cyber-Physical Systems: A Review of State-of-the-Art Malware Detection Approaches, Gaps, and Future Directions

Published:2023-04-14 Issue:4 Volume:12 Page:79
ISSN:2073-431X
Container-title:Computers
language:en
Short-container-title:Computers

Author:

Malik M. Imran¹^ORCID,Ibrahim Ahmed¹²^ORCID,Hannay Peter¹³^ORCID,Sikos Leslie F.¹²^ORCID

Affiliation:

1. School of Science, Edith Cowan University, Perth, WA 6207, Australia

2. Security Research Institute, Edith Cowan University, Perth, WA 6207, Australia

3. NCC Group, Perth, WA 6207, Australia

Abstract

Cyber-physical systems (CPSes) are rapidly evolving in critical infrastructure (CI) domains such as smart grid, healthcare, the military, and telecommunication. These systems are continually threatened by malicious software (malware) attacks by adversaries due to their improvised tactics and attack methods. A minor configuration change in a CPS through malware has devastating effects, which the world has seen in Stuxnet, BlackEnergy, Industroyer, and Triton. This paper is a comprehensive review of malware analysis practices currently being used and their limitations and efficacy in securing CPSes. Using well-known real-world incidents, we have covered the significant impacts when a CPS is compromised. In particular, we have prepared exhaustive hypothetical scenarios to discuss the implications of false positives on CPSes. To improve the security of critical systems, we believe that nature-inspired metaheuristic algorithms can effectively counter the overwhelming malware threats geared toward CPSes. However, our detailed review shows that these algorithms have not been adapted to their full potential to counter malicious software. Finally, the gaps identified through this research have led us to propose future research directions using nature-inspired algorithms that would help in bringing optimization by reducing false positives, thereby increasing the security of such systems.

Publisher

MDPI AG

Subject

Computer Networks and Communications,Human-Computer Interaction

Link

https://www.mdpi.com/2073-431X/12/4/79/pdf

Reference107 articles.

1. United States Cyber Command (2017). Advanced Cyber Industrial Control System Tactics, Techniques, and Procedures (ACI TTP) for Department of Defense (DoD) Industrial Control Systems (ICS), United States Department of Defense. Available online: https://apps.dtic.mil/dtic/tr/fulltext/u2/1040233.pdf.

2. Cyber and Infrastructure Security Centre, and Australian Government Department of Home Affairs (2023, March 29). Defining Critical Infrastrucure, Available online: https://www.cisc.gov.au/what-is-the-cyber-and-infrastructure-security-centre/defining-critical-infrastructure.

3. Barrett, M.P. (2023, March 27). Framework for Improving Critical Infrastructure Cybersecurity, Available online: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf.

4. Rzeszutek, E., and Mazurczyk, W. (2019). Nature-Inspired Cyber Security and Resiliency—Fundamentals, Techniques and Applications, Institution of Engineering and Technology (IET).

5. Faris, H., Aljarah, I., Mirjalili, S., Castillo, P.A., and Merelo, J.J. (2016, January 11). EvoloPy: An open-source nature-inspired optimization framework in Python. Proceedings of the 8th International Joint Conference on Computational Intelligence—ECTA (IJCCI), Porto, Portugal.

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. MAGIC: Malware behaviour analysis and impact quantification through signature co-occurrence and regression;Computers & Security;2024-04

2. An Accurate Metaheuristic Mountain Gazelle Optimizer for Parameter Estimation of Single- and Double-Diode Photovoltaic Cell Models;Mathematics;2023-11-07