Research on SCADA system security reinforcement method based on distributed Pareto algorithm-Reference-Cited by-同舟云学术

Research on SCADA system security reinforcement method based on distributed Pareto algorithm

Published:2021-12-17 Issue: Volume: Page:1-13
ISSN:1472-7978
Container-title:Journal of Computational Methods in Sciences and Engineering
language:
Short-container-title:JCM

Author:

Ning Hua¹,Liu Kaijun²,Li Yuan³

Affiliation:

1. China Academy of Information and Communications Technology, Beijing, China

2. Beijing University of Posts and Telecommunications, Beijing, China

3. Beijing Information Security Assessment Center, Beijing, China

Abstract

As the SCADA system develops continuously, the dissemination of malicious network behaviors has brought great risk to the normal operation of enterprises, meanwhile resulting in huge economic burden to personal work and life. Therefore, the security reinforcement strategy is crucial to the field of network security management and analysis of the SCADA system. Some researchers have started to investigate on how to minimize the cost of realizing the SCADA system reinforcement strategy. However, the SCADA system administrators are facing a very challenging problem, that’s the reinforcement budget is less than the minimal input of SCADA system security reinforcement. The core of this problem lies on how to choose a subset from massive security reinforcement strategies, so as to minimize the risks from not patching all essential security vulnerabilities within the budget. Based on a deep comparative analysis of existing multi-objective optimization technologies, this paper proposes a multi-objective optimization method based on system attack tree model, and uses Pareto algorithm to solve this problem. The experimental results demonstrate that the Pareto algorithm can effectively make the multi-objective decision in security reinforcement strategy, and can solve practical issues in actual SCADA system security reinforcement practice.

Publisher

IOS Press

Subject

Computational Mathematics,Computer Science Applications,General Engineering

Reference23 articles.

1. Noel S, Jajodia S, O’Berry B, Jacobs M. Efficient minimum-cost network hardening via exploit dependency graphs. In 19th Annual Computer Security Applications Conference, 2003. Proceedings. 2003 Dec 8 (pp. 86-95). IEEE.

2. Jha S, Sheyner O, Wing J. Two formal analyses of attack graphs. In Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15 2002 Jun 24 (pp. 49-63). IEEE.

3. Matching information security vulnerabilities to organizational security profiles: a genetic algorithm approach;Gupta;Decision Support Systems.,2006

4. On finding the maxima of a set of vectors;Kung;Journal of the ACM (JACM).,1975

5. Balke WT, Güntzer U. Multi-objective query processing for database systems. In Proceedings of the Thirtieth international conference on Very large data bases-Volume 30, 2004 Aug 31 (pp. 936-947).