Critical Infrastructure Risk Assessment Using Markov Chain Model

• Autorzy: Karbowski Andrzej , Malinowski Krzysztof , Szwaczyk Sebastian , Jaskóła Przemysław

Identyfikatory

DOI

10.26636/jtit.2019.130819

• Języki publikacji: EN

Abstrakty

EN

The paper presents application of the Markov chain model to assess the risk affecting critical national infrastructure. A method for relating different service states to transition probabilities is shown. Then, a real-life example is thoroughly analyzed. Finally, results of a numerical test concerning this problem are provided.

Słowa kluczowe

EN

cybersecurity; Markov chains; networks; NIS directive; simulation

• Wydawca: Instytut Łączności - Państwowy Instytut Badawczy
• Czasopismo: Journal of Telecommunications and Information Technology
• Rocznik: 2019
• Tom: nr 2
• Strony: 15--22
• Opis fizyczny: Bibliogr. 9 poz., rys., tab.

Twórcy

autor

Karbowski Andrzej

• Research and Academic Computer Network (NASK), Kolska 12, 01-045 Warsaw, Poland

autor

Malinowski Krzysztof

• Research and Academic Computer Network (NASK), Kolska 12, 01-045 Warsaw, Poland

autor

Szwaczyk Sebastian

• Research and Academic Computer Network (NASK), Kolska 12, 01-045 Warsaw, Poland

autor

Jaskóła Przemysław

• Research and Academic Computer Network (NASK), Kolska 12, 01-045 Warsaw, Poland

Bibliografia

• [1] “Directive (EU) 2016/1148 of The European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union”, The European Parliament and the Council of the European Union, Official Journal of the European Union, vol. 59, pp. L194/1– L194/30, 2016 [Online]. Available: https://eur-lex.europa.eu/ legal-content/EN/TXT/PDF/?uri=CELEX:32016L1148&from=EN
• [2] IEC/ISO 31010 “Risk management – Risk assessment techniques”, International Organization for Standardization, International Electrotechnical Commission, Geneva, 2009 [Online]. Available: https://www.iso.org/obp/ui#iso:std:iec:31010:ed-1:v1:en
• [3] S. Szwaczyk, K. Wrona, and M. Amanowicz, “Applicability of risk analysis methods to risk-aware routing in software-defined networks”, in Proc. Int. Conf. on Milit. Commun. and Inform. Syst. ICMCIS 2018, Warsaw, Poland, 2018 (doi: 10.1109/ICMCIS.2018.8398688).
• [4] M. L. Puterman, Markov Decision Processes: Discrete Stochastic Dynamic Programming. Wiley, 2014 (ISBN: 9780471619772).
• [5] A. Afful-Dada and T. T. Allen, “Data-driven cyber-vulnerability maintenance policies”, J. of Qual. Technol., vol. 46, pp. 234–250, 2014 (doi: 10.1080/00224065.2014.11917967).
• [6] S. Shin, S. Lee, H. Kim, and S. Kim, “Advanced probabilistic approach for network intrusion forecasting and detection”, Expert Syst. With Appl., vol. 40, pp. 315–322, 2013 (doi: 10.1016/j.eswa.2012.07.057).
• [7] N. Ye, Y. Zhang, and C. M. Borror, “Robustness of the Markovchain model for cyber-attack detection”, IEEE Trans. on Reliabil., vol. 53, pp. 116–123, 2004 (doi: 10.1109/TR.2004.823851).
• [8] S. Puuska et al., “Nationwide critical infrastructure monitoring using a common operating picture framework”, Int. J. of Critical Infrastruc. Protect., vol. 20, pp. 28–47, 2018 (doi: 10.1016/j.ijcip.2017.11.005).
• [9] K. Wrona, S. Oudkerk, S. Szwaczyk, and M. Amanowicz, “Contentbased security and protected core networking with software-defined networks”, IEEE Commun. Mag., vol. 54, pp. 138–144, 2016 (doi: 10.1109/MCOM.2016.7588283).

Uwagi

Opracowanie rekordu w ramach umowy 509/P-DUN/2018 ze środków MNiSW przeznaczonych na działalność upowszechniającą naukę (2019).