Ensuring cyber resilience of ship information systems

Onishchenko, O.; Shumilova, K.; Volyanskyy, S.; Volyanskaya, Y.; Volianskyi, Y.

doi:10.12716/1001.16.01.04

Artykuł - szczegóły

Tytuł artykułu

Ensuring cyber resilience of ship information systems

Autorzy

Onishchenko O. , Shumilova K. , Volyanskyy S. , Volyanskaya Y. , Volianskyi Y.

Treść / Zawartość

Pełne teksty:

Pobierz

Identyfikatory

DOI

10.12716/1001.16.01.04

Warianty tytułu

Języki publikacji

Abstrakty

The Covid-19 pandemic brought a problem related to the inability to timely update security systems on ships during a voyage and the need to encrypt data stored in ship information systems (SISs) and shipping company information systems. The analysis of new types of worldwide cyberattacks showed that they were set off by an increase in the use of remote-controlled autonomous technologies and a spread of telework. It was proved that on ships: a) there are no cybersecurity specialists; b) there is no means of identification of cyber threats and no response plans; c) there is a lack of cybersecurity training for crews; d) encryption of confidential ship data is barely used; e) crew is a vulnerability factor in ship's security. The analysis of cyber incidents allowed us to develop a basic response plan to protect ship control systems. It was demonstrated that the basic plan can be continuously updated and improved in accordance with: a) the real state of ship systems; b) the results of performance analysis of crew actions; c) the emergence of new types of cyberattacks. To improve the security of confidential data in ship information networks theoretical framework for the development of encrypted data search engines with the identification of “dangerous” keywords for the ship information systems (SISs) was proposed. A data exchange protocol, basic requirements for SISs, and an algorithm for detecting “dangerous” keywords in messages were developed. A test search engine on encrypted data was presented, and the main components of the system were highlighted. The functionality of the system was experimentally proved, and the accuracy and speed of search on encrypted data were determined.

Słowa kluczowe

ship Information systems cyber resilience ship information systems cyber security cyber attack COVID-19 cyber threats autonomous navigation

Wydawca

Faculty of Navigation, Gdynia Maritime University

Czasopismo

TransNav : International Journal on Marine Navigation and Safety of Sea Transportation

Rocznik

2022

Tom

Vol. 16 No. 1

Strony

43--50

Opis fizyczny

Bibliogr. 22 poz., rys.

Twórcy

autor

Onishchenko O.

National University Odessa Maritime Academy, Ukraine

autor

Shumilova K.

National University Odessa Maritime Academy, Ukraine

autor

Volyanskyy S.

Admiral Makarov National University of Shipbuilding, Ukraine

autor

Volyanskaya Y.

Admiral Makarov National University of Shipbuilding, Ukraine

autor

Volianskyi Y.

Admiral Makarov National University of Shipbuilding, Ukraine

Bibliografia

1. Apr 19, D.H.K.•, 2020: FBI: Covid-19 Cyberattacks Spike 400% in Pandemic, https://www.msspalert.com/cybersecurity-news/fbi-covid-19-cyberattacks-spike-400-in-pandemic/, last accessed 2022/03/25.
2. Bar-Yam, Y.: General Features of Complex Systems. UNESCO Encyclopedia of Life Support Systems. (2002).
3. Ding, M. et al.: An efficient Public Key Encryption with Conjunctive Keyword Search scheme based on pairings. In: 2012 3rd IEEE International Conference on Network Infrastructure and Digital Content. pp. 526–530 (2012). https://doi.org/10.1109/ICNIDC.2012.6418809.
4. Ferrill, T.: 10 security tools all remote employees should have, https://www.csoonline.com/article/3625882/10-security-tools-all-remote-employees-should-have.html, last accessed 2022/03/25.
5. Goh, E.-J.: Secure Indexes. (2003).
6. Golikov, V.A. et al.: A simple technique for identifying vessel model parameters. IOP Conference Series: Earth and Environmental Science. 172, 012010 (2018). https://doi.org/10.1088/1755-1315/172/1/012010.
7. Kołowrocki, K., Soszyńska-Budny, J.: Reliability and Safety of Complex Technical Systems and Processes. Springer London, London (2011). https://doi.org/10.1007/978-0-85729-694-8_8.
8. Kulesh, S.: NCCC NSDC recorded a new type of DDOS attacks using hacked smart home devices?, https://itc.ua/news/nkczk-snbo-zafiksiroval-novyj-tip-ddos-atak-s-ispolzovaniem-vzlomannyh-ustrojstv-umnogo-doma/, last accessed 2022/03/25.
9. Shumilova, K., Onishchenko, O.: Action planning in comprehensive shipping risk identification. The scientific heritage. The scientific heritage. 49, 1, 40–46 (2020).
10. Tsvetkov, V.Y.: Complex technical systems. International Journal of Applied and Basic Research. 10, 4, 670 (2016).
11. Tugolukov, E.N. et al.: Design of complex systems. Tambov: ТGТU (2008).
12. VanMSFT: SQL code injection, https://docs.microsoft.com/ru-ru/sql/relational-databases/security/sql-injection, last accessed 2022/03/25.
13. Volianskyi, Y.: Development of practical implementation of the use of schemes of homomorphic search. Slovak international scientific journal. 48, 1, 7–12 (2021).
14. Volyanskaya, Y. et al.: Determining energy-efficient operation modes of the propulsion electrical motor of an autonomous swimming apparatus. EEJET. 6, 8 (90), 11–16 (2017). https://doi.org/10.15587/1729-4061.2017.118984.
15. Analytical review of the protocols of the Internet of Things, https://www.tssonline.ru, last accessed 2022/03/25.
16. Analytics of the information security industry 2021, https://www.infowatch.ru/analytics/daydzhesty-i-obzory, last accessed 2022/03/25.
17. Attacks on web applications: results of 2018, https://www.ptsecurity.com/ru-ru/research/analytics/web-application-attacks-2019/, last accessed 2022/03/25.
18. Gaining visibility of your onboard systems: you can’t secure something you can’t see, https://thedigitalship.com/news/maritime-satellite-communications/item/6673-gaining-visibility-of-your-onboard-systems-you-can-t-secure-something-you-can-t-see3, last accessed 2022/03/25.
19. Positive Research Center, https://www.securitylab.ru/lab/, last accessed 2022/03/25.
20. Relevant cyber threats quarter 1 2020, https://www.ptsecurity.com/ru-ru/research/analytics/cybersecurity-threatscape-2020-q1/, last accessed 2022/03/25.
21. Ship cybersecurity is in the hands of sailors, https://moryakukrainy.livejournal.com/3843048.html, last accessed 2022/03/25.
22. Vulnerabilities, https://www.securitylab.ru/vulnerability/, last accessed 2022/03/25.

Typ dokumentu

Bibliografia

Identyfikator YADDA

bwmeta1.element.baztech-3b0b5d94-105a-4113-b2df-06a7ccfe48b4