‘Attribution of Cyber Attacks on Industrial Control Systems’ by Allan Cook, Andrew Nicholson, Helge Janicke, Leandros Maglaras, and Richard Smith
EUDL‘s Most Downloaded Paper for the month of June (2016), appears in Issue #7 of EAI Endorsed Transactions on Industrial Networks and Intelligent Systems
Industrial Control Systems (ICS) are a big deal. They provide essential services for critical national or organizational infrastructure, and to compromise them means to compromise the continued security of these countries. They are responsible for the management of processes that, if not executed correctly, pose a significant risk to the health and safety of human lives, serious damage to the environment, as well as serious financial issues such as production losses that may have a negative impact on a nation’s economy. As such, they are increasingly becoming the subject of computer network attacks, which could have devastating consequences.
The authors of this paper have put together a survey of technical attribution techniques specifically related to ICS in order to create a single self-containing attribution resource that is useful for new researchers to the field. The survey is first of its kind, as previous attack taxonomies used for contemporary attribution do not accommodate methods to integrate data from cyber-physical systems such as ICS, and the existing information is very scattered.
Attribution of cyber attacks is a crucial component of prosecution, as it defines the type of attack, so that international law enforcement agencies or national governments can decide on appropriate recourse. Attribution also serves to act as a deterrent to future attacks, can provide the basis for interrupting attacks in progress and can support overall improvements to defensive techniques.
If you wish to learn more, you can download the full paper for free on EUDL.