ICSrange: A Simulation-based Cyber Range Platform for Industrial Control Systems

09/04/2019
by   Vincenzo Giuliano, et al.
0

Maintenance staff of Industrial Control Systems (ICS) is generally not aware about information technologies, and even less about cyber security problems. The scary impact of cyber attacks in the industrial world calls for tools to train defensive skills and test effective security measures. Cyber range offers this opportunity, but current research is lacking cost-effective solutions verticalized for the industrial domain. This work proposes ICSrange, a simulation-based cyber range platform for Industrial Control Systems. ICSrange adopts Commercial-Off-The-Shelf (COTS) technologies to virtualize an enterprise network connected to Industrial Control Systems. ICSrange is the outcome of a preliminary study intended to investigate challenges and opportunities to build a configurable and extensible cyber range with simulated industrial processes. Literature shows that testbeds based on realistic mock-ups are effectively employed to develop complex exploits like Advanced Persistent Threats (APTs), hence motivating their usage to train and test security in ICS. We prove the effectiveness of ICSrange through the execution of a multi-staged attack that breaches an enterprise network and progressively intrudes a simulated ICS with water tanks. The attack mimics lateral movements as observed in APTs.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

10/25/2021

Anomaly-Based Intrusion Detection System for Cyber-Physical System Security

Over the past decade, industrial control systems have experienced a mass...
02/10/2020

Cybersecurity for Industrial Control Systems: A Survey

Industrial Control System (ICS) is a general term that includes supervis...
06/09/2021

Reinforcement Learning for Industrial Control Network Cyber Security Orchestration

Defending computer networks from cyber attack requires coordinating acti...
09/24/2020

Pandora: A Cyber Range Environment for the Safe Testing and Deployment of Autonomous Cyber Attack Tools

Cybersecurity tools are increasingly automated with artificial intellige...
01/25/2020

A Review of Cybersecurity Incidents in the Water Sector

This study presents a critical review of disclosed, documented, and mali...
11/30/2019

Fuzzy approach on modelling cyber attacks patterns on data transfer in industrial control systems

Cybersecurity of industrial control system is a very complex and challen...
12/09/2018

Fishy Cyber Attack Detection in Industrial Control Systems

Cyber attacks have become serious threats to Industrial Control systems ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.