Securing Cyber-Physical Systems via Advanced Cyber Threat Intelligence Methods

Securing Cyber-Physical Systems via Advanced Cyber Threat Intelligence Methods

연구 분야: Safety

학회: CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security

Many services that make our modern society work, such as communications and transportation, are only possible thanks to Cyber-Physical Systems (CPS). This makes CPS the target of cyberattacks that aim to disrupt our society. One tool that we can leverage to protect CPS is Cyber Threat Intelligence (CTI). CTI is threat information that helps us understand a threat actor's techniques. However, current CTI on CPS is limited as current methods cannot collect and analyze data on the latest cyberattacks against CPS. In this dissertation research description, we address this problem by developing three new methods that advance the state-of-the-art CTI of three different CPS: Industrial Control Systems (ICS), Satellites, and Connected Autonomous Vehicles (CAV). The first research project involves the development of a novel threat taxonomy for programmable logic controllers (PLCs), which are a key part of ICS. The second project is the development of a satellite honeypot to collect data on adversaries' techniques. The third and final project involves the development of a CAV sandbox that allows us to test cyberattacks on CAVs to collect raw threat intelligence. Our preliminary results include a novel ICS threat matrix and a high-interaction satellite honeypot in the literature, which pushes the state of the art of CTI for CPS forward.