Cybersecurity vulnerabilities in operational technology

Sujichantararat, Suleeporn.

Author(s)

Sujichantararat, Suleeporn.

Download1142812109-MIT.pdf (16.73Mb)

Other Contributors

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.

Advisor

Howard E. Shrobe.

Terms of use

MIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

Manually generate attack trees is an early widespread technique done by cybersecurity experts in order to first find the ways to attack a system and then figure out the methods to prevent those attacks from being successfully executed. However, this type of tedious process is neither error free nor complete and not feasible for a large system with more than a hundred nodes. Consequently, automated attack trees generation is devised. In this thesis, we conduct a literature survey on state-of-the-art attackers about the techniques they used to attack systems. In addition, we also compile a list of automated attack tree generators with a focus on the first Hierarchical Task Network (HTN) planner for cyber security called Joshua. The attack strategies from Joshua are also converted into Planning Domain Definition Language (PDDL) with the option to follow master attack rule framework. We then evaluate the effectiveness of an automated attack tree generator by using Joshua to discover attack plans of an anonymous operational technology organization X as a case study. From our case study, the vulnerabilities arise in the third-party software and could be resolved by either updating the software with patches or using other alternative software. Linux kernel is the most vulnerable components with the Common Vulnerability Scoring System (CVSS) score span across the whole spectrum. Nonetheless, this conclusion considers only the vulnerability resides within a single component. The attacker might not directly attack a certain vulnerability but execute a series of action that gradually fulfill an entire chain of attacks. This leads to more advanced attack plans but we need more elaborate data to progress further.

Description

Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2019

Cataloged from PDF version of thesis.

Includes bibliographical references (pages 109-113).

Date issued

2019

URI

https://hdl.handle.net/1721.1/124106

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Keywords

Electrical Engineering and Computer Science.

Collections

Graduate Theses