| dc.contributor.advisor | Howard E. Shrobe. | en_US |
| dc.contributor.author | Sujichantararat, Suleeporn. | en_US |
| dc.contributor.other | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science. | en_US |
| dc.date.accessioned | 2020-03-09T18:53:46Z | |
| dc.date.available | 2020-03-09T18:53:46Z | |
| dc.date.copyright | 2019 | en_US |
| dc.date.issued | 2019 | en_US |
| dc.identifier.uri | https://hdl.handle.net/1721.1/124106 | |
| dc.description | Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2019 | en_US |
| dc.description | Cataloged from PDF version of thesis. | en_US |
| dc.description | Includes bibliographical references (pages 109-113). | en_US |
| dc.description.abstract | Manually generate attack trees is an early widespread technique done by cybersecurity experts in order to first find the ways to attack a system and then figure out the methods to prevent those attacks from being successfully executed. However, this type of tedious process is neither error free nor complete and not feasible for a large system with more than a hundred nodes. Consequently, automated attack trees generation is devised. In this thesis, we conduct a literature survey on state-of-the-art attackers about the techniques they used to attack systems. In addition, we also compile a list of automated attack tree generators with a focus on the first Hierarchical Task Network (HTN) planner for cyber security called Joshua. The attack strategies from Joshua are also converted into Planning Domain Definition Language (PDDL) with the option to follow master attack rule framework. We then evaluate the effectiveness of an automated attack tree generator by using Joshua to discover attack plans of an anonymous operational technology organization X as a case study. From our case study, the vulnerabilities arise in the third-party software and could be resolved by either updating the software with patches or using other alternative software. Linux kernel is the most vulnerable components with the Common Vulnerability Scoring System (CVSS) score span across the whole spectrum. Nonetheless, this conclusion considers only the vulnerability resides within a single component. The attacker might not directly attack a certain vulnerability but execute a series of action that gradually fulfill an entire chain of attacks. This leads to more advanced attack plans but we need more elaborate data to progress further. | en_US |
| dc.description.statementofresponsibility | by Suleeporn Sujichantararat. | en_US |
| dc.format.extent | 113 pages | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | Massachusetts Institute of Technology | en_US |
| dc.rights | MIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission. | en_US |
| dc.rights.uri | http://dspace.mit.edu/handle/1721.1/7582 | en_US |
| dc.subject | Electrical Engineering and Computer Science. | en_US |
| dc.title | Cybersecurity vulnerabilities in operational technology | en_US |
| dc.type | Thesis | en_US |
| dc.description.degree | S.M. | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | en_US |
| dc.identifier.oclc | 1142812109 | en_US |
| dc.description.collection | S.M. Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science | en_US |
| dspace.imported | 2020-03-09T18:53:45Z | en_US |
| mit.thesis.degree | Master | en_US |
| mit.thesis.department | EECS | en_US |
