Providing a rational conceptual model for classifying critical infrastructure cyber threats

Document Type : Original Article

Authors

1 PhD student in Systems Management, University of Tehran

2 Professor and Faculty Member of College of Engineering, College of Engineering, University of Tehran

3 Assistant Professor and Research Member of ICT Research Institute

4 Assistant Professor, Faculty of Management, University of Tehran

5 Assistant Professor and Faculty Member of Imam Hussein University

Abstract

The Development of communication infrastructures and connection of Heterogeneous networks with concurrent expansion of diverse services at national and local organizations beside of it's Unusual and intertwined structure are main reason for growing of vulnerabilities and threats in cyberspace. Cyber threats with effectiveness at national level against some of these infrastructures -as known critical infrastructures- impose huge and Irrecoverable costs on the organizations, societies and countries. The main action in dealing with these cases is to identify the above threats. The purpose of this study is to analyze these threats in the form of a rational conceptual model for their classification. Achieving this goal requires identifying cyber threat classifications, examining their rationale and typology at critical infrastructure level. In this study, by conducting relevant researches, reviewing the literatures, identifying frequent cyber threats, validating them from credible sources, and extracting common concepts related to cyber threat identification, dimensions, components and indicators of cyber threat classification of critical infrastructures were extracted. The data were collected by Meta-synthesis and the results were validated by Kappa coefficient. The results came in the form of a rational conceptual model of cyber threat classification of critical infrastructures whose six dimensions are: threats, threat factors, threat characteristics, intrusive view, system description, and threat identification resources.

  1. الف. منابع فارسی

    1. سند راهبردی پدافند غیرعامل جمهوری اسلامی ایران، 1391
    2. سند راهبردی پدافند سایبری(1394)، سازمان پدافند غیرعامل
    3. سیاهکلی، محمد.(1394). طرح تحقیقاتی: الگوی تکالیف و مسئولیت­ سازمان­ها در قبال امنیت فضای سایبر
    4. محمدی، علی(1392)؛ دسته­بندی تهدیدات سایبری(با رویکرد طراحی نظام رصد تهدیدات سایبری)، دانشگاه و پژوهشگاه عالی دفاع ملی و تحقیقات راهبردی
    5. خالقی، محمود؛(1391) ماموریت­ها، ساختار تشکیلات و شرح وظایف قرارگاه پدافند سایبری کشور، مرکز پدافند سایبری کشور
    6. پورنقدی، بهزاد؛(1391) پدافندغیرعامل و بررسی تهدیدات نظم و امنیت در فضای سایبری
    7. عبدا...خانی، علی؛(1385) حفاظت از زیرساخت­های حیاتی اطلاعاتی
    8. دبیرخانه شورای عالی امنیت فضای تبادل اطلاعات،(1384) سند راهبردی امنیت فضای تبادل اطلاعات کشور
    9. صلاحی، احمد؛(1393) حفاظت از زیرساخت­های ملی در مقابل حملات سایبری،
    10. بلیکی، نوومن،(1393) طراحی پژوهش­های اجتماعی ترجمه حسن چاووشیان، تهران، نشر نی
    11. سایت اینترنتی http://www.dadehara.com
    12. معاونت پژوهش و تولید علم دانشکده اطلاعات،(1394)حفاظت سایبری از زیرساخت­های حیاتی
    13. سازمان فناوری اطلاعات،(1390) نظام دفاع سایبری، فصل ششم
    14. مجله شبکه و امنیت(1395)، شماره 275
    15. اسماعیلی، علی؛ ثنا قربانی، جلال؛(1397) تبیین نسبت سناریوهای محتمل و مطلوب تهدیدات سایبری جمهوری اسلامی ایران، فصلنامه علمی – پژوهشی، امنیت ملی
    16. افتخاری، اصغر؛ (1392)برآورد تهدید-رویکردی نظام­واره
    17. قوچانی خراسانی، محمدمهدی، حسین­پور، داود؛(1396)، حاکمیت شبکه­ای در نهادهای پژوهشی امنیت سایبری، دانشکده مدیریت و حسابداری دانشگاه علامه طباطبایی، فرایند مدیریت توسعه، دوره 30، شماره 1، ص 80-51،
    18. وظیفه­دان، سارا؛(1395)، انواع تهدیدات در فضای سایبری و راهکار‌های مقابله با آن، کنفرانس ملی پدافند غیرعامل در قلمرو فضای سایبر
    19. مشهدی، حسن، امینی ورکی، سعید؛ (1394)، تدوین و ارائه الگوی ارزیابی تهدیدات، آسیب پذیری و تحلیل خطرپذیری زیرساخت‌های حیاتی با تأ کید بر پدافند غیرعامل
    20. عرب­سرخی، ابوذر؛ شبانی، فاطمه، ایوازه، اسما، چاردولی، امین؛(1396)؛ تدوین نقشه‌راه امنیت در حوزه ارتباطات و فناوری اطلاعات؛ پژوهشگاه ارتباطات و فناوری اطلاعات-پژوهشکده امنیت ارتباطات و فناوری اطلاعات-گروه ارزیابی امنیت شبکه و سامانه‌ها
    21. پایگاه اطلاع­رسانی حوزه به آدرس https://hawzah.net/fa/Book/View/45217/14818/

    ب. منابع لاتین

    1. Mouna Jouini, Latifa Ben Arfa Rabai, Anis Ben Aissa,(2014),Classification of security threats in information systems, 5th International Conference on Ambient Systems, Networks and Technologies,Computer Science32(489 – 496), ScienceDirect, ELSEVIER
    2. Ahmad Bakhtiyari Shahri, Zuraini Ismail,(2012), A Tree Model for Identification of Threats as the First Stage of Risk Assessment in HIS, Journal of Information Security, 2012, 3, 169-176
    3. D. Kotz, “A Threat Taxonomy for Health Privacy,” Proceedings of the 3rd International Conference on Communication Systems and Networks of the IEEE COMS- NETS, Bangalore, 4-8 January 2011, pp.1-6.
    4. Thomas A. Johnson,“CyberSecurity,Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare“ Webster University, St. Louis, Missouri, USA, 2015
    5. “Federal Information Processing Standards (FIPS) 200, Minimum Security Requirements for Federal Information and Information Systems” by NIST of United States of America. Spoofing, Tampering, Repudiation, Information disclosure, Denial of Service, Elevation of privilege.
    6. ISO/IEC 27000, "Information technology - Security techniques - information security management systems – overview and vocabulary", 2014
    7. U.S Department of Homeland Security, "National Cyber Incident Response Plan", September 2010
    8. U.S. Office of Homeland Security, “The National Strategy for Homeland Security”, July 16, 2002, p.30.
    9. National Institute of Standards and Technology, “Framework for Improving Critical Infrastructure Cyber security”, February 12, 2014
    10. National Institute of Standards and Technology, “Framework for Improving Critical Infrastructure Cybersecurity”, January 10, 2017
    11. HTTP://www.mio.gov.uk-134
    12. Carvaliho, V.A. Almeida,J.P.A, Fonseca, C.M, & Guizzardi,G.(2017), Multi-level ontology based conceptual modeling Data & Knowledge Enginnering.
    13. USGAO, United States Faces Challenges in Addressing Global Cybersecurity and Governance, United States Government Accountability Office, July 2010.
    14. S.Hansman and R. Hunt, "A Taxonomy of Network and Computer Attacks," Computer and Security,2005
    15. J. Mirkovic and P. Reiher, "A Taxonomy of DDoS Attack and DDoS Defense Mechanisms," ACM، CCR, April 2004
    16. F. Lough, "A Taxonomy of Computer Attacks with Applications to Wireless Networks,”" Ph.D. Thesis,Virginia Polytechnic Institute and State University, 2001
    17. J.D. Howard and T. Longstaff, "A Common Language for Computer Security Incidents" Technical report, Sandia National Laboratories, 1998
    18. Thomas A. Johnson, “Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare”, Webster University, St. Louis, Missouri, USA, 2015
    19. www.techrepublic.com, 2017
    20. www.infosecurity-magazine.com, 2017
    21. ENISA Threat Landscape Report 2017, 15 Top Cyber-Threats and Trends
    22. www.nopsec.com, report of Cyber Attack, 2017
    23. www.checkpoint.com, Security Report, 2018
    24. Source:Check Point H2 2017 Global Threat Intelligence Trends Report, https://research.checkpoint.com/
    25. h2-2017-global-threat-intelligence-trends-report
    26. TREND Micro, Report on Cybersecurity and Critical Infrastructure in the Americas, 2015
    27. https://www.gartner.com/technology/research/it-spending-forecast/
    28. https://ec.europa.eu/digital-single-market/en/news/comprehensive-approach-evolving-cyber-threats,accessed November 2017.
    29. The Department of Homeland Security, Critical Infrastructure Sectors, Last Published Date: August 22, 2018
    30. POSTNOTE, Cyber Security of UK Infrastructure, Number 554 May 2017
    31. David P. Duggan, John T. Michalski, “A Threat Analysis Framework as Applied to Critical Infrastructures in the Energy Sector “,Sandia National Laboratories, September 2007
    32. Lindgreen, A., Palmer, R., and Vanhamme, J. “Contemporary marketing practice: theoretical propositions and practical implications”, Marketing Intelligence and Planning, Vol. 22 No. 6, pp. 673-692. (ISSN 0263-4503), 2004
    33. Leandros A. Maglaras, Ki-Hyung Kim, Helge Janickea, Mohamed Amine Ferragc,Stylianos Rallis, Pavlina Fragkoue, Athanasios Maglarasf, Tiago J. Cruz: Cyber security of critical infrastructures, ScienceDirect, 2018
    34. National Institute of Standards and Technology, “Framework for Improving Critical Infrastructure Cyber security”, February 12, 2014
    35. UK Cabinet Office, "The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world", November 2011
    36. David Clark, Characterizing cyberspace: past, present and future, MIT CSAIL, 2010