Designing Deceptions for Protecting Industrial Control Systems
摘要
Industrial-control systems (ICSs) are especially vulnerable cyberattack targets because of their role in critical infrastructure, their infrequently updated software, and their frequent need to run uninterrupted. For them, deception is a valuable active-defense method under cyberattack, as another line of defense after access controls and system monitoring. We provide here a general theory for planning deception defenses for ICSs. The theory enumerates the rich variety of options that can be considered for attack targets, deception locations, deception tactics, adversarial material goals, and adversary psychological goals. Our approach is to learn a model of attacker goals and priorities using reinforcement learning from the actions taken by an attacker or a class of attackers from the same source, and their intended targets. Goals and targets are chosen from a list of possibilities in the system, and priorities are inferred from a set of psychological “adversary variables”. We then select a set of deceptions most compatible with those goals and priorities. Implementing such deceptions can benefit from placing them in multiple layers for “defense in depth”.