TY - GEN
T1 - Putting Attacks in Context
T2 - 17th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2020
AU - Esquivel-Vargas, Herson
AU - Caselli, Marco
AU - Laanstra, Geert Jan
AU - Peter, Andreas
N1 - Publisher Copyright:
© 2020, Springer Nature Switzerland AG.
PY - 2020
Y1 - 2020
N2 - Cybersecurity research relies on the reproducibility and deep understanding of attacks to devise appropriate solutions. Different kinds of testbeds are typically used to systematically execute attacks and evaluate defenses. Testbeds are widely used to demonstrate Building Automation and Control System (BACS) attacks and defenses, considered too risky to be executed on real infrastructures. However, those testbeds implement arbitrary configurations of building services that do not resemble real-world deployments. In this work, we present the first BACS testbed specially designed to assess the impact of cyberattacks from the victim’s perspective. It features general purpose building services such as illumination, ventilation, and temperature control, whose configuration is easily adapted to emulate the requirements of real-world locations. In this way, the context added to our testbed allows us to better understand the impact of BACS attacks through concrete and realistic scenarios. Moreover, by analyzing different configurations of the BACS (i.e., contexts), we found out that identical attacks may have dramatically different impacts. Thus, reinforcing our view on the relevance of adding context to BACS testbeds.
AB - Cybersecurity research relies on the reproducibility and deep understanding of attacks to devise appropriate solutions. Different kinds of testbeds are typically used to systematically execute attacks and evaluate defenses. Testbeds are widely used to demonstrate Building Automation and Control System (BACS) attacks and defenses, considered too risky to be executed on real infrastructures. However, those testbeds implement arbitrary configurations of building services that do not resemble real-world deployments. In this work, we present the first BACS testbed specially designed to assess the impact of cyberattacks from the victim’s perspective. It features general purpose building services such as illumination, ventilation, and temperature control, whose configuration is easily adapted to emulate the requirements of real-world locations. In this way, the context added to our testbed allows us to better understand the impact of BACS attacks through concrete and realistic scenarios. Moreover, by analyzing different configurations of the BACS (i.e., contexts), we found out that identical attacks may have dramatically different impacts. Thus, reinforcing our view on the relevance of adding context to BACS testbeds.
UR - http://www.scopus.com/inward/record.url?scp=85088512042&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-52683-2_3
DO - 10.1007/978-3-030-52683-2_3
M3 - Contribución a la conferencia
AN - SCOPUS:85088512042
SN - 9783030526825
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 44
EP - 64
BT - Detection of Intrusions and Malware, and Vulnerability Assessment - 17th International Conference, DIMVA 2020, Proceedings
A2 - Maurice, Clémentine
A2 - Bilge, Leyla
A2 - Stringhini, Gianluca
A2 - Neves, Nuno
PB - Springer
Y2 - 24 June 2020 through 26 June 2020
ER -