An Indicators-of-Risk Library for Industrial Network Security
2021
This paper introduces an “Indicator of Risk (IoR) Library” that leverages the MITRE ATT&CK for Industrial Control Systems (ICS) knowledge base to support continuous risk monitoring. This allows also making use of variables that are already being monitored to analyse risks in a continuous basis. IoRs broaden the concept of Indicators of Compromise by combining detection strategies with probabilistic inference as a tool for quantifying cyber-security risks. The latest version of the Library has 95 IoRs and has been reviewed by professionals from three major companies and cross-referenced against detection use-cases implemented by other researchers to validate its potential to identify variables for monitoring cyber-risks in ICS.
Keywords:
- Correction
- Source
- Cite
- Save
- Machine Reading By IdeaReader
11
References
0
Citations
NaN
KQI