An Incident Response Model for Industrial Control System Forensics Based on Historical Events - Critical Infrastructure Protection XIII Access content directly
Conference Papers Year : 2019

An Incident Response Model for Industrial Control System Forensics Based on Historical Events

Abstract

Cyber attacks on industrial control systems are increasing. Malware such as Stuxnet, Havex and BlackEnergy have demonstrated that industrial control systems are attractive targets for attackers. However, industrial control systems are not limited to malware attacks. Other attacks include SQL injection, distributed denial-of-service, spear phishing, social engineering and man-in-the-middle attacks. Additionally, methods such as unauthorized access, brute forcing and insider attacks have also targeted industrial control systems. Accidents such as fires and explosions at industrial plants also provide valuable insights into the targets of attacks, failure methods and potential impacts.This chapter presents an incident response model for industrial control system forensics based on historical events. In particular, representative industrial control system incidents – cyber attacks and accidents – that have occurred over the past 25 years are categorized and analyzed.The resulting incident response model is useful for forensic planning and investigations. The model enables incident response teams and forensic investigators to decide on the expertise, techniques and tools to be applied to ensure sound evidence acquisition, analysis and reporting.
Fichier principal
Vignette du fichier
491841_1_En_16_Chapter.pdf (455.5 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-03364562 , version 1 (04-10-2021)

Licence

Attribution

Identifiers

Cite

Ken Yau, Kam-Pui Chow, Siu-Ming Yiu. An Incident Response Model for Industrial Control System Forensics Based on Historical Events. 13th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2019, Arlington, VA, United States. pp.311-328, ⟨10.1007/978-3-030-34647-8_16⟩. ⟨hal-03364562⟩
29 View
118 Download

Altmetric

Share

Gmail Facebook X LinkedIn More