Litcius/Paper detail

Cyberattack Models for Ship Equipment Based on the MITRE ATT&CK Framework

Yong-Hyun Jo, Oongjae Choi, Jiwoon You, Youngkyun Cha, Dong Hoon Lee

2022Sensors41 citationsDOIOpen Access PDF

Abstract

Cybersecurity is important on ships that use information and communication technology. On such ships, the work, control, and sensor systems are connected for steering, navigation, and cargo management inside the hull, and a cyberattack can have physical consequences such as sinking and crashing. Research on ship cybersecurity is a new challenge, and related studies are lacking. Cyberattack models can provide better insight. With this study, we aim to introduce a cyberattack analysis method based on the MITRE ATT&CK framework so that a cyberattack model for ships can be established. In addition, we identify the characteristics of the attack phase by analyzing cases of hacking and vulnerability research for ship systems using tactics, techniques, and procedures, and suggest the minimum measures essential for defense. Using the ship cyberattack model, we aim to identify the characteristics of the systems used for ship navigation, communication, and control; provide an understanding of the threats and vulnerabilities; and suggest mitigation measures through the proposed model. We believe the results of this study could guide future research.

Topics & Concepts

Vulnerability (computing)Computer securityComputer scienceHackerWork (physics)EngineeringMechanical engineeringNetwork Security and Intrusion DetectionMaritime Navigation and SafetyAdvanced Malware Detection Techniques
Cyberattack Models for Ship Equipment Based on the MITRE ATT&CK Framework | Litcius