Date of Award
3-23-2017
Document Type
Thesis
Degree Name
Master of Science
Department
Department of Electrical and Computer Engineering
First Advisor
Robert Mills, PhD.
Abstract
A cybersecurity initiative known as cyber threat intelligence (CTI) has recently been developed and deployed. The overall goal of this new technology is to help protect network infrastructures. Threat intelligence platforms (TIPs) have also been created to help facilitate CTI effectiveness within organizations. There are many benefits that both can achieve within the information technology (IT) sector. The industrial control system (ICS) sector can also benefit from these technologies as most ICS networks are connected to IT networks. CTI and TIPs become resourceful when using indicators of compromise (IOCs) from known ICS malware attacks and an open source intrusion detection system (IDS). This research shows how these IT-based technologies may help protect ICS. Three known malware attack scenarios are used to showcase its likely deployment. These scenarios are well-documented campaigns that targeted ICS environments and consisted of numerous IOCs. Equipped with this data, critical asset owners can obtain situational awareness on potential attacks and protect their devices with the proper implementation of CTI and TIP technologies.
AFIT Designator
AFIT-ENG-MS-17-M-069
DTIC Accession Number
AD1054758
Recommended Citation
Sibiga, Matthew P., "Applying Cyber Threat Intelligence to Industrial Control Systems" (2017). Theses and Dissertations. 1604.
https://scholar.afit.edu/etd/1604
Included in
Digital Communications and Networking Commons, Information Security Commons, Systems and Communications Commons