The industrial internet of things (IIoT) is emerging as a global trend to dramatically enhance the intelligence and efficiency of the industries in recent years. With the emphasis on data communication by IIoT, cyber vulnerabilities are introduced at the same time. As a key subsystem of the industrial automation systems, the supervisory control and data acquisition (SCADA) system is becoming one of the primary targets for cyberattacks in the IIoT paradigm. In this paper, the semi-Markov process (SMP) is employed to model and evaluate the cyberattacks against the SCADA systems considering the insider assistance. Based on the SMP model, the probability distribution of the time-to-compromise the system of the attacks is derived with the Monte Carlo simulation (MCS). Then, a FlipIt game model is developed to investigate the defense and attack strategies of the defender and attacker, and analyze the impacts of the insider assistance. Case studies were carried out to verify the proposed model. The results of the case studies show that the insider assistance will improve the payoff of the attacker and increase the defense action frequency of the system defender. With a high enough defense action frequency, the defender can force the attacker to drop out and eliminate the attack actions.

中文翻译：

---

考虑内部协助的基于 FlipIt 博弈模型的针对 SCADA 系统网络攻击的防御策略


近年来，工业物联网（IIoT）正在成为全球趋势，极大地提高了工业的智能化和效率。随着工业物联网对数据通信的重视，网络漏洞也随之出现。作为工业自动化系统的关键子系统，监控和数据采集（SCADA）系统正在成为工业物联网范式中网络攻击的主要目标之一。本文采用半马尔可夫过程（SMP）来建模和评估考虑内部协助的 SCADA 系统的网络攻击。基于SMP模型，通过蒙特卡罗模拟（MCS）推导了攻击系统的入侵时间的概率分布。然后，开发了FlipIt博弈模型来研究防御者和攻击者的防御和攻击策略，并分析内部协助的影响。进行了案例研究来验证所提出的模型。案例研究结果表明，内部人协助会提高攻击者的收益，并增加系统防御者的防御行动频率。凭借足够高的防御动作频率，防御者可以迫使攻击者退出并消除攻击动作。