TY - GEN
T1 - Understanding the Defence of Operational Technology (OT) Systems: A Comparison of Lockheed Martin’s Cyber Kill Chain, MITRE ATT&CK Framework, and Diamond Model
AU - Kareem, Kamor
AU - Naik, Nitin
AU - Jenkins, Paul
AU - Grace, Paul
AU - Song, Jingping
PY - 2024/12/19
Y1 - 2024/12/19
N2 - As organisations worldwide strive to optimise processes and digitise systems, Operational Technologies (OT) are increasingly being integrated with Information Technologies (IT). Consequently, this complex amalgamation is challenging cybersecurity professionals to understand and analyse both the attack surfaces and attack vectors that threat actors could potentially exploit. Cybersecurity professionals have been driven to explore different attack models to understand and analyse various cyberattacks and their attack vectors. There are several attack models that have already been developed and are being used in the analysis of different cyberattacks and their mitigations. Each of these attack models has some specific characteristics, strengths and limitations. It is therefore crucial to study the use of the most common attack models for operational technologies in order to comprehend their effectiveness for analysing cyberattacks on OT systems. This paper will analyse the features, strengths, and limitations of three widely recognised attack models: Lockheed Martin’s Cyber Kill Chain, MITRE ATT&CK Framework and Diamond Model for OT systems. It conducts a comparative analysis of these three attack models to provide a complete evaluation of the most suitable model for OT systems.
AB - As organisations worldwide strive to optimise processes and digitise systems, Operational Technologies (OT) are increasingly being integrated with Information Technologies (IT). Consequently, this complex amalgamation is challenging cybersecurity professionals to understand and analyse both the attack surfaces and attack vectors that threat actors could potentially exploit. Cybersecurity professionals have been driven to explore different attack models to understand and analyse various cyberattacks and their attack vectors. There are several attack models that have already been developed and are being used in the analysis of different cyberattacks and their mitigations. Each of these attack models has some specific characteristics, strengths and limitations. It is therefore crucial to study the use of the most common attack models for operational technologies in order to comprehend their effectiveness for analysing cyberattacks on OT systems. This paper will analyse the features, strengths, and limitations of three widely recognised attack models: Lockheed Martin’s Cyber Kill Chain, MITRE ATT&CK Framework and Diamond Model for OT systems. It conducts a comparative analysis of these three attack models to provide a complete evaluation of the most suitable model for OT systems.
KW - Cyber Attack Model
KW - Diamond Model
KW - Lockheed Martin’s Cyber Kill Chain
KW - MITRE ATT&CK Framework
KW - OT
KW - Operational Technology
UR - https://link.springer.com/chapter/10.1007/978-3-031-74443-3_35
UR - http://www.scopus.com/inward/record.url?scp=85214256582&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-74443-3_35
DO - 10.1007/978-3-031-74443-3_35
M3 - Conference publication
SN - 9783031744426
T3 - Lecture Notes in Networks and Systems
SP - 605
EP - 624
BT - Contributions Presented at The International Conference on Computing, Communication, Cybersecurity and AI, July 3–4, 2024, London, UK: The C3AI 2024
A2 - Naik, Nitin
A2 - Jenkins, Paul
A2 - Prajapat, Shaligram
A2 - Grace, Paul
ER -