Cybercrimes against the electricity infrastructure

RUcore: Rutgers University Community Repository

Search
- All
- Text
- Images
- Audio
- Video
Advanced Search | Help

Search all content in all RUcore collections.
Services
Collections

Help Contact Us My Account

Home

Resource

Staff View

Cybercrimes against the electricity infrastructure

Descriptive Metadata

Rights Metadata

Technical Metadata

Descriptive

TitleInfo

Title

Cybercrimes against the electricity infrastructure

SubTitle

exploring hacker and industry perceptions

Name (type = personal)

NamePart (type = family)

Rege

NamePart (type = given)

Aunshul

NamePart (type = date)

1979-

DisplayForm

Aunshul Rege

Role

RoleTerm (authority = RULIB)

author

Name (type = personal)

NamePart (type = family)

Clarke

NamePart (type = given)

Ronaldd

DisplayForm

Ronaldd Clarke

Affiliation

Advisory Committee

Role

RoleTerm (authority = RULIB)

chair

Name (type = personal)

NamePart (type = family)

Samuels

NamePart (type = given)

Norman

DisplayForm

Norman Samuels

Affiliation

Advisory Committee

Role

RoleTerm (authority = RULIB)

internal member

Name (type = personal)

NamePart (type = family)

Miller

NamePart (type = given)

Joel

DisplayForm

Joel Miller

Affiliation

Advisory Committee

Role

RoleTerm (authority = RULIB)

internal member

Name (type = personal)

NamePart (type = family)

Newman

NamePart (type = given)

Graeme

DisplayForm

Graeme Newman

Affiliation

Advisory Committee

Role

RoleTerm (authority = RULIB)

outside member

Name (type = corporate)

NamePart

Rutgers University

Role

RoleTerm (authority = RULIB)

degree grantor

Name (type = corporate)

NamePart

Graduate School - Newark

Role

RoleTerm (authority = RULIB)

school

TypeOfResource

Text

Genre (authority = marcgt)

theses

OriginInfo

DateCreated (qualifier = exact)

2012

DateOther (qualifier = exact); (type = degree)

2012-05

CopyrightDate (qualifier = exact)

2012

Place

PlaceTerm (type = code)

Language

LanguageTerm (authority = ISO639-2b); (type = code)

eng

Abstract (type = abstract)

The US electricity infrastructure uses Industrial Control Systems (ICS) to oversee its operations. These systems are connected online for better efficiency, making them susceptible to cyberattacks. Current research has extensively addressed ICS vulnerabilities that can be exploited by cybercriminals. Vulnerabilities, however, are only one of the many factors influencing offender decision-making in cyberattacks. Furthermore, numerous conceptions of threats, vulnerabilities, and consequences exist, which further complicate ICS security assessments. This exploratory study therefore has two main goals. First, it seeks to compare industry and hacker perceptions on electricity ICS threats, vulnerabilities, and consequences. Second, it seeks to identify a broader set of factors that influence offender decision-making in ICS cyberattacks. Routine activity and rational choice theories guided this study. Nine preliminary offender decision-making factors were organized to create the PARE RISKS framework: Prevention Measures; Attacks and Alliances; Result; Ease of Access; Response and Recovery; Interconnectedness and Interdependencies; Security Testing, Assessments, and Audits; Knowledge, Skills, Research and Development; and System Weaknesses. A total of 323 participants from both industry and (ethical) hacking communities completed PARE RISKS surveys, which were analyzed using non-parametric statistical tests and exploratory factor analysis. Seven interviews were conducted and subjected to a thematic analysis to supplement survey findings. The hypotheses that guided this research were all confirmed. It was found that hackers and industry experts differed in their perceptions of threats, consequences, system vulnerabilities and prevention measures. Hackers were more likely than industry respondents to believe that cybercriminals accessed hacking forums, exploited internet and email access, and exploited poor password practices. Industry respondents were more likely than hackers to believe that the desired outcomes of cyberattacks included information corruption, inaccurate information processing, and denial/disruption of service. The PARE RISKS framework was also found to be useful in identifying factors in the pre-attack and attack-in-progress environments that influenced offender decision-making. Hackers and industry respondents believed that cybercriminals engaged in extensive research to select targets; used an assortment of techniques; operated in anonymous, compartmentalized groups; required adequate skills, money, and time; and employed cost-benefit analysis and strategic attack plans both before and during attacks.

Subject (authority = RUETD)

Topic

Criminal Justice

RelatedItem (type = host)

TitleInfo

Title

Rutgers University Electronic Theses and Dissertations

Identifier (type = RULIB)

ETD

Identifier

ETD_4009

PhysicalDescription

Form (authority = gmd)

electronic resource

InternetMediaType

application/pdf

InternetMediaType

text/xml

Extent

vi, 194 p. : ill.

Note (type = degree)

Ph.D.

Note (type = bibliography)

Includes bibliographical references

Note (type = vita)

Includes vita

Note (type = statement of responsibility)

by Aunshul Rege

Subject (authority = ETD-LCSH)

Topic

Electric industries--Equipment and supplies

Subject (authority = ETD-LCSH)

Topic

Hacktivism--United States

Subject (authority = ETD-LCSH)

Topic

Cyberterrorism--United States

Identifier (type = hdl)

http://hdl.rutgers.edu/1782.1/rucore10002600001.ETD.000065057

RelatedItem (type = host)

TitleInfo

Title

Graduate School - Newark Electronic Theses and Dissertations

Identifier (type = local)

rucore10002600001

Location

PhysicalLocation (authority = marcorg); (displayLabel = Rutgers, The State University of New Jersey)

NjNbRU

Identifier (type = doi)

doi:10.7282/T33R0RVX

Genre (authority = ExL-Esploro)

ETD doctoral

Back to the top

Rights

RightsDeclaration (ID = rulibRdec0006)

The author owns the copyright to this work.

RightsHolder (type = personal)

Name

FamilyName

Rege

GivenName

Aunshul

Role

RightsEvent

Type

Permission or license

DateTime (encoding = w3cdtf); (qualifier = exact); (point = start)

2012-04-17 15:46:49

AssociatedEntity

Name

Aunshul Rege

Role

Affiliation

Rutgers University. Graduate School - Newark

AssociatedObject

Type

License

Name

Author Agreement License

Detail

I hereby grant to the Rutgers University Libraries and to my school the non-exclusive right to archive, reproduce and distribute my thesis or dissertation, in whole or in part, and/or my abstract, in whole or in part, in and from an electronic format, subject to the release date subsequently stipulated in this submittal form and approved by my school. I represent and stipulate that the thesis or dissertation and its abstract are my original work, that they do not infringe or violate any rights of others, and that I make these grants as the sole owner of the rights to my thesis or dissertation and its abstract. I represent that I have obtained written permissions, when necessary, from the owner(s) of each third party copyrighted matter to be included in my thesis or dissertation and will supply copies of such upon request by my school. I acknowledge that RU ETD and my school will not distribute my thesis or dissertation or its abstract if, in their reasonable judgment, they believe all such rights have not been secured. I acknowledge that I retain ownership rights to the copyright of my work. I also retain the right to use all or part of this thesis or dissertation in future works, such as articles or books.

Status

Availability

Status

Open

Reason

Permission or license

Back to the top

Technical

FileSize (UNIT = bytes)

1183744

OperatingSystem (VERSION = 5.1)

windows xp

ContentModel

ETD

MimeType (TYPE = file)

application/pdf

MimeType (TYPE = container)

application/x-tar

FileSize (UNIT = bytes)

1187840

Checksum (METHOD = SHA1)

a84197738b533c66a0001e6f911fd195b49a1078

Back to the top

Version 8.5.5