BridgeInsight: An asset profiler for penetration testing in a heterogeneous maritime bridge environment
Keywords:Maritime cyber security, Machine learning, Asset profiler, Automated audits, Pentesting
A maritime bridge environment is a heterogeneous ecosystem of complex systems for various operations. As part of new requirements set by the International Association of Classification Societies, ship operators must now maintain an asset inventory aboard vessels specifically to improve their cyber security. This paper discusses the development of a ship-specific asset profiler that will not only identify and record the devices present automatically but also provide an in-depth analysis of their properties and characteristics in an intelligent and user-friendly manner. As cyberattacks increase in the maritime industry, proper testing of ship systems is essential, to ensure vessels remain secure and the risk of a cyberattack is minimized. An asset profiler for the bridge environment would serve as a tool for profiling the devices, helping personnel make faster and well-informed decisions, and could be a component of a wider audit framework. This paper presents a ship bridge profiler (i.e., BridgeInsight) used to identify all devices on the bridge of a vessel automatically and which provides information on them using a generated PDF report that consists of graphs and charts. To do this, it uses the Random Forest classifier algorithm, and the information it provides will enable the auditor or pen tester to perform manual testing or automate audits, while also providing comprehensive information that engineers and mariners can use to comply with regulations.
- As part of new requirements set by the International Association of Classification Societies, ship operators must now maintain asset inventory aboard vessels specifically to improve their cyber security.
- This paper presents a ship bridge profiler (i.e., BridgeInsight) used to identify all devices on the bridge of a vessel automatically.
- We envision automated asset detection and classification to have even more benefit in future cyber security work, as penetration testing.
Acord, J. (2017). Situational awareness and ICS Using GRASS MARLIN: Infosec. Retrieved from https://resources.infosecinstitute.com/topics/scada-ics-security/situational-awareness-ics-using-grass-marlin
Alharbi, M. (2010). Writing a penetration testing report. Retrieved from https://sansorg.egnyte.com/dl/yNfjHOQix8
Altexsoft. (2021). Preparing your dataset for machine learning: 10 steps - AltexSoft. Retrieved from https://www.altexsoft.com/blog/datascience/preparing-your-dataset-for-machine-learning-8-basic-techniques-that-make-your-data-better
Ammar, N., Noirie, L., & Tixeuil, S. (2019). Network-protocol-based IoT device identification (pp. 204-209). In Proceedings of the 4th International Conference on Fog and Mobile Edge Computing, Rome, Italy. https://doi.org/10.1109/FMEC.2019.8795318
Amro, A. (2021). Cyber-physical tracking of IoT devices: A maritime use case. Norwegian ICT conference for research and education. Retrieved from https://ojs.bibsys.no/index.php/NIK/article/view/961
Auvik. (2022). What is an ARP Ttable? Address Resolution Protocol 101-Auvik. Retrieved from https://www.auvik.com/franklyit/blog/what-is-an-arp-table
Auvik. (2023). Network mapping software: Auvik Networks. Retrieved from https://www.auvik.com/features/network-navigation
Bagur, J. (2023). GPS NMEA 0183 Messaging Protocol 101: Arduino Documentation. Retrieved from https://docs.arduino.cc/learn/communication/gps-nmea-data-101
Bolbot, V., Kulkarni, K., Brunou, P., Banda, O. V., & Musharraf, M. (2022). Developments and research directions in maritime cybersecurity: A systematic literature review and bibliometric analysis. International Journal of Critical Infrastructure Protection, 39, 100571. https://doi.org/10.1016/j.ijcip.2022.100571
Bothur, D., Zheng, G., & Valli, C. (2017). A critical analysis of security vulnerabilities and countermeasures in a smart ship system (pp. 81-87). In Proceedings of the 15th Australian Information Security Management Conference. Perth, Western Australia.
Censys. (2023). Exposure management and threat hunting solutions: Censys. Retrieved from https://censys.io
CVE Mitre. (2020). CVE-2020-12117. Retrieved from https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12117
FutureIoT. (2020). Surge in obsolete network devices pose cybersecurity risk: FutureIoT. Retrieved from https://futureiot.tech/surge-in-obsolete-network-devices-pose-cybersecurity-risk
Gehlenborg, N., & Wong, B. (2012). Heatmaps. Nat Methods, 9, 213. https://doi.org/10.1038/nmeth.1902
Hamad, S. A., Zhang, W. E., Sheng, Q. Z., & Nepal, S. (2019). IoT device identification via network-flow based fingerprinting and learning (pp. 103-111). In Proceedings of the Proceedings 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 13th IEEE International Conference on Big Data Science and Engineering. Rotorua, New Zealand. https://doi.org/10.1109/TrustCom/BigDataSE.2019.00023
IACS. (2022a). E26 - Cyber Resilience of Ships. London: International Association of Classification Societies. Retrieved from https://iacs.org.uk/download/14104
IACS. (2022b). E27 - Cyber Resilience of On-board Systems and Equipment. London: International Association of Classification Societies. Retrieved from https://iacs.org.uk/download/14105
IACS. (2022c). Unified Requirements. Retrieved from https://iacs.org.uk/publications/unified-requirements
IASME. (2021a). IASME launches cyber security scheme for the maritime industry. Retrieved from https://iasme.co.uk/cyber-blog/iasme-launches-cyber-security-scheme-for-the-maritime-industry
IASME. (2021b). Maritime Cyber Baseline Self-Assessment Questions. Retrieved from https://iasme.co.uk/wp-content/uploads/2022/11/Maritime-Question-Booklet_V1.1.pdf
Jeon, D. K., & Lee, Y. (2014). A ship area network with WiMedia wireless gateway applying a cooperative transmission. Contemporary Engineering Sciences, 7(23), 1235-1243. http://dx.doi.org/10.12988/ces.2014.49153
Keary, T. (2022). PCAP: Packet Capture, what it is what you need to know. Retrieved from https://www.comparitech.com/net-admin/pcap-guide
Kretschmann, L., Zacharias, M., Klover, S., & Hensel, T. (2022). Machine Learning in Maritime Logistics. Retrieved from https://shipzero.com/wp-content/uploads/2022/12/10015_compressed.pdf
Liu, Y., Wang, J., Li, J., Niu, S., & Song, H. (2022). Machine learning for the detection and identification of internet of things devices: A survey. IEEE Internet of Things Journal, 9(1), 298-320. https://doi.org/10.1109/JIOT.2021.3099028
Loomis, W., Singh, V., Kessler, G. C., & Bellekens, X. (2021). Raising the colors: Signaling for cooperation on maritime cybersecurity. Retrieved from https://www.atlanticcouncil.org/wp-content/uploads/2021/10/Raising-the-colors-Signaling-for-cooperation-on-maritime-cybersecurity.pdf
Moxa. (2023). Which are the most common TCP and UDP ports used by serial-to-Ethernet device servers? Retrieved from https://www.moxa.com/en/support/product-support/product-faq/most-common-tcp-udp-ports-used-by-serial-to-ethernet-device-servers
Nagesh Singh Chauhan. (2020). Decision Tree Algorithm, Explained: KDnuggets. Retrieved from https://www.kdnuggets.com/2020/01/decision-tree-algorithm-explained.html
Networkx. (2023). NetworkX documentation. Retrieved from https://networkx.org
NIST. (2022). National Vulnerability Database (NVD). Retrieved from https://www.nist.gov/programs-projects/national-vulnerability-database-nvd
Nmap. (2023a). Chapter 4. Port Scanning Overview: Nmap Network Scanning. Retrieved from https://nmap.org/book/port-scanning.html#most-popular-ports
Nmap. (2023b). Nmap: The Network Mapper - Free Security Scanner. Retrieved from https://nmap.org
NSA. (2017). GRASSMARLIN user guide. Retrieved from https://github.com/iadgov/GRASSMARLIN/blob/master/GRASSMARLINUserGuide.pdf
Pedregosa, F., Varoquaux, G., Gramfort, A., Michel, V., Thirion, B., Grisel, O., Blondel, M., Müller, A., Nothman, J., Louppe, G., Prettenhofer, P., Weiss, R., Dubourg, V., Vanderplas, J., Passos, A., Cournapeau, D., Brucher, M., Perrot, M., & Duchesnay, É. (2011). Scikit-learn: Machine Learning in Python. Journal of Machine Learning Research, 12, 2825-2830.
Rapid7. (2023). Metasploit Framework: Metasploit Documentation. Retrieved from https://docs.rapid7.com/metasploit/msf-overview
Shodan. (2023). Shodan Search Engine. Retrieved from https://www.shodan.io
Sivanathan, A., Gharakheili, H. H., & Sivaraman, V. (2018). Can we classify an IoT device using TCP port scan? In Proceedings of the IEEE 9th International Conference on Information and Automation for Sustainability. Colombo, Sri Lanka. https://doi.org/10.1109/ICIAFS.2018.8913346
Sivanathan, A., Sherratt, D., Gharakheili, H. H., Radford, A., Wijenayake, C., Vishwanath, A., & Sivaraman, V. (2017). Characterizing and classifying IoT traffic in smart cities and campuses (pp. 559-564). In Proceedings of the 2017 IEEE Conference on Computer Communications Workshops. Atlanta, USA. https://doi.org/10.1109/INFCOMW.2017.8116438
SolarWinds. (2023). Network Topology Mapper - Network Mapping Software. Retrieved from https://www.solarwinds.com/network-topology-mapper
Tam, K., & Jones, K. (2019). MaCRA: A model-based framework for maritime cyber-risk assessment. WMU Journal of Maritime Affairs, 18(1), 129-163. http://dx.doi.org/10.1007/s13437-019-00162-2
Tam, K., Forshaw, K., & Jones, K. (2019). Cyber-SHIP: Developing next generation maritime cyber research capabilities. In Proceedings of the International Conference on Marine Engineering and Technology Oman 2019. Muscat, Oman. https://doi.org/10.24868/icmet.oman.2019.005
US Coast Guard. (2021). Cyber Strategic Outlook AUG 2021. Retrieved from https://www.uscg.mil/Portals/0/Images/cyber/2021-Cyber-Strategic-Outlook.pdf
Vineetha, H. A., Tam, K., & Jones, K. (2022). Investigating the security and accessibility of voyage data recorder data using a USB attack (pp. 74-80). In Proceedings of the 7th International Conference on Cyber-Technologies and Cyber-Systems. Valencia, Spain.
How to Cite
Copyright (c) 2023 Maritime Technology and Research
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Copyright: CC BY-NC-ND 4.0