Date of Award

10-2-2019

Document Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Systems Engineering

First Advisor

Hirak Patangia

Abstract

Cybersecurity vulnerability assessment tools, frameworks, methodologies, and processes are commonly used to understand the cybersecurity maturity and posture of a system or a facility. Those tools are strictly developed based on standards defined by organizations such as the National Institute of Standards and Technology (NIST) and the U.S. Department of Energy, and the majority of these tools and frameworks do not provide a platform to prioritize the requirements to reach a desired cybersecurity maturity. To address that challenge, we used multi-criteria decision analysis (MCDA) techniques to develop a framework and a software application family called the Cybersecurity Framework and Algorithms for Prioritized Vulnerability Mitigation (CyFer). CyFer is built with multi-layer mathematical filters and logical constructs that can be used in-line with several existing vulnerability assessment frameworks and maturity models to prioritize the discovered vulnerabilities and identify the ideal mitigation path. The efficacy of CyFer was evaluated by applying it to a newly developed blockchain cybersecurity framework (BC2F). BC2F was developed using the NIST cybersecurity framework to evaluate the cybersecurity posture of the blockchain nodes and network for a given blockchain application or use case. This dissertation provides a detailed architecture of CyFer and demonstrates its application to BC2F. In addition to CyFer architecture demonstration, this document also demonstrates the efficacy of CyFer by the algorithm’s response on well-known large-scale cyber-attack that impacted the critical infrastructure over the last decade.

Included in

Cybersecurity Commons

Share

COinS