{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,27]],"date-time":"2026-04-27T10:37:17Z","timestamp":1777286237270,"version":"3.51.4"},"reference-count":31,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2020,2,3]],"date-time":"2020-02-03T00:00:00Z","timestamp":1580688000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2020,2,3]],"date-time":"2020-02-03T00:00:00Z","timestamp":1580688000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int J Syst Assur Eng Manag"],"published-print":{"date-parts":[[2020,6]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Adoption of information and communication technologies (ICT) in railway has improved the reliability, maintainability, operational efficiency, capacity as well as the comfort of passengers. This adoption introduces new vulnerabilities and entry points for hackers to launch attacks. Advanced cybersecurity threats with automated capabilities are increasing in such sectors as finance, health, grid, retail, government, telecommunications, transportation, etc. These cyber threats are also increasing in railways and, therefore, it needs for cybersecurity measures to predict, detect and respond these threats. The cyber kill chain (CKC) model is a widely used model to detect cyber-attacks and it consists of seven stages\/chains; breaking the chain at an early stage will help the defender stop the adversary\u2019s malicious actions. Due to lack of real cybersecurity data, this research simulates cyber-attacks to calculate the attack penetration probabilities at each stage of the cyber kill chain model. The objective of this research is to predict cyber-attack penetrations by implementing various security controls using modeling and simulation. This research is an extension of developed railway defender kill chain which provides security controls at each stage of CKC for railway organizations to minimize the risk of cyber threats.<\/jats:p>","DOI":"10.1007\/s13198-020-00952-5","type":"journal-article","created":{"date-parts":[[2020,2,3]],"date-time":"2020-02-03T17:04:25Z","timestamp":1580749465000},"page":"600-613","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Predictive model for multistage cyber-attack simulation"],"prefix":"10.1007","volume":"11","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0734-0959","authenticated-orcid":false,"given":"Ravdeep","family":"Kour","sequence":"first","affiliation":[]},{"given":"Adithya","family":"Thaduri","sequence":"additional","affiliation":[]},{"given":"Ramin","family":"Karim","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,2,3]]},"reference":[{"key":"952_CR1","unstructured":"Ahlstrom T (2019) Sweden: cyber security. Retrieved from https:\/\/www.export.gov\/article?id=Sweden-Cyber-Security. Accessed 13 Aug 2019"},{"issue":"2","key":"952_CR2","doi-asserted-by":"publisher","first-page":"280","DOI":"10.1109\/TMC.2010.146","volume":"10","author":"T Alpcan","year":"2010","unstructured":"Alpcan T, Buchegger S (2010) Security games for vehicular networks. IEEE Trans Mob Comput 10(2):280\u2013290","journal-title":"IEEE Trans Mob Comput"},{"key":"952_CR3","doi-asserted-by":"crossref","unstructured":"Bahamou S, Ouadghiri E, Driss M, Bonnin J (2016) When game theory meets VANET\u2019s security and privacy. Paper presented at the proceedings of the 14th international conference on advances in mobile computing and multi media, pp 292\u2013297","DOI":"10.1145\/3007120.3007168"},{"key":"952_CR4","doi-asserted-by":"crossref","unstructured":"Ciancamerla E, Minichino M, Palmieri S (2013) Modeling cyber attacks on a critical infrastructure scenario. Paper presented at the IISA 2013, pp 1\u20136","DOI":"10.1109\/IISA.2013.6623699"},{"key":"952_CR5","unstructured":"Ciprnet (2013) Critical infrastructures preparedness and resilience research network. EU project. Retrieved from https:\/\/www.ciprnet.eu\/home.html. Accessed 13 Aug 2019"},{"key":"952_CR6","unstructured":"Cisco (2018) Asia pacific security capabilities benchmark study. Retrieved from https:\/\/www.cisco.com\/c\/dam\/global\/en_au\/products\/pdfs\/executive_summary_cisco_2018_asia_pacific_Security_capabilities_benchmark_study.pdf. Accessed 13 Aug 2019"},{"key":"952_CR7","unstructured":"eTrax (2016) Railway traction power analysis | rail power system software. Retrieved from https:\/\/etap.com\/solutions\/railways. Accessed 13 Aug 2019"},{"issue":"1","key":"952_CR8","doi-asserted-by":"publisher","first-page":"393","DOI":"10.1016\/j.simpat.2010.07.012","volume":"19","author":"P Grube","year":"2011","unstructured":"Grube P, Nunez F, Cipriano A (2011) An event-driven simulator for multi-line metro systems and its application to santiago de chile metropolitan rail network. Simul Model Pract Theory 19(1):393\u2013405","journal-title":"Simul Model Pract Theory"},{"key":"952_CR9","unstructured":"He X (2017) Threat assessment for multistage cyber attacks in smart grid communication networks (doctoral dissertation, universit\u00e4t passau). Threat assessment for multistage cyber attacks in smart grid communication networks"},{"key":"952_CR10","doi-asserted-by":"crossref","unstructured":"Karnouskos S (2011) Stuxnet worm impact on industrial cyber-physical system security. Paper presented at the IECON 2011-37th annual conference of the IEEE industrial electronics society, pp 4490\u20134494","DOI":"10.1109\/IECON.2011.6120048"},{"key":"952_CR11","doi-asserted-by":"publisher","DOI":"10.1177\/0954409718822915","author":"R Kour","year":"2019","unstructured":"Kour R, Aljumaili M, Karim R, Tretten P (2019) eMaintenance in railways: issues and challenges in cybersecurity. Proc Inst Mech Eng F J Rail Rapid Transit. https:\/\/doi.org\/10.1177\/0954409718822915","journal-title":"Proc Inst Mech Eng F J Rail Rapid Transit"},{"issue":"1","key":"952_CR12","doi-asserted-by":"publisher","first-page":"47","DOI":"10.13052\/jcsm2245-1439.912","volume":"9","author":"R Kour","year":"2020","unstructured":"Kour R, Thaduri A, Karim R (2020) Railway defender kill chain to predict and detect cyber-attacks. J Cyber Secur Mobil 9(1):47\u201390","journal-title":"J Cyber Secur Mobil"},{"key":"952_CR13","unstructured":"Lockheed Martin (2009) Cyber kill chain\u00ae. Retrieved from https:\/\/www.lockheedmartin.com\/en-us\/capabilities\/cyber\/cyber-kill-chain.html. Accessed 13 Aug 2019"},{"key":"952_CR14","unstructured":"Martin L (2014) Cyber kill chain\u00ae. http:\/\/Cyber.Lockheedmartin.Com\/Hubfs\/GainingtheAdvantageCyberKillChain.Pdf. Accessed 13 Aug 2019"},{"key":"952_CR15","unstructured":"McAfee (2019) McAfee labs reports record. Retrieved from https:\/\/www.mcafee.com\/enterprise\/es-es\/about\/newsroom\/press-releases\/press-release.html?news_id=20180311005028. Accessed 13 Aug 2019"},{"key":"952_CR16","doi-asserted-by":"crossref","unstructured":"Mejri MN, Achir N, Hamdi M (2016) A new security games based reaction algorithm against DOS attacks in VANETs. Paper presented at the 2016 13th IEEE annual consumer communications and networking conference (CCNC), pp 837\u2013840","DOI":"10.1109\/CCNC.2016.7444896"},{"key":"952_CR17","unstructured":"NS-3 (2019) Network simulator. Retrieved from https:\/\/www.nsnam.org\/. Accessed 13 Aug 2019"},{"key":"952_CR18","unstructured":"OpenPowerNet Version, 1. 8. 1. (2019) Traction power supply and train performance simulation software. Retrieved from http:\/\/www.openpowernet.com\/. Accessed 13 Aug 2019"},{"key":"952_CR19","unstructured":"OpenTrack. (1990). Simulation of railway networks. Retrieved from http:\/\/www.opentrack.ch\/opentrack\/opentrack_e\/opentrack_e.html. Accessed 13 Aug 2019"},{"key":"952_CR20","unstructured":"OPNET. (2019). Opnet is now part of riverbed steelcentral\u2122. Retrieved from https:\/\/www.riverbed.com\/se\/products\/steelcentral\/opnet.html. Accessed 13 Aug 2019"},{"key":"952_CR21","doi-asserted-by":"crossref","unstructured":"Ross RS, Katzke SW, Johnson LA, Swanson MM (2007) Recommended security controls for federal information systems | NIST (No. Special Publication (NIST SP)-800-53 rev 2)o title","DOI":"10.6028\/NIST.SP.800-53r2"},{"key":"952_CR22","doi-asserted-by":"crossref","unstructured":"Rybnicek M, Tjoa S, Poisel R (2014) Simulation-based cyber-attack assessment of critical infrastructures. Paper presented at the Workshop on enterprise and organizational modeling and simulation, pp 135\u2013150","DOI":"10.1007\/978-3-662-44860-1_8"},{"key":"952_CR23","doi-asserted-by":"crossref","unstructured":"Sanjab A, Saad W, Ba\u015far T (2017) Prospect theory for enhanced cyber-physical security of drone delivery systems: a network interdiction game. Paper presented at the 2017 IEEE international conference on communications (ICC), pp 1\u20136","DOI":"10.1109\/ICC.2017.7996862"},{"issue":"5","key":"952_CR24","doi-asserted-by":"publisher","first-page":"1143","DOI":"10.1109\/TITS.2016.2600370","volume":"18","author":"H Sedjelmaci","year":"2016","unstructured":"Sedjelmaci H, Senouci SM, Ansari N (2016) Intrusion detection and ejection framework against lethal attacks in UAV-aided networks: a bayesian game-theoretic methodology. IEEE Trans Intell Transp Syst 18(5):1143\u20131153","journal-title":"IEEE Trans Intell Transp Syst"},{"key":"952_CR25","volume-title":"A model for cyber attack risks in telemetry networks","author":"NB Shourabi","year":"2015","unstructured":"Shourabi NB (2015) A model for cyber attack risks in telemetry networks. International Foundation for Telemetering, San Diego"},{"key":"952_CR26","doi-asserted-by":"crossref","unstructured":"Stouffer K, Lightman S, Pillitteri V, Abrams M, Hahn A (2014) NIST special publication 800-82, revision 2: guide to industrial control systems (ICS) security. National Institute of Standards and Technology","DOI":"10.6028\/NIST.SP.800-82r2"},{"key":"952_CR27","doi-asserted-by":"crossref","unstructured":"Teo Z, Tran BAN, Lakshminarayana S, Temple WG, Chen B, Tan R, Yau DK (2016) SecureRails: towards An open simulation platform for analyzing cyber-physical attacks in railways. Paper presented at the 2016 IEEE region 10 conference (TENCON), pp 95\u201398","DOI":"10.1109\/TENCON.2016.7847966"},{"key":"952_CR28","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1007\/s13198-019-00778-w","volume":"10","author":"A Thaduri","year":"2019","unstructured":"Thaduri A, Aljumaili M, Kour R, Karim R (2019a) Cybersecurity for eMaintenance in railway infrastructure: risks and consequences. Int J Syst Assur Eng Manag 10:149\u2013159","journal-title":"Int J Syst Assur Eng Manag"},{"issue":"2","key":"952_CR29","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1007\/s13198-019-00778-w","volume":"10","author":"A Thaduri","year":"2019","unstructured":"Thaduri A, Aljumaili M, Kour R, Karim R (2019b) Cybersecurity for eMaintenance in railway infrastructure: risks and consequences. Int J Syst Assur Eng Manag 10(2):149\u2013159. https:\/\/doi.org\/10.1007\/s13198-019-00778-w","journal-title":"Int J Syst Assur Eng Manag"},{"key":"952_CR30","unstructured":"University of Maryland (2007) Study: hackers Attack every 39 seconds. Retrieved from https:\/\/eng.umd.edu\/news\/story\/study-hackers-attack-every-39-seconds. Accessed 13 Aug 2019"},{"issue":"1","key":"952_CR31","first-page":"367","volume":"6","author":"X Yao","year":"2013","unstructured":"Yao X, Zhao P, Qiao K (2013) Simulation and evaluation of urban rail transit network based on multi-agent approach. J Ind Eng Manag (JIEM) 6(1):367\u2013379","journal-title":"J Ind Eng Manag (JIEM)"}],"container-title":["International Journal of System Assurance Engineering and Management"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s13198-020-00952-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s13198-020-00952-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s13198-020-00952-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,2,2]],"date-time":"2021-02-02T01:06:18Z","timestamp":1612227978000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s13198-020-00952-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,2,3]]},"references-count":31,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2020,6]]}},"alternative-id":["952"],"URL":"https:\/\/doi.org\/10.1007\/s13198-020-00952-5","relation":{},"ISSN":["0975-6809","0976-4348"],"issn-type":[{"value":"0975-6809","type":"print"},{"value":"0976-4348","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,2,3]]},"assertion":[{"value":"30 August 2019","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"30 August 2019","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"3 February 2020","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}