Dynamic Cyber Resilience of Interdependent Critical Information Infrastructures
JUMA, MAZEN GHAZI
MetadataShow full item record
We are becoming progressively reliant on the Critical Information Infrastructures (CIIs) to provide essential services in our daily lives, such as telecommunications, energy facilities, financial systems, and power grids. These interdependent infrastructures form one coupled heterogeneous network that qualifies them to deliver new cyber roles and crucial tasks not achievable before in numerous domains worldwide. The CIIs have to deal with sophisticated cyber risks resulting from cyber vulnerabilities of their scale-free topology targeted by different cyber threats like concurrent and consecutive cyberattacks to the expected failure cause of the single hub nodes in their decentralized structures lead to cascading and escalating cyber failures that interrupt the vital services and considerable losses in modern societies with vast negative impacts on the economy and national security. Therefore, the research community has attempted over the last decade to pay attention to address the cyber protection gaps of CIIs in many studies by enhancing the existing standard solutions based on cyber trustfulness engineering, for example, distance-vector, link-state, and path-rule solutions, or developing new ones, but still missing one comprehensive technology solution. The required solution has to bridge the current literature gaps by shifting the paradigm of cyber CIIs protection properly towards dynamic cyber resilience to balance proactive and reactive perspectives at theoretical and empirical levels. Besides, it also needs to understand, analyze, evaluate, and optimize the set of dynamic cyber resilience capabilities consisting of withstanding, mitigation, recovery, and normalization. These capabilities support the various states of the typical cycle of dynamic cyber resilience, including threshold, bottom, and equilibrium states to increase CIIs robustness against cyberattacks, absorb frequent cyber disturbances that occurred, recover quickly from cyber failures, and re-establish their acceptable performance levels within appropriate timeframe. This thesis presents the novel proposed solution of dynamic cyber resilience using cyber zero-trust engineering for the first time to cope with highlighted shortcomings of the standard solutions, overcome the single hub node failure and enhance dynamic cyber resilience capabilities of interdependent CII networks against concurrent and consecutive cyberattacks to deliver their core services continuously. The research goal of this thesis was accomplished by an iterative four-objective cycle through two phases: primary and optimization. In the primary phase, the novel conceptual framework of the proposed solution was developed based on four fundamental concepts: decentralized registry, delegated peers, consensus rules, and dynamic routing. The technology stack of the proposed solution was also implemented with four algorithms and eight protocols. The evaluation results of the proposed solution were compared to the results of standard solutions under different cyberattack scenarios using quantitative research methods involving computing simulations, emulation experiments, and analytical modeling. The optimization phase improved the conceptual framework by adding three new fundamental concepts: hubs coupling, encrypted transmission, and end-to-end service quality. The technology stack was also enhanced with three new algorithms and five protocols. The proposed solution was optimized using the iterative four-objective cycle based on previous primary phase results. Lastly, all results in both phases were analyzed and discussed, and the final findings of the thesis were interpreted. However, it can be concluded that the proposed solution failed to compete with other standard solutions in terms of dynamic cyber resilience capabilities and total resilience measurements during the primary phase. Nevertheless, the optimized solution achieved the optimal results compared to the standard solutions. Finally, study limitations and recommendations for future works represented the research outcomes and contributions.