Journal is indexed in following databases:
- SCOPUS
- Web of Science Core Collection - Journal Citation Reports
- EBSCOhost
- Directory of Open Access Journals
- TRID Database - Transportation Research Board
- Index Copernicus Journals Master List
- BazTech
- Google Scholar
2023 Journal Impact Factor - 0.7
2023 CiteScore - 1.4
ISSN 2083-6473
ISSN 2083-6481 (electronic version)
Editor-in-Chief
Associate Editor
Prof. Tomasz Neumann
Published by
TransNav, Faculty of Navigation
Gdynia Maritime University
3, John Paul II Avenue
81-345 Gdynia, POLAND
e-mail transnav@umg.edu.pl
Ensuring Cyber Resilience of Ship Information Systems
1 National University “Odessa Maritime Academy”, Odessa, Ukraine
2 Admiral Makarov National University of Shipbuilding, Mykolaiv, Ukraine
2 Admiral Makarov National University of Shipbuilding, Mykolaiv, Ukraine
Times cited (SCOPUS): 7
ABSTRACT: The Covid-19 pandemic brought a problem related to the inability to timely update security systems on ships during a voyage and the need to encrypt data stored in ship information systems (SISs) and shipping company information systems. The analysis of new types of worldwide cyberattacks showed that they were set off by an increase in the use of remote-controlled autonomous technologies and a spread of telework. It was proved that on ships: a) there are no cybersecurity specialists; b) there is no means of identification of cyber threats and no response plans; c) there is a lack of cybersecurity training for crews; d) encryption of confidential ship data is barely used; e) crew is a vulnerability factor in ship's security. The analysis of cyber incidents allowed us to develop a basic response plan to protect ship control systems. It was demonstrated that the basic plan can be continuously updated and improved in accordance with: a) the real state of ship systems; b) the results of performance analysis of crew actions; c) the emergence of new types of cyberattacks. To improve the security of confidential data in ship information networks theoretical framework for the development of encrypted data search engines with the identification of “dangerous” keywords for the ship information systems (SISs) was proposed. A data exchange protocol, basic requirements for SISs, and an algorithm for detecting “dangerous” keywords in messages were developed. A test search engine on encrypted data was presented, and the main components of the system were highlighted. The functionality of the system was experimentally proved, and the accuracy and speed of search on encrypted data were determined.
KEYWORDS: Autonomous Navigation, Cyber Attack, Cyber Security, Cyber Threats, COVID-19, Cyber Resilience, Ship Information Systems (SIS), Cyber Security Training
REFERENCES
Apr 19, D.H.K.•, 2020: FBI: Covid-19 Cyberattacks Spike 400% in Pandemic, https://www.msspalert.com/cybersecurity-news/fbi-covid-19-cyberattacks-spike-400-in-pandemic/, last accessed 2022/03/25.
Bar-Yam, Y.: General Features of Complex Systems. UNESCO Encyclopedia of Life Support Systems. (2002).
Ding, M. et al.: An efficient Public Key Encryption with Conjunctive Keyword Search scheme based on pairings. In: 2012 3rd IEEE International Conference on Network Infrastructure and Digital Content. pp. 526–530 (2012). - doi:10.1109/ICNIDC.2012.6418809
Ferrill, T.: 10 security tools all remote employees should have, https://www.csoonline.com/article/3625882/10-security-tools-all-remote-employees-should-have.html, last accessed 2022/03/25.
Goh, E.-J.: Secure Indexes. (2003).
Golikov, V.A. et al.: A simple technique for identifying vessel model parameters. IOP Conference Series: Earth and Environmental Science. 172, 012010 (2018). - doi:10.1088/1755-1315/172/1/012010
Kołowrocki, K., Soszyńska-Budny, J.: Reliability and Safety of Complex Technical Systems and Processes. Springer London, London (2011). - doi:10.1007/978-0-85729-694-8_8
Kulesh, S.: NCCC NSDC recorded a new type of DDOS attacks using hacked smart home devices?, https://itc.ua/news/nkczk-snbo-zafiksiroval-novyj-tip-ddos-atak-s-ispolzovaniem-vzlomannyh-ustrojstv-umnogo-doma/, last accessed 2022/03/25.
Shumilova, K., Onishchenko, O.: Action planning in comprehensive shipping risk identification. The scientific heritage. The scientific heritage. 49, 1, 40–46 (2020).
Tsvetkov, V.Y.: Complex technical systems. International Journal of Applied and Basic Research. 10, 4, 670 (2016).
Tugolukov, E.N. et al.: Design of complex systems. Tambov: ТGТU (2008).
VanMSFT: SQL code injection, https://docs.microsoft.com/ru-ru/sql/relational-databases/security/sql-injection, last accessed 2022/03/25.
Volianskyi, Y.: Development of practical implementation of the use of schemes of homomorphic search. Slovak international scientific journal. 48, 1, 7–12 (2021).
Volyanskaya, Y. et al.: Determining energy-efficient operation modes of the propulsion electrical motor of an autonomous swimming apparatus. EEJET. 6, 8 (90), 11–16 (2017). - doi:10.15587/1729-4061.2017.118984
Analytical review of the protocols of the Internet of Things, https://www.tssonline.ru, last accessed 2022/03/25.
Analytics of the information security industry 2021, https://www.infowatch.ru/analytics/daydzhesty-i-obzory, last accessed 2022/03/25.
Attacks on web applications: results of 2018, https://www.ptsecurity.com/ru-ru/research/analytics/web-application-attacks-2019/, last accessed 2022/03/25.
Gaining visibility of your onboard systems: you can’t secure something you can’t see, https://thedigitalship.com/news/maritime-satellite-communications/item/6673-gaining-visibility-of-your-onboard-systems-you-can-t-secure-something-you-can-t-see3, last accessed 2022/03/25.
Positive Research Center, https://www.securitylab.ru/lab/, last accessed 2022/03/25.
Relevant cyber threats quarter 1 2020, https://www.ptsecurity.com/ru-ru/research/analytics/cybersecurity-threatscape-2020-q1/, last accessed 2022/03/25.
Ship cybersecurity is in the hands of sailors, https://moryakukrainy.livejournal.com/3843048.html, last accessed 2022/03/25.
Vulnerabilities, https://www.securitylab.ru/vulnerability/, last accessed 2022/03/25.
Citation note:
Onishchenko O., Shumilova K., Volyanskyy S., Volyanskaya Y., Volianskyi Y.: Ensuring Cyber Resilience of Ship Information Systems. TransNav, the International Journal on Marine Navigation and Safety of Sea Transportation, Vol. 16, No. 1, doi:10.12716/1001.16.01.04, pp. 43-50, 2022
Authors in other databases:
K. Shumilova:
S. Volyanskyy:
Y. Volyanskaya:
Y. Volianskyi: