From System Knowledge to Network Security
نویسنده
چکیده
“Networked control system” (NCS) is an umbrella term encompassing a broad variety of infrastructures such as industrial control systems (ICSs) and building automation systems (BASs). Nowadays, all these infrastructures play an important role in several aspects of our daily life, from managing essential services such as energy and water (e.g., critical infrastructures) to monitoring the increasingly smart environments that surround us (e.g., the Internet of Things). Over the years, NCS technology has progressively switched to IT digital networks and integrated to the Internet. This fact has changed the way operators manage and control their infrastructures and has introduced several security threats. Skilled crackers (also known as black-hat hackers) can remotely access NCSs and change infrastructure behavior potentially endangering human lives (e.g., causing a malfunction of a nuclear power plant). For this reason, NCS stakeholders have been facing the challenge of protecting their infrastructures against cyber-attacks and, especially, targeted attacks, namely those attacks carried out by resourceful and motivated organizations (e.g., Stuxnet). A common practice for protecting NCSs includes the use of standard IT security solutions and techniques. However, most of the times, these solutions do not fit such different environments. Furthermore, any security solution applied to NCSs should never interfere with infrastructure operations. This is particularly important when it comes to NCSs that monitor critical infrastructures and thus, sensitive physical processes (e.g., energy production). Finally, most of today’s NCS security solutions still fail to convey accurate information to the operators and do not allow them to quickly and undoubtedly identify potentially dangerous situations. In fact, this would require more sophisticated techniques capable of understanding the surrounding environment and conclusively discern between malicious activities and valid operations. For all these reasons, this thesis tackles the challenge of developing more incisive and effective security solutions for NCSs. We focus on intrusion detection to passively monitor and evaluate infrastructure operations without causing any interference and we aim attention at the acquisition of knowledge about the monitored infrastructures to improve the process of detection as well as the feedback to the operators. In what follows, we present a novel approach to NCS security based on the integration between system knowledge acquisition and network intrusion detection. Our work starts by identifying and evaluating valuable sources of information to gain knowledge about the monitored systems. Then, we show how this knowledge contributes to improving intrusion detection systems (IDSs). Finally,
منابع مشابه
Static Security Constrained Generation Scheduling Using Sensitivity Characteristics of Neural Network
This paper proposes a novel approach for generation scheduling using sensitivitycharacteristic of a Security Analyzer Neural Network (SANN) for improving static securityof power system. In this paper, the potential overloading at the post contingency steadystateassociated with each line outage is proposed as a security index which is used forevaluation and enhancement of system static security....
متن کاملAlert correlation and prediction using data mining and HMM
Intrusion Detection Systems (IDSs) are security tools widely used in computer networks. While they seem to be promising technologies, they pose some serious drawbacks: When utilized in large and high traffic networks, IDSs generate high volumes of low-level alerts which are hardly manageable. Accordingly, there emerged a recent track of security research, focused on alert correlation, which ext...
متن کاملA Novel Index for Online Voltage Stability Assessment Based on Correlation Characteristic of Voltage Profiles
Abstract: Voltage instability is a major threat for security of power systems. Preserving voltage security margin at a certain limit is a vital requirement for today’s power systems. Assessment of voltage security margin is a challenging task demanding sophisticated indices. In this paper, for the purpose of on line voltage security assessment a new index based on the correlation characteristic...
متن کاملSecurity Analysis of Lightweight Authentication Scheme with Key Agreement using Wireless Sensor Network for Agricultural Monitoring System
Wireless sensor networks have many applications in the real world and have been developed in various environments. But the limitations of these networks, including the limitations on the energy and processing power of the sensors, have posed many challenges to researchers. One of the major challenges is the security of these networks, and in particular the issue of authentication in the wireles...
متن کاملDesigning an Expert System for Internet Connection Problems Troubleshooting for wired network users
Man, is living in an era that the knowledge is estimated to be doubled in a relatively short time. The fast rate of technology's growth in the "Century of information", is caused by fast growth of communication technologies like the internet which has become one of the best tools for a quick, cheap, effective and vastly supported communication. For an efficient and effective usage of tools and ...
متن کاملDesigning an Expert System for Internet Connection Problems Troubleshooting for wired network users
Man, is living in an era that the knowledge is estimated to be doubled in a relatively short time. The fast rate of technology's growth in the "Century of information", is caused by fast growth of communication technologies like the internet which has become one of the best tools for a quick, cheap, effective and vastly supported communication. For an efficient and effective usage of tools and ...
متن کامل