Critical Infrastructure Protection: having SIEM technology cope with network heterogeneity
نویسندگان
چکیده
Coordinated and targeted cyber-attacks to Critical Infrastructures (CIs) are becoming more and more frequent and sophisticated. This is due to: i) the recent technology shift towards Commercial Off-The-Shelf (COTS) products, and ii) new economical and socio-political motivations. In this paper, we discuss some of the most relevant security issues resulting from the adoption in CIs of heterogeneous network infrastructures (specifically combining wireless and IP trunks), and suggest techniques to detect, as well as to counter/mitigate attacks. We claim that techniques such as those we propose here should be integrated in future SIEM (Security Information and Event Management) solutions, and we discuss how we have done so in the ECfunded MASSIF project, with respect to a real-world CI scenario, specifically a distributed system for power grid
منابع مشابه
Closing the loop of SIEM analysis to Secure Critical Infrastructures
Critical Infrastructure Protection is one of the main challenges of last years. Security Information and Event Management (SIEM) systems are widely used for coping with this challenge. However, they currently present several limitations that have to be overcome. In this paper we propose an enhanced SIEM system in which we have introduced novel components to i) enable multiple layer data analysi...
متن کاملEnhancing SIEM Technology to Protect Critical Infrastructures
Coordinated and targeted cyber-attacks on Critical Infrastructures (CIs) and Supervisory Control And Data Acquisition (SCADA) systems are increasing and becoming more sophisticated. Typically, SCADA has been designed without having security in mind, which is indeed approached by reusing solutions to protect solely Information Technology (IT) based infrastructures, such as the Security Informati...
متن کاملChallenges for Advanced Security Monitoring - The MASSIF Project
The vision of creating a next-generation Security Information and Event Management environment drives the development of an architecture which provides for trustworthy and resilient collection of security events from source systems, processes and applications. A number of novel inspection and analysis techniques are applied to the events collected to provide high-level situational security awar...
متن کاملPutting LTE Security Functions to the Test: A Framework to Evaluate Implementation Correctness
Long Term Evolution (LTE) is the most recent generation of mobile communications promising increased transfer rates and enhanced security features. It is todays communication technology for mobile Internet as well as considered for the use in critical infrastructure, making it an attractive target to a wide range of attacks. We evaluate the implementation correctness of LTE security functions t...
متن کاملTelecomunications Market in a Small Economy: Is There a Need for Price Control?
Telecommunications and ICT sector in general is one of the most rapidly growing sectors in the world. The state and level of the technological development of ICT infrastructure plays a very important and critical role in the growth and development of contemporary economies. Countries who do not have the required level and technology of ICT infrastructure are struggling to keep pace with the rap...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1404.7563 شماره
صفحات -
تاریخ انتشار 2014