Towards the Protection of Critical Information Infrastructures using a Lightweight, Non-intrusive Embedded System

• Autorzy: Skitsas M. , Efstathiou N. , Charalambous E. , Koutras N. , Efthymiou C.
• Języki publikacji: EN

Abstrakty

EN

Critical Infrastructures (CIs), such as those that are found in the energy, financial, transport, communications, water, health and national security sectors, are an essential pillar to the well-being of the national and international economy, security and quality of life. These infrastructures are dependent on a wide variety of highly interconnected information systems for their smooth, reliable and continuous operation. Cybercrime has become a major threat for such Critical Information Infrastructures (CIIs). To mitigate this phenomenon, several techniques have been proposed within the space of Intrusion Detection Systems (IDSs). IDS is an important and necessary component in ensuring network security and protecting network resources and network infrastructures. In this paper, we propose a lightweight, non-intrusive generic embedded system that aids in the protection of CIIs. The operation of the proposed system is based on state of the art IDS and other open source frameworks for the monitoring and supporting services and aims to fulfill the end-user’s requirements. The generic and non-intrusive nature of the system along with the low configuration effort allows rapid deployment to a wide range of CII nodes such as telecommunication routers and smart grid nodes, as well as for single endpoint protection.

Słowa kluczowe

EN

critical infrastructure; critical information infrastructure; CIIP; intrusion detection systems (IDS); IDS; cybercrime

• Wydawca: Polskie Towarzystwo Bezpieczeństwa i Niezawodności
• Czasopismo: Journal of Polish Safety and Reliability Association
• Rocznik: 2016
• Tom: Vol. 7, No. 1
• Strony: 187--192
• Opis fizyczny: Bibliogr. 17 poz., rys., tab., wykr.

Twórcy

autor

Skitsas M.

• ADITESS Advanced Integrated Technology Solutions & Services, Nicosia, Cyprus

autor

Efstathiou N.

• ADITESS Advanced Integrated Technology Solutions & Services, Nicosia, Cyprus

autor

Charalambous E.

• ADITESS Advanced Integrated Technology Solutions & Services, Nicosia, Cyprus

autor

Koutras N.

• ADITESS Advanced Integrated Technology Solutions & Services, Nicosia, Cyprus

autor

Efthymiou C.

• ECPR Office of the Commissioner of Electronic Communications & Postal Regulation, Nicosia, Cyprus

Bibliografia

• [1] Bai, Y. & Kobayashi, H. (2003). Intrusion Detection Systems: technology and development, 17th International Conference of Advanced Information Networking and Applications, (AINA 2003).
• [2] Chih-Fong, T., Yu-Feng, H., Chia-Ying, L., et al. (2009). Intrusion detection by machine learning: A review, Expert Systems with Applications. 36, 10, 11994-12000, ISSN 0957-4174.
• [3] Enterprise Strategy Group by Jon Oltsik (2015), Research Report: Cyber supply chain security revisited.
• [4] García-Teodoro, P., Díaz-Verdejo, J., MaciáFernández, G. et al. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges, Computers & Security. 28, 1-2.
• [5] Giray, S. M. & Polat, A. G. (2013). Evaluation and Comparison of Classification Techniques for Network Intrusion Detection, Data Mining Workshops (ICDMW), IEEE 13th International Conference on, Dallas, TX, 335-342.
• [6] Jabez, J. & Muthukumar, B. (2015). Intrusion Detection System (IDS): Anomaly Detection Using Outlier Detection Approach, Procedia Computer Science. 48, 338-346.
• [7] OsTicket, [available at: http://osticket.com/].
• [8] Patel, A., Qassim, Q. & Wills, C. (2010). A survey of intrusion detection and prevention systems, Information Management & Computer Security 18, 4, 277-290.
• [9] Raspberry Pi, [https://www.raspberrypi.org/].
• [10] RubyonRails,[available at:http://rubyonrails.org].
• [11] SANS ICS (2016), Confirmation of a Coordinated Attack on the Ukrainian Power Grid, [available at: https://ics.sans.org/blog/2016/01/ 09/confirmation-of-a-coordinated-attack-on-theukrainian-power-grid].
• [12] Snorby, [available at: https://github.com/Snorby/ snorby].
• [13] Snort IDS, [available at: https://www.snort.org/].
• [14] Suricata IDS, [available at: http://suricataids.org/].
• [15] UCISA, ITIL – A guide to event management, [available at: https://www.ucisa.ac.uk/representation/activities/I TIL/serviceoperation.aspx].
• [16] Vinchurkar, D. P. & Reshamwala, A. (2012). A Review of Intrusion Detection System Using Neural Network and Machine Learning, in IJESIT.
• [17] Yang, Y., McLaughlin, K., Littler, T. et al. (2013). Rule-based intrusion detection system for SCADA networks, Renewable Power Generation Conference (RPG 2013), 2nd IET, Beijing.

Uwagi

Opracowanie ze środków MNiSW w ramach umowy 812/P-DUN/2016 na działalność upowszechniającą naukę (zadania 2017).