9,095 research outputs found
Autonomic computing architecture for SCADA cyber security
Cognitive computing relates to intelligent computing platforms that are based on the disciplines of artificial intelligence, machine learning, and other innovative technologies. These technologies can be used to design systems that mimic the human brain to learn about their environment and can autonomously predict an impending anomalous situation. IBM first used the term ‘Autonomic Computing’ in 2001 to combat the looming complexity crisis (Ganek and Corbi, 2003). The concept has been inspired by the human biological autonomic system. An autonomic system is self-healing, self-regulating, self-optimising and self-protecting (Ganek and Corbi, 2003). Therefore, the system should be able to protect itself against both malicious attacks and unintended mistakes by the operator
Privacy Preservation Intrusion Detection Technique for SCADA Systems
Supervisory Control and Data Acquisition (SCADA) systems face the absence of
a protection technique that can beat different types of intrusions and protect
the data from disclosure while handling this data using other applications,
specifically Intrusion Detection System (IDS). The SCADA system can manage the
critical infrastructure of industrial control environments. Protecting
sensitive information is a difficult task to achieve in reality with the
connection of physical and digital systems. Hence, privacy preservation
techniques have become effective in order to protect sensitive/private
information and to detect malicious activities, but they are not accurate in
terms of error detection, sensitivity percentage of data disclosure. In this
paper, we propose a new Privacy Preservation Intrusion Detection (PPID)
technique based on the correlation coefficient and Expectation Maximisation
(EM) clustering mechanisms for selecting important portions of data and
recognizing intrusive events. This technique is evaluated on the power system
datasets for multiclass attacks to measure its reliability for detecting
suspicious activities. The experimental results outperform three techniques in
the above terms, showing the efficiency and effectiveness of the proposed
technique to be utilized for current SCADA systems
Sharing Computer Network Logs for Security and Privacy: A Motivation for New Methodologies of Anonymization
Logs are one of the most fundamental resources to any security professional.
It is widely recognized by the government and industry that it is both
beneficial and desirable to share logs for the purpose of security research.
However, the sharing is not happening or not to the degree or magnitude that is
desired. Organizations are reluctant to share logs because of the risk of
exposing sensitive information to potential attackers. We believe this
reluctance remains high because current anonymization techniques are weak and
one-size-fits-all--or better put, one size tries to fit all. We must develop
standards and make anonymization available at varying levels, striking a
balance between privacy and utility. Organizations have different needs and
trust other organizations to different degrees. They must be able to map
multiple anonymization levels with defined risks to the trust levels they share
with (would-be) receivers. It is not until there are industry standards for
multiple levels of anonymization that we will be able to move forward and
achieve the goal of widespread sharing of logs for security researchers.Comment: 17 pages, 1 figur
- …