Improving SIEM for critical SCADA water infrastructures using machine learning

Network Control Systems (NAC) have been used in many industrial processes. They aim to reduce the human factor burden and efficiently handle the complex process and communication of those systems. Supervisory control and data acquisition (SCADA) systems are used in industrial, infrastructure and facility processes (e.g. manufacturing, fabrication, oil and water pipelines, building ventilation, etc.) Like other Internet of Things (IoT) implementations, SCADA systems are vulnerable to cyber-attacks, therefore, a robust anomaly detection is a major requirement. However, having an accurate anomaly detection system is not an easy task, due to the difficulty to differentiate between cyber-attacks and system internal failures (e.g. hardware failures). In this paper, we present a model that detects anomaly events in a water system controlled by SCADA. Six Machine Learning techniques have been used in building and evaluating the model. The model classifies different anomaly events including hardware failures (e.g. sensor failures), sabotage and cyber-attacks (e.g. DoS and Spoofing). Unlike other detection systems, our proposed work helps in accelerating the mitigation process by notifying the operator with additional information when an anomaly occurs. This additional information includes the probability and confidence level of event(s) occurring. The model is trained and tested using a real-world dataset

The KiVa antibullying program in primary schools in Chile, with and without the digital game component: study protocol for a randomized controlled trial.

BACKGROUND: Bullying is a major problem worldwide and Chile is no exception. Bullying is defined as a systematic aggressive behavior against a victim who cannot defend him or herself. Victims suffer social isolation and psychological maladjustment, while bullies have a higher risk for conduct problems and substance use disorders. These problems appear to last over time. The KiVa antibullying program has been evaluated in Finland and other European countries, showing preventive effects on victimization and self-reported bullying. The aims of this study are (1) to develop a culturally appropriate version of the KiVa material and (2) to test the effectiveness of the KiVa program, with and without the online game, on reducing experiences of victimization and bullying behavior among vulnerable primary schools in Santiago (Chile), using a cluster randomized controlled trial (RCT) design with three arms: (1) full KiVa program group, (2) partial KiVa (without online game) program group and (3) control group. METHODS AND DESIGN: This is a three-arm, single-blind, cluster randomized controlled trial (RCT) with a target enrolment of 1495 4th and 5th graders attending 13 vulnerable schools per arm. Students in the full and partial KiVa groups will receive universal actions: ten 2-h lessons delivered by trained teachers during 1 year; they will be exposed to posters encouraging them to support victims and behave constructively when witnessing bullying; and a person designated by the school authorities will be present in all school breaks and lunchtimes using a visible KiVa vest to remind everybody that they are in a KiVa school. KiVa schools also will have indicated actions, which consist of a set of discussion groups with the victims and with the bullies, with proper follow-up. Only full KiVa schools will also receive an online game which has the aim to raise awareness of the role of the group in bullying, increase empathy and promote strategies to support victimized peers. Self-reported victimization, bullying others and peer-reported bullying actions, psychological and academic functioning, and sense of school membership will be measured at baseline and 12 months after randomization. DISCUSSION: This is the first cluster RCT of the KiVa antibullying program in Latin America. TRIAL REGISTRATION: ClinicalTrials.gov, Identifier: NCT02898324 . Registered on 8 September 2016

Gonzaga journal of international law : GJIL

Three relations between elementary school children were investigated: networks of general dislike and bullying were related to networks of general like. These were modeled using multivariate cross-sectional (statistical) network models. Exponential random graph models for a sample of 18 classrooms, numbering 393 students, were summarized using meta-analyses. Results showed (balanced) network structures with positive ties between those who were structurally equivalent in the negative network. Moreover, essential structural parameters for the univariate network structure of positive (general like) and negative (general dislike and bullying) tie networks were identified. Different structures emerged in positive and negative networks. The results provide a starting point for further theoretical and (multiplex) empirical research about negative ties and their interplay with positive ties

Security Issue of WirelessHART Based SCADA Systems

International audienceThe security of Supervisory Control and Data Acquistition systems (SCADA) has become these last years, a major worldwide concern. Indeed, several incidents and cyber-attacks stressed the emergency to make more efforts to secure these systems which manage important economical infrastructures. The increasing use of wireless sensors also brings their security vulnerabilities. Therefore, several communication protocols were developed to meet real time and security requirements needed by this kind of systems. WirelessHART is the first approved international standard for industrial wireless devices. It implements several mechanisms to ensure hop-by-hop and end-to-end security. However, despite these mechanisms, it remains possible for an attacker to conduct an attack against such wireless networks. In this paper, we give the first description of a Sybil attack specially tailored to target WirelessHART based SCADA systems. This attack can lead to harmful consequences such as disturbing the infrastructure functioning, interrupting it or more again causing its destruction (overheating of a nuclear reactor)