Risk Analysis XI最新文献

{"title":"INTRUSION DETECTION METHOD FOR INDUSTRIAL CONTROL SYSTEMS USING SINGULAR SPECTRUM ANALYSIS","authors":"Asuka Terai, T. Chiba, Hideyuki Shintani, Shoya Kojima, Shingo Abe, I. Koshijima","doi":"10.2495/RISK180171","DOIUrl":"https://doi.org/10.2495/RISK180171","url":null,"abstract":"Because of their automated processing capabilities, industrial control systems (ICSs) currently play a crucial role in plant operations. It was not long before ICS had been completely insulated from the Internet. However, because of the improved reliability of ICS devices and systems, we could find only a few plants that did not use ICS in conjunction with the Internet. As a result, the extended accessibility of almost every ICS component makes such systems vulnerable to cyber-attacks. Because of this, intrusion detection systems, which monitor ICS network traffic and detect suspicious activities within the components themselves, are extremely important. Previous studies argued that packet intervals could ideally be regarded as indicators of the hazardous status of ICSs against hacking activities, and proposed intrusion detection methodologies relying solely on packet intervals. However, these methodologies with supervised machine-learning have inevitably been compromised by cyber-attacks whose characteristics are different than those of the training dataset. We hypothesize that packet intervals in an ICS network used for automated industrial processes, which are forced to produce a certain type of periodicity, reflect a particular type of packet interval patterns. In other words, certain anomalous behaviors never fail to interfere with this pattern. This paper proposes an intrusion detection method using a singular spectrum analysis to monitor time series packets. We evaluated our proposed method on our cybersecurity testbed using penetration tests. The results verified the validity of our system realized in the packet interval periodicity. Furthermore, we examined the optimum parameter set for the singular spectrum analysis in the proposed method. From this experiment, we successfully designated criteria for the parameter-set based on the period of the packet intervals during normal operations. The proposed method successfully detected all three types of attacks within 4 sec, without producing a false alert during normal operations.","PeriodicalId":21504,"journal":{"name":"Risk Analysis XI","volume":"132 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2018-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84965544","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"INTRODUCTION OF A DROUGHT FORECASTING/WARNING SYSTEM AND IMPROVEMENT METHODS IN THE REPUBLIC OF KOREA","authors":"H. Yoon, J. Ahn, Gwak, Yongseok, Bo-ra Lee","doi":"10.2495/risk180091","DOIUrl":"https://doi.org/10.2495/risk180091","url":null,"abstract":"With the occurrence of repeated drought damage, there has been a need for government-level R&D support for scientific drought management from the mid-to long-term perspective in Korea. Because government agencies related to drought such as the Korea Meteorological Administration, Ministry of Land, Infrastructure and Transport, Ministry of Food, Agriculture, Forestry and Fisheries, and Ministry of Public Safety and Security, have been independently performing drought forecasting-warning, the president decided to establish integrated forecasting-warning system for drought prevention and effective drought management. In the present study, accordingly, we introduce the integrated drought forecasting-warning system in Korea. The Ministry of Public Safety and Security, as control tower, announces integrated drought information (Meteorological, Living and Industrial, Agricultural drought) to the public including investigation of local government situation. An announcement cycle is early of the month and target region is 167 provinces. Verification of drought information provided by each ministry was used by RDI. Final research purpose develops National Drought Information Integrated Forecasting-warning Technique Development. We expect that such efforts will be able to minimize drought damages and allow for pre-emptive prevention of droughts.","PeriodicalId":21504,"journal":{"name":"Risk Analysis XI","volume":"28 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2018-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88603492","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SURFACE SUBSIDENCE FROM UNDERGROUND COAL MINING IMPACTING RESIDENTIAL HOUSING: A CASE STUDY OF RISK ANALYSIS, MITIGATION PROPOSAL AND ONGOING MONITORING","authors":"B. Poulsen, B. Shen","doi":"10.2495/RISK180181","DOIUrl":"https://doi.org/10.2495/RISK180181","url":null,"abstract":"Two subsidence events twenty years apart resulted in damage and destruction of residential housing near Ipswich in the state of Queensland, Australia. Led by the Australian governments, Commonwealth Scientific and Industrial Research Organisation, a research program was undertaken to determine the cause of subsidence, identify areas at risk, propose a stabilising technology and monitor the site. Site investigation including surface to void drilling, three-dimensional seismic survey, evaluation of historical mining data and interviews with ex-mine site personnel identified the most likely cause of subsidence as the over-stressing and failure of inadequately sized remanent coal pillars. It was concluded that water from the ongoing flooding of workings may have impacted pillar stability. A factor-of-safety evaluation of over 1,100 remanent coal pillars together with risk analysis of future surface subsidence was undertaken and identified another panel of the abandoned colliery that placed housing at unacceptable risk of future damage. An evaluation of bulk backfill identified a mitigation technology to ameliorate that risk. Continuous monitoring for over seven years by an instrument array of geophones, extensometers and piezometers has evaluated and reported the stability of strata overlying the colliery. This paper describes (1) the novel technique developed for evaluation of risk of surface subsidence for many hundreds of coal pillars accounting for the unique spatial and geometric attributes of every individual pillar. Included in the risk analysis study is water and time impacts on each pillars Factor of Safety (FoS); (2) mitigation technology developed for the stabilisation of pillars; and (3) the results of over seven years of strata monitoring.","PeriodicalId":21504,"journal":{"name":"Risk Analysis XI","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2018-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88654438","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"THERE IS NO SINGLE SOLUTION TO THE ‘INSIDER’ PROBLEM BUT THERE IS A VALUABLE WAY FORWARD","authors":"D. Bilusich, Leung Chim, Rick Nunes-Vaz, S. Lord","doi":"10.2495/RISK180121","DOIUrl":"https://doi.org/10.2495/RISK180121","url":null,"abstract":"The threat posed by insiders deliberately or inadvertently misusing their knowledge and access to sensitive information is a major security challenge. Finding effective, acceptable and affordable ways to manage the insider threat is non-trivial, involving the use of controls that range from technical to procedural. To make matters worse, insider activities range from inadvertent or accidental disclosure, through deliberate damage caused by disgruntled employees, to the pre-positioned mole who may undermine the organisation’s viability or purpose. The same controls will have different levels of effectiveness for each of these insider types. Based on these factors, attempting to find a single, optimised, universal solution to insider threats is illogical. However, the literature still contains statements such as ‘deterrence is the best approach for insiders’. There are dangers for security managers in drawing broad conclusions across the insider threat spectrum based on statements like these. Insider threats typically have a distribution of incidents where there are many of small consequence coexisting with a small number of incidents with very large consequences. This suggests that risk management techniques are a relevant, and arguably the most appropriate, framework for insider management. We have developed and applied a risk-based framework to model the spectrum of insider threat types, to enable the decision maker to determine the relative security effectiveness of alternative solutions. It allows decision makers to prioritise security investment to achieve the greatest benefit-cost using residual risk as the performance metric. Our framework provides a traceable and accountable method for organisations to balance their investments in controls, according to the complex spectrum of insider activity they are dealing with. They may also extend the approach, using robust analysis, to manage their uncertainties. Our framework supports security managers in customising security for their organisation based on its unique requirements.","PeriodicalId":21504,"journal":{"name":"Risk Analysis XI","volume":"2017 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2018-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89481101","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}