发布求助
文献互助 智能选刊 最新文献

International Journal of Critical Infrastructure Protection最新文献

筛选
英文 中文
Protocol study and anomaly detection for server-driven traffic in SCADA networks SCADA网络中服务器驱动流量的协议研究与异常检测
IF 3.6 3区 工程技术
International Journal of Critical Infrastructure Protection Pub Date : 2023-09-01 DOI: 10.1016/j.ijcip.2023.100612
Chih-Yuan Lin, Simin Nadjm-Tehrani
{"title":"Protocol study and anomaly detection for server-driven traffic in SCADA networks","authors":"Chih-Yuan Lin,&nbsp;Simin Nadjm-Tehrani","doi":"10.1016/j.ijcip.2023.100612","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100612","url":null,"abstract":"<div><p>Attacks against Supervisory Control and Data Acquisition (SCADA) systems operating critical infrastructures have largely appeared in the past decades. There are several anomaly detection systems that model the traffic of request–response mechanisms, where a client initiates a request to a server and the server sends back a response later. However, many modern SCADA protocols also allow server-driven traffic without a paired request, and anomaly detection for server-driven traffic has not been well-studied. This paper provides a comprehensive understanding of server-driven traffic across different protocols, such as MMS, Siemens S7, S7-plus, and IEC 60870-5-104 (IEC-104), with traffic analysis. The analysis results show that the common postulation of periodicity and correlation within SCADA traffic holds true for most of the analyzed datasets. The paper then proposes a Multivariate Correlation Anomaly Detection (MCAD) approach for server-driven traffic that presents complicated correlations among flows. The proposed approach is compared with a univariate correlation anomaly detection approach designed for SCADA and a general purpose anomaly detection approach based on neural network techniques. These approaches are tested with an IEC-104 dataset from a real power utility with injected timing perturbations resulting from a Stuxnet-like stealthy attack scenario. The detection accuracy of MCAD outperforms the compared methods and the time-to-detection performance is promising.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"42 ","pages":"Article 100612"},"PeriodicalIF":3.6,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50192982","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Software-Defined Networking approaches for intrusion response in Industrial Control Systems: A survey 工业控制系统中入侵响应的软件定义网络方法综述
IF 3.6 3区 工程技术
International Journal of Critical Infrastructure Protection Pub Date : 2023-09-01 DOI: 10.1016/j.ijcip.2023.100615
Xabier Etxezarreta, Iñaki Garitano, Mikel Iturbe, Urko Zurutuza
{"title":"Software-Defined Networking approaches for intrusion response in Industrial Control Systems: A survey","authors":"Xabier Etxezarreta, Iñaki Garitano, Mikel Iturbe, Urko Zurutuza","doi":"10.1016/j.ijcip.2023.100615","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100615","url":null,"abstract":"","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"91 1","pages":"100615"},"PeriodicalIF":3.6,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"54358406","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A flexible OT testbed for evaluating on-device implementations of IEC-61850 GOOSE 一个灵活的OT测试平台,用于评估IEC-61850 GOOSE的设备上实现
IF 3.6 3区 工程技术
International Journal of Critical Infrastructure Protection Pub Date : 2023-09-01 DOI: 10.1016/j.ijcip.2023.100618
Matthew Boeding, M. Hempel, H. Sharif, Juan Lopez, K. Perumalla
{"title":"A flexible OT testbed for evaluating on-device implementations of IEC-61850 GOOSE","authors":"Matthew Boeding, M. Hempel, H. Sharif, Juan Lopez, K. Perumalla","doi":"10.1016/j.ijcip.2023.100618","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100618","url":null,"abstract":"","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"42 1","pages":"100618"},"PeriodicalIF":3.6,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"54358440","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
National and international maritime situational awareness model examples and the effects of North Stream Pipelines sabotage 国家和国际海上态势感知模型示例和北溪管道破坏的影响
IF 3.6 3区 工程技术
International Journal of Critical Infrastructure Protection Pub Date : 2023-09-01 DOI: 10.1016/j.ijcip.2023.100624
Tolga Ahmet Gülcan, Kadir Emrah Erginer
{"title":"National and international maritime situational awareness model examples and the effects of North Stream Pipelines sabotage","authors":"Tolga Ahmet Gülcan,&nbsp;Kadir Emrah Erginer","doi":"10.1016/j.ijcip.2023.100624","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100624","url":null,"abstract":"<div><p><span>While many countries and international organizations with maritime security interests and rights at sea have developed new security strategies or policies in the wake of the 9/11 terrorist attacks in the United States of America<span>, they have accordingly changed or created new maritime security strategies or doctrines with appropriate Maritime Situational Awareness (MSA) models as well. Maritime deterioration, climate change, cyberattacks, serious and organized crime, epidemics, and state-made threats are just some of the new and growing concerns affecting maritime security. The sabotage of the Nord Stream gas pipelines in the Baltic Sea has given maritime security doctrines and frameworks a new dimension. In this article, the current maritime security approaches and maritime domain or situational awareness (MDA/MSA) model examples of some countries and international organizations from different geographic regions and also the ones that are located in the maritime choke point regions where global </span></span>maritime trade<span> routes are located and also the effects of the Nord Stream Pipelines sabotages on these are examined in light of the new threats and risks. The principle result reached in this study is that countries and international structures should have a cross governmental maritime security strategy, or at least a doctrine, in order to guide their own maritime situational awareness models and identify information sharing architectures. The most important result of the sabotages on Nord Stream Pipelines for MSA models in this study is that the fastest and most cost-effective method for protecting critical infrastructure under the seas is the concept of systems such as Mothership controlled autonomous and unmanned underwater vehicles, extra large unmanned undersea vehicles and Synthetic-aperture radar (SAR) satellites.</span></p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"42 ","pages":"Article 100624"},"PeriodicalIF":3.6,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50192885","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A forensics and compliance auditing framework for critical infrastructure protection 用于关键基础设施保护的取证和法规遵从性审核框架
IF 3.6 3区 工程技术
International Journal of Critical Infrastructure Protection Pub Date : 2023-09-01 DOI: 10.1016/j.ijcip.2023.100613
João Henriques , Filipe Caldeira , Tiago Cruz , Paulo Simões
{"title":"A forensics and compliance auditing framework for critical infrastructure protection","authors":"João Henriques ,&nbsp;Filipe Caldeira ,&nbsp;Tiago Cruz ,&nbsp;Paulo Simões","doi":"10.1016/j.ijcip.2023.100613","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100613","url":null,"abstract":"<div><p>Contemporary societies are increasingly dependent on products and services provided by Critical Infrastructure (CI) such as power plants, energy distribution networks, transportation systems and manufacturing facilities. Due to their nature, size and complexity, such CIs are often supported by Industrial Automation and Control Systems (IACS), which are in charge of managing assets and controlling everyday operations.</p><p>As these IACS become larger and more complex, encompassing a growing number of processes and interconnected monitoring and actuating devices, the attack surface of the underlying CIs increases. This situation calls for new strategies to improve Critical Infrastructure Protection (CIP) frameworks, based on evolved approaches for data analytics, able to gather insights from the CI.</p><p>In this paper, we propose an Intrusion and Anomaly Detection System (IADS) framework that adopts forensics and compliance auditing capabilities at its core to improve CIP. Adopted forensics techniques help to address, for instance, post-incident analysis and investigation, while the support of continuous auditing processes simplifies compliance management and service quality assessment.</p><p>More specifically, after discussing the rationale for such a framework, this paper presents a formal description of the proposed components and functions and discusses how the framework can be implemented using a cloud-native approach, to address both functional and non-functional requirements. An experimental analysis of the framework scalability is also provided.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"42 ","pages":"Article 100613"},"PeriodicalIF":3.6,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50192979","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A multi-criteria framework for critical infrastructure systems resilience 关键基础设施系统弹性的多标准框架
IF 3.6 3区 工程技术
International Journal of Critical Infrastructure Protection Pub Date : 2023-09-01 DOI: 10.1016/j.ijcip.2023.100616
Zhuyu Yang , Bruno Barroca , Katia Laffréchine , Alexandre Weppe , Aurélia Bony-Dandrieux , Nicolas Daclin
{"title":"A multi-criteria framework for critical infrastructure systems resilience","authors":"Zhuyu Yang ,&nbsp;Bruno Barroca ,&nbsp;Katia Laffréchine ,&nbsp;Alexandre Weppe ,&nbsp;Aurélia Bony-Dandrieux ,&nbsp;Nicolas Daclin","doi":"10.1016/j.ijcip.2023.100616","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100616","url":null,"abstract":"<div><p>Critical infrastructure systems (CISs) play an essential role in modern society, as they are important for maintaining critical social functions, economic organisation, and national defence. Recently, CISs resilience has gained popularity in both academic and policy filed facing increased natural or technological disasters. Resilience assessments have become convenient and common tools for disaster management, as assessment results provide useful information to CIS managers. However, CISs resilience assessment is facing challenges of being practical to use in operational risk management.</p><p>Although there are many existing assessments for CISs resilience, some shortcomings relating to assessment criteria, which cannot turn resilience useful in practical operation, are frequent in their assessment process. Existing assessments are based on different definitions, which makes criteria generalization difficult. Besides, these assessments are not comprehensive enough. Especially, few assessments address both the cost, effectiveness, and safety of optimisation actions. Moreover, most of the suggested criteria are not specific enough for being used for practical CISs risk management in real cases.</p><p>This article develops therefore a multi-criteria framework (MCF) for CISs resilience, consisting of general criteria and a guide for defining specific sub-criteria. In this MCF, the side effects, cascading effects and cost-benefit in resilience scenarios are considered indispensable for CISs resilience assessment. The paper also presents an example of the application of the developed guide through two detailed scenarios, one on a single infrastructural system affected by a natural disaster, and the other addressing the interdependence of this infrastructural system and an urban healthcare system. The designed MCF contributes to the operationalisation and comprehensiveness of CISs resilience assessments.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"42 ","pages":"Article 100616"},"PeriodicalIF":3.6,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50192871","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
New threats and research problems for critical infrastructure 关键基础设施面临的新威胁和研究问题
IF 3.6 3区 工程技术
International Journal of Critical Infrastructure Protection Pub Date : 2023-09-01 DOI: 10.1016/S1874-5482(23)00042-2
Roberto Setola
{"title":"New threats and research problems for critical infrastructure","authors":"Roberto Setola","doi":"10.1016/S1874-5482(23)00042-2","DOIUrl":"https://doi.org/10.1016/S1874-5482(23)00042-2","url":null,"abstract":"","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"42 ","pages":"Article 100629"},"PeriodicalIF":3.6,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50192873","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Assessing the comprehensive importance of power grid nodes based on DEA 基于DEA的电网节点综合重要性评估
IF 3.6 3区 工程技术
International Journal of Critical Infrastructure Protection Pub Date : 2023-09-01 DOI: 10.1016/j.ijcip.2023.100614
Xing Gao, Yunxia Ye, Wenxin Su, Linyan Chen
{"title":"Assessing the comprehensive importance of power grid nodes based on DEA","authors":"Xing Gao, Yunxia Ye, Wenxin Su, Linyan Chen","doi":"10.1016/j.ijcip.2023.100614","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100614","url":null,"abstract":"","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"42 1","pages":"100614"},"PeriodicalIF":3.6,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"54358395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A multi-criteria framework for critical infrastructure systems resilience 关键基础设施系统弹性的多标准框架
IF 3.6 3区 工程技术
International Journal of Critical Infrastructure Protection Pub Date : 2023-09-01 DOI: 10.1016/j.ijcip.2023.100616
Zhuyu Yang, B. Barroca, Katia Laffréchine, Alexandre Weppe, Aurélia Bony-Dandrieux, N. Daclin
{"title":"A multi-criteria framework for critical infrastructure systems resilience","authors":"Zhuyu Yang, B. Barroca, Katia Laffréchine, Alexandre Weppe, Aurélia Bony-Dandrieux, N. Daclin","doi":"10.1016/j.ijcip.2023.100616","DOIUrl":"https://doi.org/10.1016/j.ijcip.2023.100616","url":null,"abstract":"","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"42 1","pages":"100616"},"PeriodicalIF":3.6,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"54358415","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A management knowledge graph approach for critical infrastructure protection: Ontology design, information extraction and relation prediction 关键基础设施保护的管理知识图谱方法:本体设计、信息提取和关系预测
IF 3.6 3区 工程技术
International Journal of Critical Infrastructure Protection Pub Date : 2023-08-23 DOI: 10.1016/j.ijcip.2023.100634
Jiarui Chen, Yiqin Lu, Yang Zhang, Fang Huang, Jiancheng Qin
{"title":"A management knowledge graph approach for critical infrastructure protection: Ontology design, information extraction and relation prediction","authors":"Jiarui Chen,&nbsp;Yiqin Lu,&nbsp;Yang Zhang,&nbsp;Fang Huang,&nbsp;Jiancheng Qin","doi":"10.1016/j.ijcip.2023.100634","DOIUrl":"10.1016/j.ijcip.2023.100634","url":null,"abstract":"<div><p><span><span>Critical Infrastructures (CI) underpin the basic functioning of society and the economy. Proper governance of CI security management remains a crucial challenge. This study aims to construct a </span>knowledge graph for modeling </span>CI protection<span><span><span><span>. While the previous research has focused on threat intelligence modeling and open knowledge bases, they miss considering the defense side. Accordingly, we propose a knowledge graph for critical infrastructure protection, CIPKG, that extends the management ontology to include the defense side. It addresses the cross-industry and cross-time information gaps that occur in the process of CI protection management, making it more comprehensive in structure than the existing knowledge graph. We employ simplified Structured Threat Information Expression as attack ontology and design a new ontology for the defense side, which could combine with the existing threat ontology to form the CI protection knowledge graph. To dynamically extract information from emerging knowledge, we employ a Bi-directional Long Short-Term Memory and </span>Conditional Random Field model with pre-trained cybersecurity domain-specific </span>Bidirectional Encoder Representations from Transformers to recognize the named entities from CI </span>regulations and standards<span>. To associate the threat part with the management portion of the knowledge graph, we adopt the Knowledge Graph Bidirectional Encoder Representations from Transformer model to capture the semantic information and predict the relationship between threat and management. After information extraction and relation prediction, we build a knowledge graph with 529,360 nodes and about 3,335,000 edges.</span></span></p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"43 ","pages":"Article 100634"},"PeriodicalIF":3.6,"publicationDate":"2023-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48992216","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信