安全运营中心的数据匿名化方法：平衡工业系统中的数据保护和安全

IF 8.1 1区计算机科学 0 COMPUTER SCIENCE, INFORMATION SYSTEMS

Information Sciences Pub Date : 2024-10-10 DOI:10.1016/j.ins.2024.121534

Giacomo Longo , Francesco Lupia , Alessio Merlo , Francesco Pagano , Enrico Russo

{"title":"安全运营中心的数据匿名化方法：平衡工业系统中的数据保护和安全","authors":"Giacomo Longo , Francesco Lupia , Alessio Merlo , Francesco Pagano , Enrico Russo","doi":"10.1016/j.ins.2024.121534","DOIUrl":null,"url":null,"abstract":"<div><div>In an era where industrial Security Operations Centers (SOCs) are paramount to enabling cybersecurity, they can unintentionally become enablers of intellectual property theft through the data they analyze and retain. The above issue requires finding solutions to strike a balance between data protection and security. This paper proposes a real-time data anonymization framework designed to operate directly within network devices. Using an extensive case study, our approach demonstrates how valuable intellectual property associated with industrial processes can be protected without compromising the effectiveness of behavioral anomaly detection systems. The methodology is designed to be nonintrusive, reversible, and seamlessly portable on existing security solutions. We evaluated these properties through comprehensive experimental testing, which showed both the method's effectiveness in securing intellectual property and its suitability for continuous real-time operation.</div></div>","PeriodicalId":51063,"journal":{"name":"Information Sciences","volume":"690 ","pages":"Article 121534"},"PeriodicalIF":8.1000,"publicationDate":"2024-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A data anonymization methodology for security operations centers: Balancing data protection and security in industrial systems\",\"authors\":\"Giacomo Longo , Francesco Lupia , Alessio Merlo , Francesco Pagano , Enrico Russo\",\"doi\":\"10.1016/j.ins.2024.121534\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>In an era where industrial Security Operations Centers (SOCs) are paramount to enabling cybersecurity, they can unintentionally become enablers of intellectual property theft through the data they analyze and retain. The above issue requires finding solutions to strike a balance between data protection and security. This paper proposes a real-time data anonymization framework designed to operate directly within network devices. Using an extensive case study, our approach demonstrates how valuable intellectual property associated with industrial processes can be protected without compromising the effectiveness of behavioral anomaly detection systems. The methodology is designed to be nonintrusive, reversible, and seamlessly portable on existing security solutions. We evaluated these properties through comprehensive experimental testing, which showed both the method's effectiveness in securing intellectual property and its suitability for continuous real-time operation.</div></div>\",\"PeriodicalId\":51063,\"journal\":{\"name\":\"Information Sciences\",\"volume\":\"690 \",\"pages\":\"Article 121534\"},\"PeriodicalIF\":8.1000,\"publicationDate\":\"2024-10-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Information Sciences\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0020025524014488\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"0\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Sciences","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0020025524014488","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"0","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

在工业安全运营中心（SOC）对实现网络安全至关重要的时代，它们可能会通过分析和保留数据，无意中成为知识产权盗窃的帮凶。要解决上述问题，就必须找到解决方案，在数据保护和安全之间取得平衡。本文提出了一种实时数据匿名化框架，旨在直接在网络设备内运行。通过广泛的案例研究，我们的方法展示了如何在不影响行为异常检测系统有效性的情况下保护与工业流程相关的宝贵知识产权。我们设计的方法具有非侵入性、可逆性和可在现有安全解决方案上无缝移植的特点。我们通过全面的实验测试对这些特性进行了评估，结果表明该方法不仅能有效保护知识产权，而且适合连续实时运行。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A data anonymization methodology for security operations centers: Balancing data protection and security in industrial systems

In an era where industrial Security Operations Centers (SOCs) are paramount to enabling cybersecurity, they can unintentionally become enablers of intellectual property theft through the data they analyze and retain. The above issue requires finding solutions to strike a balance between data protection and security. This paper proposes a real-time data anonymization framework designed to operate directly within network devices. Using an extensive case study, our approach demonstrates how valuable intellectual property associated with industrial processes can be protected without compromising the effectiveness of behavioral anomaly detection systems. The methodology is designed to be nonintrusive, reversible, and seamlessly portable on existing security solutions. We evaluated these properties through comprehensive experimental testing, which showed both the method's effectiveness in securing intellectual property and its suitability for continuous real-time operation.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Information Sciences 工程技术-计算机：信息系统

CiteScore

14.00

自引率

17.30%

发文量

1322

审稿时长

10.4 months

期刊介绍： Informatics and Computer Science Intelligent Systems Applications is an esteemed international journal that focuses on publishing original and creative research findings in the field of information sciences. We also feature a limited number of timely tutorial and surveying contributions. Our journal aims to cater to a diverse audience, including researchers, developers, managers, strategic planners, graduate students, and anyone interested in staying up-to-date with cutting-edge research in information science, knowledge engineering, and intelligent systems. While readers are expected to share a common interest in information science, they come from varying backgrounds such as engineering, mathematics, statistics, physics, computer science, cell biology, molecular biology, management science, cognitive science, neurobiology, behavioral sciences, and biochemistry.