Skip to main content
SpringerLink
Log in

Real Time Threat Prediction, Identification and Mitigation for Critical Infrastructure Protection Using Semantics, Event Processing and Sequential Analysis

  • Conference paper
Critical Information Infrastructures Security (CRITIS 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8328))

Abstract

Seamless and faultless operational conditions of multi stakeholder Critical Infrastructures (CIs) are of high importance for today’s societies on a global scale. Due to their population impact, attacks against their interconnected components can create serious damages and performance degradation which eventually can result in a societal crisis. Therefore it is crucial to effectively and timely protect these high performance - critical systems against any type of malicious cyber-physical intrusions. This can be realized by protecting CIs against threat consequences or by blocking threats to take place at an early stage and preventing further escalation or predicting threat occurrences and have the ability to rapidly react by eliminating its roots. In this paper a novel architecture is proposed in which these three ways of confronting with cyber – physical threats are combined using a novel semantics based risk methodology that relies on real time behavioral analysis. The final prototype provides the CI operator with a decision tool (DST) that imprints the proposed approach and which is capable of alerting on new unknown threats, generate suggestions of the required counter-actions and alert of probable threat existence. The implemented architecture has been tested and validated in a proof of concept scenario of an airport CI with simulated monitoring data.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Polunchenko, A., Tartakovsky, A.: State-of-the-Art in Sequential Change-Point Detection. Methodology and Computing in Applied Probability Journal 14(3), 649–684 (2012)

    Article  MATH  MathSciNet  Google Scholar 

  2. Kostopoulos, D., Leventakis, G., Tsoulkas, V., Nikitakos, N.: An Intelligent Fault Moni-toring and Risk Management Tool for Complex Critical Infrastructures: The SERSCIS Approach in Air-Traffic Surface Control. In: 14th International Conference on Computer Modelling and Simulation (UKSim 2012), pp. 205–210. IEEE Xplore (2012)

    Google Scholar 

  3. Teixeira, A., Dán, G., Sandberg, H., Johansson, K.H.: A Cyber Security Study of a SCADA Energy Management System: Stealthy Deception Attacks on the State Estimator. In: 18th IFAC World Congress, Milan, Italy, IFAC (2011)

    Google Scholar 

  4. Sandberg, H., Teixeira, A., Johansson, K.H.: On security indices for state estimators in power networks. In: 1st Workshop on Secure Control Systems, CPS Week, Stockholm, Sweden (2010)

    Google Scholar 

  5. Schaberreiter, T., Aubert, J., Khadraoui, D.: Critical infrastructure security modeling and resci-monitor: A risk based critical infrastructure model. In: IST-Africa Conference Proceedings, pp. 1–9 (2011)

    Google Scholar 

  6. Aubert, J., Schaberreiter, T., Incoul, C., Khadraoui, D., Gateau, B.: Risk-Based Methodology for Real-Time Security Monitoring of Interdependent Services in Critical Infrastructures. In: International Conference on Availability, Reliability and Security (ARES 2010), pp. 262–267 (2010)

    Google Scholar 

  7. Oliva, G., Panzieri, S., Setola, R.: Agent-based input–output interdependency model. International Journal of Critical Infrastructure Protection 3(2), 76–82 (2010)

    Article  Google Scholar 

  8. Esper - Complex Event Processing, http://esper.codehaus.org

  9. Adar, E., Wuchner, A.: Risk management for critical infrastructure protection (CIP) challenges, best practices & tools. In: First IEEE International Workshop on Critical Infrastructure Protection, pp. 8–16 (2005)

    Google Scholar 

  10. Garvey, P.R.: Analytical Methods for Risk Management: A Systems Engineering Perspective Analytical Methods for Risk Management: A Systems Engineering Perspective. Chapman and Hall/CRC, Boca Raton (2009)

    Google Scholar 

  11. Basseville, M., Nikiforov, I.V.: Detection of abrupt changes: theory and application. Prentice-Hall, Inc., Upper Saddle River (1993)

    Google Scholar 

  12. Vaculín, R.: Semantic Monitoring of Service-Oriented Business Processes. In: Handbook of Research on E-Business Standards and Protocols: Documents, Data and Advanced Web Technologies, pp. 467–494. IGI Global (2012)

    Google Scholar 

  13. Moustakides, G.: Optimal procedures for detecting changes in distributions. Ann. Statist. 14(4), 1379–1387 (1986)

    Article  MATH  MathSciNet  Google Scholar 

  14. Moustakides, G.V.: Decentralized CUSUM Change Detection. In: 9th International Conference on Information Fusion, pp. 1–6 (2006)

    Google Scholar 

  15. Hermit OWL Reasoner, http://www.hermit-reasoner.com

  16. Surridge, M., Chakravarthy, A., Hall-May, M., Chen, X., Nasser, B., Nossal, R.: SERSCIS: Semantic Modelling of Dynamic, Multi-Stakeholder Systems. In: 2nd SESAR Innovations Days, Braunschweig (2012)

    Google Scholar 

  17. Chakravarthy, A., Surridge, M., Hall-May, M., Nasser, B., Chen, W., Leonard, T.: System modelling tools: Full Prototype Implementation. SERSCIS Deliverable D2.2 v1.5 (2013)

    Google Scholar 

  18. Della Valle, E., Ceri, S., Barbieri, D.F., Braga, D., Campi, A.: A First Step Towards Stream Reasoning. In: Domingue, J., Fensel, D., Traverso, P. (eds.) FIS 2008. LNCS, vol. 5468, pp. 72–81. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  19. Touzeau, J., Hamon, E., Krempel, M., Gölz, B., Madarasz, R., Alemany, J.: SESAR DEL16.02.01-D03: SESAR ATM Preliminary Security Risk Assessment Method (2011)

    Google Scholar 

  20. Pollak, M.: Optimal Detection of a Change in Distribution. The Annals of Statistics 13, 206–227 (1985)

    Article  MATH  MathSciNet  Google Scholar 

  21. Pellet: OWL 2 Reasoner for Java, http://clarkparsia.com/pellet/

  22. Malini, S., Poobalan, A.: Semantic Web Standard in Cloud Computing. International Journal of Soft Computing and Engineering (IJSCE) 1, 1–5 (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Security Studies (KEMEA), Ministry of Public Order and Citizen Protection, Athens, GR-10177, Greece

    Dimitris Kostopoulos, Vasilis Tsoulkas, George Leventakis, Prokopios Drogkaris & Vasiliki Politopoulou

  2. Department of Information and Communication Systems Engineering, University of the Aegean, Samos, GR-83200, Greece

    George Leventakis, Prokopios Drogkaris & Vasiliki Politopoulou

Authors
  1. Dimitris Kostopoulos
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vasilis Tsoulkas
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. George Leventakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Prokopios Drogkaris
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Vasiliki Politopoulou
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. TNO Defence, Safety and Security, Oude Waalsdorperweg 63, 2597 AK, The Hague, The Netherlands

    Eric Luiijf

  2. Distributed and Embedded Security Group, University of Twente, P.O. Box 217, 7500 AE, Enschede, The Netherlands

    Pieter Hartel

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer International Publishing Switzerland

About this paper

Cite this paper

Kostopoulos, D., Tsoulkas, V., Leventakis, G., Drogkaris, P., Politopoulou, V. (2013). Real Time Threat Prediction, Identification and Mitigation for Critical Infrastructure Protection Using Semantics, Event Processing and Sequential Analysis. In: Luiijf, E., Hartel, P. (eds) Critical Information Infrastructures Security. CRITIS 2013. Lecture Notes in Computer Science, vol 8328. Springer, Cham. https://doi.org/10.1007/978-3-319-03964-0_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-03964-0_12

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-03963-3

  • Online ISBN: 978-3-319-03964-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation