DETECT: A novel framework for the detection of attacks to critical infrastructures
2009 (English)In: Safety, Reliability and Risk Analysis: Theory, Methods and Applications - Proceedings of the Joint ESREL and SRA-Europe Conference, Taylor & Francis , 2009, p. 105-112Conference paper, Published paper (Refereed)
Abstract [en]
Critical Infrastructure Protection (CIP) against potential threats has become a major issue in modern society. CIP involves a set of multidisciplinary activities and requires the adoption of proper protection mechanisms, usually supervised by centralized monitoring systems. This paper presents the motivation, the working principles and the software architecture of DETECT (DEcision Triggering Event Composer & Tracker), a new framework aimed at the automatic and early detection of threats against critical infrastructures. The framework is based on the fact that non trivial attack scenarios are made up by a set of basic steps which have to be executed in a predictable sequence (with possible variants). Such scenarios are identified during Vulnerability Assessment which is a fundamental phase of the Risk Analysis for critical infrastructures. DETECT operates by performing a model-based logical, spatial and temporal correlation of basic events detected by the sensorial subsystem (possibly including intelligent video-surveillance, wireless sensor networks, etc.). In order to achieve this aim, DETECT is based on a detection engine which is able to reason about heterogeneous data, implementing a centralized application of "data fusion". The framework can be interfaced with or integrated in existing monitoring systems as a decision support tool or even to automatically trigger adequate countermeasures.
Place, publisher, year, edition, pages
Taylor & Francis , 2009. p. 105-112
Keywords [en]
Attack scenarios, Centralized monitoring systems, Critical infrastructure protection, Decision support tools, Early detection, Heterogeneous data, Intelligent video, Model-based, Monitoring system, Multi-disciplinary activities, Non-trivial, Potential threats, Protection mechanisms, Spatial and temporal correlation, Vulnerability assessments, Working principles, Data fusion, Decision support systems, Monitoring, Public works, Reliability analysis, Reliability theory, Risk analysis, Risk assessment, Risk perception, Security systems, Software architecture, Wireless sensor networks, Critical infrastructures
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:mdh:diva-47794Scopus ID: 2-s2.0-79952333081ISBN: 9780415485135 (print)OAI: oai:DiVA.org:mdh-47794DiVA, id: diva2:1427380
Conference
Joint ESREL (European Safety and Reliability) and SRA-Europe (Society for Risk Analysis Europe) Conference, 22 - 25 September 2008, Valencia
2018-06-052020-04-29Bibliographically approved