Evaluation of Asfalia, a Security Attack Event Monitoring Framework
Abstract
Abstract
Cyber security has been a growing concern for large organizations, especially financial and governmental institutions, as security breaches in the systems they depend on have repeatedly resulted in losses of billions of dollars per year, and this cost is on the rise. A primary reason for these breaches is that the systems in question are cyber-physical - a mix of people, processes, technology, and infrastructure. However, existing security solutions for cyber-physical systems are likely to become obsolete; even though security agents issue new sets of vulnerability indicators and patches to address security breaches, these vulnerability indicators change over time, which is a never-ending process. To tackle this problem, a multi-realm security attack event monitoring framework was proposed to monitor, model, and analyse security events in social(business process), cyber, and physical infrastructure components of cyber-physical systems. In this paper, we evaluate this security attack event monitoring framework. The evaluation was performed by using a large-scale case study on a medical emergency response system.
References
[1]
A. Cailliau, A. van Lamsweerde, Runtime monitoring and resolution of probabilistic obstacles to system goals, Software Engineering for Adaptive and Self-Managing Systems (SEAMS), IEEE, 2017, pp. 1–11. 2017 IEEE/ACM 12th International Symposium onpages.
[2]
Moore, A. P., Ellison, R. J., and Linger, R. C. (2001) Attack modeling for information security and survivability. Technical report,
[3]
Seid, E., Popov, O., and Blix, F. (2023). Security Attack Event Monitoring for Cyber Physical-Systems. In Mori, P., Lenzini, G., and Furnell, S., editors, Proceedings of the 9th International Conference on Information Systems Security and Privacy, ICISSP 2023, 2023, pages 722–732. SciTePress
[4]
H. Mouratidis, “A natural extension of tropos methodology for modelling security,” 2002.
[5]
P. Giorgini, F. Massacci, and N. Zannone, “Security and trust requirements engineering,” in Foundations of Security Analysis and Design III. Springer, 2005, pp. 237–272.
[6]
L. Liu, E. Yu, J. Mylopoulos, Security and privacy requirements analysis within a social setting, Requirements Engineering Conference, IEEE, 2003, pp. 151–161. Proceedings. 11th IEEE International2003.
[7]
A. Rodríguez, E. Fernández-Medina, J. Trujillo, M. Piattini, Secure business process model specification through a UML 2.0 activity diagram profile, Decision Support Systems 51 (3) (2011) 446–465.
[8]
P. Herrmann, G. Herrmann, Security requirement analysis of business processes, Electronic Commerce Research 6 (3-4) (2006) 305–335.
[9]
B. Schneier, Attack trees, Dr. Dobbs journal 24 (12) (1999) 21–29.
[10]
A. Van Lamsweerde, Goal-oriented requirements engineering: A guided tour, Requirements Engineering (2001) 249–262. 2001.
[11]
I. Band, W. Engelsman, C. Feltus, S. Gonzlez Paredes, J. Hietala, H. Jonkers, and S. Massart, “Modeling enterprise risk management and security with the archimate language,” 1 2015,
[12]
K. Siau, M. Rossi, Evaluation of information modeling methods- a review, in: Proceedings of the Thirty-First Hawaii International Conference on, 5, IEEE, 1998, pp. 314–322. 1998.
[13]
O.I. Lindland, G. Sindre, A. Solvberg, Understanding quality in conceptual modeling, IEEE software 11 (2) (1994) 42–49.
[14]
M. M. Lankhorst, H. A. Proper, and H. Jonkers, “The architecture of the archimate language, Springer, 2009, pp. 367–380.
[15]
O. Altuhhova, R. Matulevičius, N. Ahmed, Towards definition of secure business processes, in: International Conference on Advanced Information Systems Engineering, Springer, 2012, pp. 1–15. Authorized.
[16]
A. Banerjee, K.K. Venkatasubramanian, T. Mukherjee, S.K.S. Gupta, Ensuring safety, security, and sustainability of mission-critical cyber–physical systems, Proceedings of the IEEE 100 (1) (2012) 283–299.
[17]
J. Conway, The industrial internet of things: an evolution to a smart manufacturing enterprise, Schneider Electric, 2016.
[18]
Griffor, E. R., Greer, C., Wollman, D. A., Burns, M. J., et al. (2017). Framework for cyber-physical systems: Volume 1, overview.
[19]
S. Jeschke, C. Brecher, T. Meisen, D. Ö zdemir, T Eschert, Industrial internet of things and cyber manufacturing systems, Industrial internet of things, Springer, 2017, pp. 3–19. pages.
[20]
Q. Shafi, Cyber physical systems security: A brief survey, in: 2012 12th International Conference on Computational Science and Its Applications, IEEE, 2012, pp. 146–150. pages.
[21]
E.K. Wang, Y. Ye, X. Xu, S.-M. Yiu, L.C.K. Hui, K.-P. Chow, Security issues and challenges for cyber physical system, in: Proceedings of the 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing, IEEE Computer Society, 2010, pp. 733–738. pages.
[22]
C. Phillips, L.P. Swiler, A graph-based system for network-vulnerability analysis, in: Proceedings of the 1998 workshop on New security paradigms, ACM, 1998, pp. 71–79. pages.
[23]
Griffor, E. R., Greer, C., Wollman, D. A., Burns, M. J., et al. (2017). Framework for cyber-physical systems: Volume 1, overview.
[24]
A. Morais, I. Hwang, A. Cavalli, E. Martins, Generating attack scenarios for the system security validation, Networking science 2 (3-4) (2013) 69–80.
[25]
Boyes, H., Hallaq, B., Cunningham, J., and Watson, T. (2018). The industrial internet of things (iiot): An analysis framework.
Recommendations
Government regulations in cyber security: Framework, standards and recommendations
AbstractCyber security refers to the protection of Internet-connected systems, such as hardware, software as well as data (information) from cyber attacks (adversaries). A cyber security regulation is needed in order to protect information ...
Highlights- We list and discuss the cyber attacks, security requirements and measures. We then discuss the cyber security incident management framework and its various ...
Cyber security framework for Internet of Things-based Energy Internet
AbstractWith the significant improvement in deployment of Internet of Things (IoT) into the smart grid infrastructure, the demand for cyber security is rapidly growing. The Energy Internet (EI) also known as the integrated internet-based smart grid and ...
Highlights- The security and privacy of components, data and events in the Energy Internet.
- The framework relies on an identity-based security mechanism.
- A secure communication protocol that provides secure data exchange.
- An Intelligent ...
Mapping the Security Events to the MITRE ATT &CK Attack Patterns to Forecast Attack Propagation (Extended Abstract)
Attacks and Defenses for the Internet-of-ThingsAbstractModern information systems generate a lot of events. Analysis of the events allows detecting malicious activity within the system. There are a lot of event correlation techniques intended for the detection of cyber security incidents and different ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Copyright © 2024.
Publisher
Elsevier Science Publishers B. V.
Netherlands
Publication History
Published: 24 July 2024
Author Tags
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 09 Jan 2025