Handling of advanced persistent threats and complex incidents in healthcare, transportation and energy ICT infrastructures-Reference-Cited by-同舟云学术

Handling of advanced persistent threats and complex incidents in healthcare, transportation and energy ICT infrastructures

Published:2020-04-04 Issue:1 Volume:12 Page:91-108
ISSN:1868-6478
Container-title:Evolving Systems
language:en
Short-container-title:Evolving Systems

Author:

Papastergiou Spyridon,Mouratidis Haralambos^ORCID,Kalogeraki Eleni-Maria

Abstract

AbstractIn recent years, the use of information technologies in Critical Infrastructures is gradually increasing. Although this brings benefits, it also increases the possibility of security attacks. Despite the availability of various advanced incident handling techniques and tools, there is still no easy, structured, standardized and trusted way to manage and forecast interrelated cybersecurity incidents. This paper introduces CyberSANE, a novel dynamic and collaborative, warning and response system, which supports security officers and operators to recognize, identify, dynamically analyse, forecast, treat and respond to security threats and risks and and it guides them to handle effectively cyber incidents. The components of CyberSANE are described along with a description of the CyberSANE data flow. The main novelty of the CyberSANE system is the fact that it enables the combination of active incident handling approaches with reactive approaches to support incidents of compound, highly dependent Critical Information Infrastructures. The benefits and added value of using CyberSANE is described with the aid of a set of cyber-attack scenarios.

Funder

Horizon 2020 Framework Programme

Publisher

Springer Science and Business Media LLC

Subject

Control and Optimization,Computer Science Applications,Modelling and Simulation,Control and Systems Engineering

Link

http://link.springer.com/content/pdf/10.1007/s12530-020-09335-4.pdf

Reference69 articles.

1. Ab Rahman NH, Choo KKR (2015) A survey of information security incident handling in the cloud. Comput Secur 49:45–69

2. Ahmad A, Hadgkiss J, Ruighaver AB (2012) Incident response teams-challenges in supporting the organisational security function. Comput Secur 31(5):643–652

3. Blowers M, Williams J (2014) Machine learning applied to cyber operations. In: Pino RE (ed) Network science and cybersecurity. Springer, New York, pp 155–175

4. British Standards Institution (2011) BS ISO/IEC 27035:2011—information technology. Security Techniques. Information Security Incident Management

5. Bruschi D, Monga M, Martignoni L (2004) How to reuse knowledge about forensic investigations. In: Digital forensics research workshop, Linthicum, Maryland

Cited by 14 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Risk Management and Cybersecurity in Transportation and Warehousing;Advances in Logistics, Operations, and Management Science;2023-12-29

2. AI-Assisted Risk Management Systems in Healthcare Industries of Smart Cities;2023 IEEE Globecom Workshops (GC Wkshps);2023-12-04

3. Towards insighting cybersecurity for healthcare domains: A comprehensive review of recent practices and trends;Cyber Security and Applications;2023-12

4. How internet blackouts affect information flows in organizations - Analyzing cascade effects and feedback loops;International Journal of Disaster Risk Reduction;2023-11

5. Modelling language for cyber security incident handling for critical infrastructures;Computers & Security;2023-05