Visible to the public Towards scalable and adaptable security monitoring

TitleTowards scalable and adaptable security monitoring
Publication TypeConference Paper
Year of Publication2017
AuthorsBrandauer, C., Dorfinger, P., Paiva, P. Y. A.
Conference Name2017 IEEE 36th International Performance Computing and Communications Conference (IPCCC)
Keywordsadaptable security monitoring, composability, control system security, Cyber-physical systems, data reduction, data reduction approaches, edge detection, Image edge detection, industrial control, industrial control systems, integrated circuits, intrusions, Metrics, Monitoring, physical isolation, physical- cyber domain, process control, proprietary technology, Protocols, pubcrawl, resilience, Resiliency, Scalability, scalable security monitoring, security, security of data

A long time ago Industrial Control Systems were in a safe place due to the use of proprietary technology and physical isolation. This situation has changed dramatically and the systems are nowadays often prone to severe attacks executed from remote locations. In many cases, intrusions remain undetected for a long time and this allows the adversary to meticulously prepare an attack and maximize its destructiveness. The ability to detect an attack in its early stages thus has a high potential to significantly reduce its impact. To this end, we propose a holistic, multi-layered, security monitoring and mitigation framework spanning the physical- and cyber domain. The comprehensiveness of the approach demands for scalability measures built-in by design. In this paper we present how scalability is addressed by an architecture that enforces geographically decentralized data reduction approaches that can be dynamically adjusted to the currently perceived context. A specific focus is put on a robust and resilient solution to orchestrate dynamic configuration updates. Experimental results based on a prototype implementation show the feasibility of the approach.

Citation Keybrandauer_towards_2017