Big Data in Critical Infrastructures Security Monitoring: Challenges and Opportunities
This addresses cybersecurity vulnerabilities in critical infrastructures like power grids and transport systems, but it is incremental as it builds on existing monitoring tools without introducing a new solution.
The paper tackles the problem of insufficient cybersecurity for critical infrastructures by proposing a framework that leverages multiple data sources to enhance protection capabilities, discussing challenges and opportunities in three research directions without presenting specific results or numbers.
Critical Infrastructures (CIs), such as smart power grids, transport systems, and financial infrastructures, are more and more vulnerable to cyber threats, due to the adoption of commodity computing facilities. Despite the use of several monitoring tools, recent attacks have proven that current defensive mechanisms for CIs are not effective enough against most advanced threats. In this paper we explore the idea of a framework leveraging multiple data sources to improve protection capabilities of CIs. Challenges and opportunities are discussed along three main research directions: i) use of distinct and heterogeneous data sources, ii) monitoring with adaptive granularity, and iii) attack modeling and runtime combination of multiple data analysis techniques.