IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v15y2016icp3-11.html
   My bibliography  Save this article

A framework for designing resilient distributed intrusion detection systems for critical infrastructures

Author

Listed:
  • Genge, Béla
  • Haller, Piroska
  • Kiss, István

Abstract

The complexity and scale of critical infrastructures, their strong security requirements and increasing costs require comprehensive methodologies for provisioning cost-effective distributed intrusion detection systems. This paper introduces a novel framework for designing resilient distributed intrusion detection systems. The framework leverages the output of a risk assessment methodology to identify and rank critical communications flows. These flows are integrated in an optimization problem that minimizes the number of deployed detection devices while enforcing a shortest-path routing algorithm to minimize communications delays. The framework engages a resilient distributed intrusion detection design algorithm that accounts for the possibility that detection devices may be compromised or fail. The algorithm optimally positions detection devices to ensure that the infrastructure is resilient to at most K communications path failures. Experimental results demonstrate the effectiveness of the distributed intrusion detection design framework.

Suggested Citation

  • Genge, Béla & Haller, Piroska & Kiss, István, 2016. "A framework for designing resilient distributed intrusion detection systems for critical infrastructures," International Journal of Critical Infrastructure Protection, Elsevier, vol. 15(C), pages 3-11.
    • Handle: RePEc:eee:ijocip:v:15:y:2016:i:c:p:3-11
    DOI: 10.1016/j.ijcip.2016.06.003
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1874548216300816
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ijcip.2016.06.003?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Genge, Béla & Kiss, István & Haller, Piroska, 2015. "A system dynamics approach for assessing the impact of cyber attacks on critical infrastructures," International Journal of Critical Infrastructure Protection, Elsevier, vol. 10(C), pages 3-17.
    2. Correa-Henao, Gabriel J. & Yusta, Jose M. & Lacal-Arántegui, Roberto, 2013. "Using interconnected risk maps to assess the threats faced by electricity infrastructures," International Journal of Critical Infrastructure Protection, Elsevier, vol. 6(3), pages 197-216.
    3. Giani, Annarita & Bent, Russell & Pan, Feng, 2014. "Phasor measurement unit selection for unobservable electric power data integrity attack detection," International Journal of Critical Infrastructure Protection, Elsevier, vol. 7(3), pages 155-164.
    4. Filippini, Roberto & Silva, Andrés, 2014. "A modeling framework for the resilience analysis of networked systems-of-systems based on functional dependencies," Reliability Engineering and System Safety, Elsevier, vol. 125(C), pages 82-91.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Choubineh, Abouzar & Wood, David A. & Choubineh, Zahak, 2020. "Applying separately cost-sensitive learning and Fisher's discriminant analysis to address the class imbalance problem: A case study involving a virtual gas pipeline SCADA system," International Journal of Critical Infrastructure Protection, Elsevier, vol. 29(C).
    2. Palleti, Venkata Reddy & Joseph, Jude Victor & Silva, Arlindo, 2018. "A contribution of axiomatic design principles to the analysis and impact of attacks on critical infrastructures," International Journal of Critical Infrastructure Protection, Elsevier, vol. 23(C), pages 21-32.
    3. Al-Daweri, Muataz Salam & Abdullah, Salwani & Ariffin, Khairul Akram Zainol, 2021. "A homogeneous ensemble based dynamic artificial neural network for solving the intrusion detection problem," International Journal of Critical Infrastructure Protection, Elsevier, vol. 34(C).

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Genge, Béla & Kiss, István & Haller, Piroska, 2015. "A system dynamics approach for assessing the impact of cyber attacks on critical infrastructures," International Journal of Critical Infrastructure Protection, Elsevier, vol. 10(C), pages 3-17.
    2. Hayes, Darren R. & Cappa, Francesco, 2018. "Open-source intelligence for risk assessment," Business Horizons, Elsevier, vol. 61(5), pages 689-697.
    3. Siwar Kriaa & Marc Bouissou & Youssef Laarouchi, 2019. "A new safety and security risk analysis framework for industrial control systems," Journal of Risk and Reliability, , vol. 233(2), pages 151-174, April.
    4. Li, Lei & Wang, Wenting & Ma, Qiang & Pan, Kunpeng & Liu, Xin & Lin, Lin & Li, Jian, 2021. "Cyber attack estimation and detection for cyber-physical power systems," Applied Mathematics and Computation, Elsevier, vol. 400(C).
    5. González, Santiago G. & Dormido Canto, S. & Sánchez Moreno, José, 2020. "Obtaining high preventive and resilience capacities in critical infrastructure by industrial automation cells," International Journal of Critical Infrastructure Protection, Elsevier, vol. 29(C).
    6. Monsalve, Mauricio & de la Llera, Juan Carlos, 2019. "Data-driven estimation of interdependencies and restoration of infrastructure systems," Reliability Engineering and System Safety, Elsevier, vol. 181(C), pages 167-180.
    7. Kameshwar, Sabarethinam & Cox, Daniel T. & Barbosa, Andre R. & Farokhnia, Karim & Park, Hyoungsu & Alam, Mohammad S. & van de Lindt, John W., 2019. "Probabilistic decision-support framework for community resilience: Incorporating multi-hazards, infrastructure interdependencies, and resilience goals in a Bayesian network," Reliability Engineering and System Safety, Elsevier, vol. 191(C).
    8. Poulin, Craig & Kane, Michael B., 2021. "Infrastructure resilience curves: Performance measures and summary metrics," Reliability Engineering and System Safety, Elsevier, vol. 216(C).
    9. Xu, Peng-Cheng & Lu, Qing-Chang & Xie, Chi & Cheong, Taesu, 2024. "Modeling the resilience of interdependent networks: The role of function dependency in metro and bus systems," Transportation Research Part A: Policy and Practice, Elsevier, vol. 179(C).
    10. Udit Bhatia & Devashish Kumar & Evan Kodra & Auroop R Ganguly, 2015. "Network Science Based Quantification of Resilience Demonstrated on the Indian Railways Network," PLOS ONE, Public Library of Science, vol. 10(11), pages 1-17, November.
    11. Chatzis, Petros & Stavrou, Eliana, 2022. "Cyber-threat landscape of border control infrastructures," International Journal of Critical Infrastructure Protection, Elsevier, vol. 36(C).
    12. Stephan Berger & Christopher Dun & Björn Häckel, 2024. "IT Availability Risks in Smart Factory Networks – Analyzing the Effects of IT Threats on Production Processes Using Petri Nets," Information Systems Frontiers, Springer, vol. 26(5), pages 1633-1652, October.
    13. Å arÅ«nienÄ—, Inga & MartiÅ¡auskas, Linas & KrikÅ¡tolaitis, RiÄ ardas & Augutis, Juozas & Setola, Roberto, 2024. "Risk assessment of critical infrastructures: A methodology based on criticality of infrastructure elements," Reliability Engineering and System Safety, Elsevier, vol. 243(C).
    14. Olaf Jonkeren & Ivano Azzini & Luca Galbusera & Stavros Ntalampiras & Georgios Giannopoulos, 2015. "Analysis of Critical Infrastructure Network Failure in the European Union: A Combined Systems Engineering and Economic Model," Networks and Spatial Economics, Springer, vol. 15(2), pages 253-270, June.
    15. Qianxiang Zhu & Yuanqing Qin & Chunjie Zhou & Weiwei Gao, 2018. "Extended multilevel flow model-based dynamic risk assessment for cybersecurity protection in industrial production systems," International Journal of Distributed Sensor Networks, , vol. 14(6), pages 15501477187, June.
    16. Galbraith, John W. & Iuliani, Luca, 2019. "Measures of robustness for networked critical infrastructure: An empirical comparison on four electrical grids," International Journal of Critical Infrastructure Protection, Elsevier, vol. 27(C).
    17. Hassan Al-Zarooni & Hamdi Bashir, 2020. "An integrated ISM fuzzy MICMAC approach for modeling and analyzing electrical power system network interdependencies," International Journal of System Assurance Engineering and Management, Springer;The Society for Reliability, Engineering Quality and Operations Management (SREQOM),India, and Division of Operation and Maintenance, Lulea University of Technology, Sweden, vol. 11(6), pages 1204-1226, December.
    18. Pitilakis, Kyriazis & Argyroudis, Sotiris & Fotopoulou, Stavroula & Karafagka, Stella & Kakderi, Kalliopi & Selva, Jacopo, 2019. "Application of stress test concepts for port infrastructures against natural hazards. The case of Thessaloniki port in Greece," Reliability Engineering and System Safety, Elsevier, vol. 184(C), pages 240-257.
    19. Adrian-Silviu Roman, 2023. "Evaluating the Privacy and Utility of Time-Series Data Perturbation Algorithms," Mathematics, MDPI, vol. 11(5), pages 1-21, March.
    20. Wu, Jingyi & Yu, Yang & Yu, Jianxing & Chang, Xueying & Xu, Lixin & Zhang, Wenhao, 2023. "A Markov resilience assessment framework for tension leg platform under mooring failure," Reliability Engineering and System Safety, Elsevier, vol. 231(C).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:15:y:2016:i:c:p:3-11. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.