Title: Protecting critical infrastructures through behavioural observation
Authors: William Hurst; Madjid Merabti; Shamaila Iram; Paul Fergus
Addresses: PROTECT: Research Centre for Critical Infrastructure Computer Technology and Protection, School of Computing and Mathematical Sciences, Liverpool John Moores University, Byrom Street, Liverpool, L3 3AF, UK ' PROTECT: Research Centre for Critical Infrastructure Computer Technology and Protection, School of Computing and Mathematical Sciences, Liverpool John Moores University, Byrom Street, Liverpool, L3 3AF, UK ' PROTECT: Research Centre for Critical Infrastructure Computer Technology and Protection, School of Computing and Mathematical Sciences, Liverpool John Moores University, Byrom Street, Liverpool, L3 3AF, UK ' PROTECT: Research Centre for Critical Infrastructure Computer Technology and Protection, School of Computing and Mathematical Sciences, Liverpool John Moores University, Byrom Street, Liverpool, L3 3AF, UK
Abstract: The increase in the use of ICT in critical infrastructures has meant that dependence on automation and control systems has brought new risk in an increasingly digital age. The increase in digitisation and interconnectivity has meant that cyber-attacks have the potential to bring operations to a halt from a remote location with devastating consequences. In response to this, in our previous work to date, we have looked into the use of behavioural observation techniques to provide critical infrastructure support through pattern detection, in order to identify threats to the system. In this paper, a continuation of our research is presented including the use of mathematical classifications to analyse the critical infrastructure data, which has been constructed through simulation. In our approach, we develop a pattern of behaviour for the simulation and identify changes in patterns, which are the result of an attack on the system.
Keywords: behavioural observation; critical infrastructures; cyber attacks; security; data analysis; pattern detection; infrastructure protection; ICT; threat identification; simulation; behaviour patterns.
DOI: 10.1504/IJCIS.2014.062972
International Journal of Critical Infrastructures, 2014 Vol.10 No.2, pp.174 - 192
Received: 23 Nov 2012
Accepted: 01 Feb 2013
Published online: 29 Jul 2014 *