Logo PTI Logo FedCSIS

Proceedings of the 19th Conference on Computer Science and Intelligence Systems (FedCSIS)

Annals of Computer Science and Information Systems, Volume 39

Dynamic Threat Intelligence for Improvement of Resilience of Critical Infrastructure During Pandemics

, ,

DOI: http://dx.doi.org/10.15439/2024F8106

Citation: Proceedings of the 19th Conference on Computer Science and Intelligence Systems (FedCSIS), M. Bolanowski, M. Ganzha, L. Maciaszek, M. Paprzycki, D. Ślęzak (eds). ACSIS, Vol. 39, pages 591596 ()

Full text

Abstract. The COVID-19 pandemic is an example of a temporary situation when critical infrastructure (CI) operators had to operate with continuously changing conditions. The role of cyber infrastructure during pandemics, for example for the remote work or access to critical systems, has also changed. This resulted in frequent re-evaluation of risks and adaptations of security policies or mitigation measures. Use and sharing of cyber threat intelligence (CTI) proved to be valuable to stay up to date, but challenges related to trust and confidence emerged. We designed and developed dynamic CTI to be used by CI operators for risk reassessment and improvement of resilience. Several enhancements will be validated in the forthcoming pilots in SUNRISE project.

References

  1. Developing Cyber-Resilient Systems: A Systems Security Engineering Approach, NIST Special Publication 800-160, Volume 2, Revision 1, https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-160v2r1.pdf
  2. National definitions of Cyber resilience, CIPedia: https://websites.fraunhofer.de/CIPedia/index.php/Cyber_Resilience
  3. Birkie, Seyoum Eshetu & Trucco, Paolo & Kaulio, Matti. (2014). Disentangling core functions of operational resilience: a critical review of extant literature. Int. J. of Supply Chain and Operations Resilience. 1. 76-103. 10.1504/IJSCOR.2014.065461.
  4. Council directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection, https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2008:345:0075:0082:EN:PDF
  5. Directive (EU) 2022/2557 of the European Parliament and of the Council of 14 December 2022 on the resilience of critical entities and repealing Council Directive 2008/114/EC, https://eur-lex.europa.eu/eli/dir/2022/2557/oj
  6. P. de Juan Fidalgo, A. Pasic, J. M. Del Álamo, R. Tourís and A. Álvarez, "TERME: a cyber-physical resilience toolset for risk assessment," 2023 JNIC Cybersecurity Conference (JNIC), Vigo, Spain, 2023, pp. 1-6, http://dx.doi.org/10.23919/JNIC58574.2023.10205687.
  7. ENISA technical report, Measurement Frameworks and Metrics for Resilient Networks and Services: Technical report, February 2011
  8. ENISA report Ontologies and Taxonomies for Resilience , 2011 https://www.enisa.europa.eu/publications/ontology_taxonomies
  9. Eisenberg, Daniel, Plourde, Kenton, Seager, Thomas, Allen, Julia & Kott, Alexander. (2013). Resilience metrics for cyber systems. Environment Systems and Decisions. 33. 10.1007/s10669-013-9485-y.
  10. Gustavo González-Granadillo, Mario Faiella, Ibéria Medeiros, Rui Azevedo, Susana González-Zarzosa, ETIP: An Enriched Threat Intelligence Platform for improving OSINT correlation, analysis, visualization and sharing capabilities, Journal of Information Security and Applications, Volume 58,2021, 102715, ISSN 2214-2126, https://doi.org/10.1016/j.jisa.2020.102715.
  11. Faiella, M.; Gonzalez-Granadillo, G.; Medeiros, I.; Azevedo, R. and Gonzalez-Zarzosa, S. (2019). Enriching Threat Intelligence Platforms Capabilities. In Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - SECRYPT; ISBN 978-989-758-378-0; ISSN 2184-3236, SciTePress, pages 37-48. http://dx.doi.org/10.5220/0007830400370048
  12. G. Gonzalez-Granadillo, M. Faiella, I. Medeiros, R. Azevedo and S. Gonzalez-Zarzosa, "Enhancing Information Sharing and Visualization Capabilities in Security Data Analytic Platforms," 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W), Portland, OR, USA, 2019, pp. 1-8, http://dx.doi.org/10.1109/DSN-W.2019.00009.
  13. World Health Organisation initiative: https://www.who.int/initiatives/eios
  14. Abbas H, Tahoun MM, Aboushady AT, Khalifa A, Corpuz A, Nabeth P. Usage of social media in epidemic intelligence activities in the WHO, Regional Office for the Eastern Mediterranean. BMJ Glob Health. 2022 Jun;7(Suppl 4):e008759. http://dx.doi.org/10.1136/bmjgh-2022-008759. PMID: 35764352; PMCID: PMC9240825.
  15. European Centre for Disease Prevention and Control web page: https://www.ecdc.europa.eu/en/information-social-media-monitoring-epidemic-intelligence-purposes
  16. A. K. Daou, F. Li and S. Shiaeles, "A Cost-Efficient Threat Intelligence Platform Powered by Crowdsourced OSINT," 2023 IEEE International Conference on Cyber Security and Resilience (CSR), Venice, Italy, 2023, pp. 48-53, http://dx.doi.org/10.1109/CSR57506.2023.10225008.
  17. Anirban Mukhopadhyay, Sukrit Venkatagiri, and Kurt Luther. 2024. OSINT Research Studios: A Flexible Crowdsourcing Framework to Scale Up Open Source Intelligence Investigations. Proc. ACM Hum.-Comput. Interact. 8, CSCW1, Article 105 (April 2024), 38 pages. https://doi.org/10.1145/3637382
  18. MISP platform to gain situational awareness in regards to the COVID-19 situation: https://www.misp-project.org/covid-19-misp/
  19. MISP taxonomy for COVID-19: https://github.com/MISP/misp-taxonomies/blob/main/pandemic/machinetag.json
  20. Toolkit for Mapping of the MISP for SRH and its Adaptation for Preparedness and Response to COVID-19 and Other Pandemics and Major Outbreaks, https://iawg.net/resources/toolkit-for-mapping-of-the-misp-for-srh-and-its-adaptation-for-preparedness-and-response-to-covid-19-and-other-pandemics-and-major-outbreaks
  21. Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union, also known as NIS2 Direcive, https://eur-lex.europa.eu/eli/dir/2022/2555
  22. Jan Žižka, Bruno Rossi, Tomáš Pitner, Towards a Definition of Complex Software System, Position Papers of the 18th Conference on Computer Science and Intelligence Systems, M. Ganzha, L. Maciaszek, M. Paprzycki, D. Ślęzak (eds). ACSIS, Vol. 36, pages 119–126 (2023), http://dx.doi.org/http://dx.doi.org/10.15439/2023F2898