Load-balanced Integrated Information Security Monitoring System
Tomasz Klasa, Imed El Fray
DOI: http://dx.doi.org/10.15439/2017F463
Citation: Communication Papers of the 2017 Federated Conference on Computer Science and Information Systems, M. Ganzha, L. Maciaszek, M. Paprzycki (eds). ACSIS, Vol. 13, pages 213–221 (2017)
Abstract. Monitoring is the last step of the information security management process. It is intended to evaluate not the state of security itself, but rather the accuracy and quality of prior security evaluation and risk treatment applied. In other words, it is supposed to provide the answer, whether chosen countermeasures and all other decisions based on the security assessment and evaluation results were accurate, proper and sufficient. If during this phase of the security management process, any significant anomaly is found within the system, it means that either one of the accepted ‘as is' risks occurred, or that the applied countermeasures did not provide assumed protection in some point of the system. In such a case it is necessary to identify all the areas that require security audit repeat. As information systems grow in complexity, an integrated solution for security monitoring that will prevent system overload caused by monitoring is proposed in this paper.
References
- Aiello, M. and Pagani, G.A. 2014. The Smart Grid's Data Generating Potentials. Annals of Computer Science and Information Systems. 2014, Vol. 2, pp. 9-16., http://dx.doi.org/10.15439/2014F509
- Bean, Michael, A. Probability: The Science of Uncertainty with Applications to Investments, Insurance, and Engineering. Providence : American Mathematical Society, 2001.
- Brdys, M.A. 2014. Integrated monitoring, control and security of Critical Infrastructure Systems. Annual Reviews in Control. 2014, 38, pp. 47-70., http://dx.doi.org/10.1016/j.arcontrol.2014.03.006
- Dalpiaz, F., Giorgini, P., Salnitri, M., Designing secure business processes with SecBPMN. Enterprise, Business-Process and Information Systems Modeling, pp.200-214, 2015, http://dx.doi.org/10.1007/s10270-015-0499-4
- Deraison R., Gula R., Ranum M., Unified Security Monitoring (USM), Real-Time Situational Awareness of Network Vulnerabilities, Events and Configurations, Tenable Network Security, 2009
- El Fray, I. A Comparative Study of Risk Assessment Methods, MEHARI & CRAMM with a New Formal Model of Risk Assessment (FoMRA). Information Systems. Computer Information Systems and Industrial Management. 2012, Vol. 7564 of the series Lecture Notes in Computer Science., http://dx.doi.org/10.1007/978-3-642-33260-9_37
- Fenz, S., et al. 2013. FORISK: Formalising information security risk and compliance management. 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W). 2013., http://dx.doi.org/10.1109/DSNW.2013.6615533
- Fernandez E., Monge R., Building a security reference architecture for cloud systems, Requirements Eng (2016) 21:225–249, http://dx.doi.org/10.1007/s00766-014-0218-7
- Han, S., et al. 2014. Intrusion Detection in Cyber-Physical Systems: Techniques and Challenges. IEEE SYSTEMS JOURNAL. 2014, Vol. 8, 4., http://dx.doi.org/10.1109/JSYST.2013.2257594
- Huang S., Zhou C., Yang S., Quin Y., Cyber-physical System Security for Networked Industrial Processes, International Journal of Automation and Computing, 12(6), December 2015, 567-578, http://dx.doi.org/10.1007/s11633-015-0923-9
- IEC. Fault Tree Analysis (FTA), International Technical Commission, IEC Standard, Publication 1025. 1990.
- Jung H., Hwang I., Moon J., Park H., A security monitoring method for malicious P2P event detection, Peer-to-Peer Netw. Appl. (2016) 9:498–507, http://dx.doi.org/10.1007/s12083-015-0369-4
- Karabacak, B. and Tatar, U. Strategies to Counter Cyberattacks: Cyberthreats and Critical Infrastructure Protection. NATO Science for Peace and Security Series - E: Human and Societal Dynamics. 2012, Vol. Volume 116: Critical Infrastructure Protection.,
- Klasa, T. and El Fray, I. Data Scheme Conversion Proposal for Information Security Monitoring Systems. [book auth.] S. Kobayashi, et al., et al. Hard and Soft Computing for Artificial Intelligence, Multimedia and Security. s.l. : Springer International Publishing, 2017., http://dx.doi.org/10.1007/978-3-319-48429-7_15
- Kondakci, S., A causal model for information security risk assessment, 2010 Sixth International Conference on Information Assurance and Security, Atlanta, GA, 2010, pp. 143-148., http://dx.doi.org/10.1109/ISIAS.2010.5604039
- Li, T., Horkoff, J. & Mylopoulos, J. Softw Syst Model (2016). http://dx.doi.org/10.1007/s10270-016-0560-y
- Manganelli, R. L., Klein, M. M. The reengineering handbook: a step-by-step guide to business transformation. New York: AMACOM, 1994.,
- Martinelli, F. and Matteucci, I. A framework for automatic generation of security controller. Software Testing Verification & Reliability. 2008, pp. 563-582., http://dx.doi.org/10.1002/stvr.441
- NASA. Fault Tree Handbook with Aerospace Applications’, Version 1.1, NASA Publication. 2002.
- Pero, M. and Sudy, I. 2014. Increasing security and efficiency in supply chains: a five-step approach. International Journal of Shipping and Transport Logistics. 2014, Vol. 6, 3, pp. 257-279., http://dx.doi.org/10.1504/IJSTL.2014.060785
- Shashanka M., Shen M., Wang J., User and Entity Behavior Analytics for Enterprise Security. BigData, 2016. http://dx.doi.org/10.1109/BigData.2016.7840805
- Shim, J. K., Siegel J.G., Modern Cost Management and Analysis, Barron's Business Library, New York, 2009
- Stoppler, Melissa, Conrad, MD. 2014. MedicineNet.com. [Online] 12 1, 2014. http://www.medicinenet.com/script/main/art.asp?articlekey=79529.
- Thakore U., Weaver G., Sanders W., A Quantitative Methodology for Security Monitor Deployment, 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, IEEE, 2016, http://dx.doi.org/10.13140/RG.2.2.17533.56808
- Van Tan, V. and Yi, M.J. 2010. Design Issues and Approach to Internet-Based Monitoring and Control Systems. Trends in Applied Intelligent Systems, Pt1, Proceedings, Lecture Notes in Artificial Intelligence. 2010, Vol. 6096, pp. 478-488., http://dx.doi.org/10.1007/978-3-642-13022-9_48
- Vaarandi, R., Real-time Classification of IDS Alerts with Data Mining Techniques, Proceedings of the 2009 IEEE MILCOM Conference, IEEE 2009
- Wu, M.Z., et al. 2012. Development and Validation on Integrated Dynamic Security Monitoring Platform. 2012 Sixth International Conference on Genetic and Evolutionary Computing. 2012., http://dx.doi.org/10.1109/ICGEC.2012.80