وبلاگ بلیان

Critical information infrastructures security : 8th International Workshop, CRITIS 2013, Amsterdam, the Netherlands, September 16-18, 2013 : revised selected papers

معرفی کتاب «Critical information infrastructures security : 8th International Workshop, CRITIS 2013, Amsterdam, the Netherlands, September 16-18, 2013 : revised selected papers» نوشتهٔ Tjerk Bijlsma, Sander de Kievit, Jacco van de Sluis, Ellen van Nunen, Igor Passchier (auth.), Eric Luiijf, Pieter Hartel (eds.)، منتشرشده توسط نشر Springer International Publishing : Imprint: Springer. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

This book constitutes the thoroughly refereed post-proceedings of the 8th International Workshop on Critical Information Infrastructures Security, CRITIS 2013, held in Amsterdam, The Netherlands, in September 2013. The 16 revised full papers and 4 short papers were thoroughly reviewed and selected from 57 submissions. The papers are structured in the following topical sections: new challenges, natural disasters, smart grids, threats and risk, and SCADA/ICS and sensors. Critical Information Infrastructures Security Preface 5 CRITIS 2013 7 Table of Contents 10 New Challenges 10 Security Challenges for Cooperative and Interconnected Mobility Systems 13 1 Introduction 13 2 Attack Incentives 14 3 Mobile Internet Communication 16 4 Vehicular Ad Hoc Networking 17 5 Problems and Solutions 17 6 Security Risk Factors 19 7 In-vehicle Systems 20 5.1 Problems and Solutions 20 5.2 Security Risk Factors 22 8 Discussion 23 9 Conclusions 25 Study of In-Data Centre Backup Offices for Banks 28 1 Introduction 28 2 Mission Statement of the Banks in Japan 28 3 Incident Review 29 3.1 Business Impact of the Tohoku Pacific Earthquake 29 4 A Recovery Strategy 32 4.1 A Recovery Strategy of the BOJ (the Bank of Japan) 32 4.2 A Recovery Strategy of an International Financial Company 32 5 Dependencies and Criticality Tiers 33 5.1 For the Main Office 33 5.2 For the Backup Office 34 6 Case Study: Creating the Secondary Backup Office in the Kansai Region 34 7 Diagnoses and Potential Solutions 34 7.1 An In-Data Center (DC) Backup Office 34 7.2 ATMs 36 8 Conclusions 37 References 37 Protecting a Federated Database Infrastructure against Denial-of-Service Attacks 38 1 Introduction 38 2 X-Road Overview 39 3 Requirements 40 4 Solutions 42 4.1 Center-Independent Work 42 4.2 Alternative Channels 44 4.3 Replication of Databases 46 4.4 Channel Switching Logic 47 5 Conclusions and Further Work 48 Minimizing the Impact of In-band Jamming Attacks in WDM Optical Networks 50 1 Introduction 50 2 Network and Attack Models 52 2.1 Network Model 52 2.2 Attack Propagation Model 52 3 Attack-Aware RWA Problem 53 3.1 ILP Formulation 54 3.2 Variations of the ILP Formulation 55 3.3 Variables and Constraints 56 3.4 LP Relaxation Techniques 57 4 Simulation Results 57 5 Conclusions 60 References 61 Natural Disasters 10 The Role of Critical Infrastructures’ Interdependencieson the Impacts Caused by Natural Disasters 62 1 Introduction 62 2 CIs and Their Interdependencies 63 3 CIs Interdependencies Modelling and SimulationMethodologies 64 4 CIs Interdependencies Simulation Model 65 5 Conclusion 70 References 71 Analysis of Severe Space Weather on Critical Infrastructures 74 1 Introduction 74 Modeling the Effects of a 2 Solar Wind on Ground Critical Infrastructures 76 2.1 Direct Effects 76 2.2 Indirect Effects 77 3 Cisia Simulator 79 4 Case of Study 80 5 Conclusions 82 Smart Grids 10 A Plug and Play, Approximation-Based, Selective LoadShedding Mechanism for the Future Electrical Grid 86 1 Introduction 86 2 Conventional Load Shedding Practices 87 3 Proposed Load Shedding Practice 88 4 Implementation of the Methodology 90 5 Conclusions 94 References 94 A Framework for Risk Analysis in Smart Grid 96 1 Introduction 96 2 Background 98 2.1 Current Smart Grid Scenario 98 2.2 Models for Smart Grids 98 3 Preparation for the Risk Analysis Framework 99 3.1 Chaos in Risk Terms 99 3.2 Defining Elements of Risk 100 4 Proposed Framework 101 4.1 Purpose 101 4.2 Framework Description 101 5 Indicative Application of the Framework 104 5.1 Testing the Framework 104 5.2 How to Use the Framework 104 6 Conclusion and Discussion 106 References 106 Physical Attestation of Cyber Processesin the Smart Grid 108 1 Introduction 108 2 System Overview 109 2.1 Smart Grid Architecture 109 2.2 Fake Supply Attack 110 2.3 Formal System Model 110 3 Nondeducible Attack 111 3.1 Nondeducibility 111 3.2 Attack Analysis 111 4 Physical Attestation 112 4.1 Conservation of Power 112 4.2 Malicious Participants 113 4.3 Physical Attestation Algorithm 115 5 Making It Deducible 116 5.1 System Modifications 117 5.2 Attack Analysis 117 6 Conclusion 118 Threats and Risk 11 QSec: Supporting Security Decisions on an IT Infrastructure 120 1 Introduction 120 2 Related Works 121 3 The Problem 121 3.1 The Proposed Solution 123 4 QSec 124 4.1 Detecting Global Vulnerabilities 124 4.2 QSec Database 126 4.3 Database Query Analysis 127 5 The Case Study 129 6 Conclusion and Future Works 130 Structural Controllability of Networks for Non-interactive Adversarial Vertex Removal 132 1 Introduction 132 2 Structural Controllability and Power Domination 133 3 Network and Attack Models 135 3.1 Network Models 136 3.2 Vertex Choices 136 3.3 Attack Models 137 4 Structural Controllability under Vertex Removal 138 5 Conclusions 141 Real Time Threat Prediction, Identification andMitigation for Critical Infrastructure Protection UsingSemantics, Event Processing and Sequential Analysis 145 1 Introduction 145 2 Related Work 146 3 Implemented Semantic Driven Architecture 147 3.1 Semantic Monitoring Block 148 3.2 Reasoning Block 150 3.3 Decision Support Tool User Interface 150 4 Conclusions and Future Work 151 References 152 Determining Risks from Advanced Multi-step Attacks to Critical Information Infrastructures 154 1 Introduction 154 2 Related Work 156 3 System Model 156 4 Risk Analysis 158 4.1 Host and Connectivity Identification 158 4.2 Common Vulnerability Enumeration 159 4.3 Vulnerability Modelling and Chaining 160 4.4 Attack Path Identification 162 5 Case Study 163 6 Conclusion 164 SCADA/ICS and Sensors 11 On the Feasibility of Device Fingerprinting in Industrial Control Systems 167 1 Introduction 167 2 Background 168 2.1 ICS Overview 168 2.2 Device Fingerprinting 169 3 A Reference Model for Device Fingerprinting 171 4 Fingerprinting Applicability on ICS 172 4.1 Overview 172 4.2 Tests 173 4.3 IT/ICS Comparison 173 5 ICS Fingerprinting Based on the Reference Model 174 6 Conclusions and Future Works 176 Bridging Dolev-Yao Adversaries and Control Systems with Time-Sensitive Channels 179 1 Introduction 179 2 System Model and Abstraction 181 2.1 State Space Model 181 2.2 -Grain Abstractions 181 3 Protocol Model and Adversary Goals 185 3.1 Protocol Syntax and Properties: Freshness, Ordering and Bounded Lifespan 185 3.2 Merging -Grained Abstractions and Adversary Goals 186 3.3 Models and Attacks 188 4 Conclusion and Future Work 190 An Indoor Contaminant Sensor Placement Toolbox for Critical Infrastructure Buildings 191 1 Introduction 191 2 Problem Formulation 194 3 Software Architecture 196 4 Case Study 197 5 Conclusions and Future Work 201 Short Papers 11 Optimization Models in a Smart Tool for the Railway Infrastructure Protection 203 1 Introduction 203 2 RIS, Attacks, Protection Devices and a Smart Tool 204 3 The Optimization Module 204 3.1 Coverage Model Selection 205 4 Application of the OM to a Railway Station 207 5 Conclusions 208 References 208 Towards Automatic Critical Infrastructure Protection through Machine Learning 209 1 Introduction 209 1.1 Machine Learning Techniques 210 2 Levels of Automation of an IDS in CIP 210 3 Analysis of the Current Literature 212 4 Conclusions 213 Using NATO Labelling to Support ControlledInformation Sharing between Partners 216 1 Introduction 216 2 NL: A Standardized Approach to Labelling Data Objects 217 3 Conclusions and Way Forward to Adopting NL 222 References 223 A Framework for Privacy Protection and Usage Control of Personal Data in a Smart City Scenario 224 1 Introduction 224 2 Related Work 224 3 Trusted Usage Framework 225 3.1 Identity 225 3.2 Trust Negotiation 226 3.3 Usage Control 226 3.4 Framework General Overview 226 4 Smart City Case Study 227 5 Conclusion and Future Work 228 Author Index 230 Front Matter....Pages - Security Challenges for Cooperative and Interconnected Mobility Systems....Pages 1-15 Study of In-Data Centre Backup Offices for Banks....Pages 16-25 Protecting a Federated Database Infrastructure against Denial-of-Service Attacks....Pages 26-37 Minimizing the Impact of In-band Jamming Attacks in WDM Optical Networks....Pages 38-49 The Role of Critical Infrastructures’ Interdependencies on the Impacts Caused by Natural Disasters....Pages 50-61 Analysis of Severe Space Weather on Critical Infrastructures....Pages 62-73 A Plug and Play, Approximation-Based, Selective Load Shedding Mechanism for the Future Electrical Grid....Pages 74-83 A Framework for Risk Analysis in Smart Grid....Pages 84-95 Physical Attestation of Cyber Processes in the Smart Grid....Pages 96-107 QSec: Supporting Security Decisions on an IT Infrastructure....Pages 108-119 Structural Controllability of Networks for Non-interactive Adversarial Vertex Removal....Pages 120-132 Real Time Threat Prediction, Identification and Mitigation for Critical Infrastructure Protection Using Semantics, Event Processing and Sequential Analysis....Pages 133-141 Determining Risks from Advanced Multi-step Attacks to Critical Information Infrastructures....Pages 142-154 On the Feasibility of Device Fingerprinting in Industrial Control Systems....Pages 155-166 Bridging Dolev-Yao Adversaries and Control Systems with Time-Sensitive Channels....Pages 167-178 An Indoor Contaminant Sensor Placement Toolbox for Critical Infrastructure Buildings....Pages 179-190 Optimization Models in a Smart Tool for the Railway Infrastructure Protection....Pages 191-196 Towards Automatic Critical Infrastructure Protection through Machine Learning....Pages 197-203 Using NATO Labelling to Support Controlled Information Sharing between Partners....Pages 204-211 A Framework for Privacy Protection and Usage Control of Personal Data in a Smart City Scenario....Pages 212-217 Back Matter....Pages - This book constitutes the thoroughly refereed post-proceedings of the 7th International Workshop on Critical Information Infrastructures Security, CRITIS 2012, held in Lillehammer, Norway, in September 2012. The 23 revised full papers were thoroughly reviewed and selected from 67 submissions. smart metering and grid, analysis and modeling;
دانلود کتاب Critical information infrastructures security : 8th International Workshop, CRITIS 2013, Amsterdam, the Netherlands, September 16-18, 2013 : revised selected papers