Novelty detection and management to safeguard information-intensive critical infrastructures

International Journal of Emergency Management

Volumn 4, Issue 1, 2007, Pages 88-103

  Balducelli, Claudio ^a   Lavalle, Luisa ^a   Vicoli, Giordano ^a  

^a ENEA   (Italy)

Author keywords

Case based reasoning; CBR; Critical infrastructures; Data mining; Neural networks; Novelty detection; Wrong signatures

Indexed keywords

ALARM SYSTEMS; CASE BASED REASONING; COMPUTER SIMULATION; DATA MINING; ELECTRIC FAULT LOCATION; NEURAL NETWORKS; SCADA SYSTEMS;

CRITICAL INFRASTRUCTURES; NOVELTY DETECTION; WRONG SIGNATURES;

ELECTRIC POWER TRANSMISSION;

ARTICLE; CORRELATION ANALYSIS; EARLY DIAGNOSIS; ELECTRICITY; EMERGENCY HEALTH SERVICE; ENERGY TRANSFER; HEALTH CARE POLICY; INFORMATION PROCESSING; INFORMATION SYSTEM; STATISTICAL ANALYSIS; TELECOMMUNICATION;

EID: 33947501709     PISSN: 14714825     EISSN: 17415071     Source Type: Journal    
DOI: 10.1504/IJEM.2007.012391     Document Type: Article

References (19)

1. Balducelli, C. (2003) 'Modelling attack scenarios against software intensive critical infrastructures', 10th Annual Conference of the International Emergency Management Society, Sophia-Antipolis. Provence, France, 3-6 June.
2. Balducelli, C. and Brusoni. F. (1996) 'A CBR tool to simulate diagnostic case-based operator's model', Proceedings of 8th European Simulation Symposium, Genoa, Italy, October, pp.298-301.
3. Bass, T. (2000) Intrusion Defection Systems Multisensor Data Fusion: Creating Cyberspace Situational Awareness, Communication of the ACM. January, Vol. 43, No. 1, pp.99-105, http://www.silkroad.com/papers/ acm.fusion.ids.ps.
4. Cuppens, F. and Miege, A, (2002) 'Alert correlation in a cooperative inaction detection framework', Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May.
5. Debar, H. and Wespi, A. (2001) 'Aggregation and correlation of intrusion-detection alerts', Proceedings of the International Symposium on Recent Advances in Intrusion Detection, Davis, CA, October, pp-85-103.
6. Ernst, M. (2000) 'Dynamically discovering likely program invariants', PhD Thesis, University of Washington.
7. Hofmeyr, S.A. and Foorest, S. (2000) 'Architecture for an artificial immune system', Evolutionary Computing Journal, Vol. 8, No. 4, pp.443-473.
8. Kendra, J. and Wachtendorf, T. (2002) 'Creativity in emergency response after the World Trade Center attack', 9th Annual Conference of The International Emergency Management Society, Waterloo, Canada, 14-17 May.
9. Moore, A., Ellison. R. and Linger, R. (2001) 'Attack modeling for information security and survivability', Technical Note, CMU/ SEI-2001-TN-001, Survivable Systems Group, Software Engineering Institute, Carnegie Mellon University, March.
10. Oman, P., Schweitzer. E. and Frincke, D. (2000) 'Concerns about intrusions into remotely accessible substation controllers and SCADA systems', 27th Annual Western Protective Relay Conference, 23-26 October, Spokane, WA, Paper No 4, http://www.selinc.com.
11. Oman, P., Schweitzer, E. and Roberts, J. (2001) 'Safeguarding IEDs, substations, and SCADA systems against electronic intrusions', Western Power Delivery Automation Conference, 10-12 April, Spokane, WA, Paper No. 1.
12. Sheng, L. and Quiang, Y. (2001) 'An agent system that integrates case-base reasoning and active databases', International Journal of Knowledge and Information System, Spriger-Verlag, Vol. 3, pp.225-251.
13. Somayaji, A., Hofmeyr, S. and Forrest, S. (1998) 'Principle of computer immune system', New Security Paradigms Workshop, Langdale, Cumbria, UK, pp.67-72.
14. Swiler, L.P., Phillips, C. and Gaylor, T. (1998) 'A graph-based network-vulnerability analysis system', Sandia Report, SAND97-3010/1, Sandia National Laboratories, Albuquerque, New Mexico, USA, January.
15. Terran, L. and Brodley, C.E. (1999) 'Temporal sequence learning and data reduction for anomaly detection', ACM Transactions on Information and System Security (TISSEC), August, Vol. 2, No. 3, pp.295-331.
16. Timusk, M.A. and Mechefske, C.K. (2002) 'Applying neural network-based novelty detection to industrial machinery', KES 2002 Knowledge-Based Intelligent Information Engineering Systems & Allied Technologies, IOS Press Ohmsha.
17. Varshney, P. (1995) Distributed Detection and Data Fusion, New York: Springer-Verlag.
18. Webster, W.H., De Borchgrave, A., Gallagher, P.R., Cilluffo, F.J., Berkowitz, B.D. and Lanz, S. (1998) 'Cybercrime.. cyberterrorism.. cyberwarfare..: averting an electronic waterloo', Center for Strategic and International Studies (CSIS), Washington, DC. November.
19. Witten, H. and Frank, E. (2000) Data Mining, San Francisco, CA: Morgan Kaufmann Publisher.