Situational Awareness & Security |
Situational awareness is an important human factor for cyber security. The works cited here cover specific problems. In April 2014, IEEE published a Special Issue on Signal Processing for Situational Awareness from Networked Sensors and Social Media. That material is available at: http://ieeexplore.ieee.org/xpl/tocresult.jsp?isnumber=6757015&punumber=78 The publications cited here are from other sources.
Toshiro Yano, E.; Bhatt, P.; Gustavsson, P.M.; Ahlfeldt, R.-M., "Towards a Methodology for Cybersecurity Risk Management Using Agents Paradigm," Intelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint, pp.325,325, 24-26 Sept. 2014. doi: 10.1109/JISIC.2014.70 In order to deal with shortcomings of security management systems, this work proposes a methodology based on agents paradigm for cybersecurity risk management. In this approach a system is decomposed in agents that may be used to attain goals established by attackers. Threats to business are achieved by attacker's goals in service and deployment agents. To support a proactive behavior, sensors linked to security mechanisms are analyzed accordingly with a model for Situational Awareness(SA)[4].
Keywords: business continuity; risk management; security of data; SA; agents paradigm; business continuity ;cybersecurity risk management; proactive behavior; security management systems; sensors; situational awareness; Analytical models; Computer security; Educational institutions; Informatics; Risk management; Agent Based Paradigm; Cybersecurity Risk Management; Situational Awareness (ID#: 15-3821)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6975608&isnumber=6975536
Dressler, J.; Bowen, C.L.; Moody, W.; Koepke, J., "Operational Data Classes For Establishing Situational Awareness In Cyberspace," Cyber Conflict (CyCon 2014), 2014 6th International Conference on, pp.175, 186, 3-6 June 2014. doi: 10.1109/CYCON.2014.6916402 The United States, including the Department of Defense, relies heavily on information systems and networking technologies to efficiently conduct a wide variety of missions across the globe. With the ever-increasing rate of cyber attacks, this dependency places the nation at risk of a loss of confidentiality, integrity, and availability of its critical information resources; degrading its ability to complete the mission. In this paper, we introduce the operational data classes for establishing situational awareness in cyberspace. A system effectively using our key information components will be able to provide the nation's leadership timely and accurate information to gain an understanding of the operational cyber environment to enable strategic, operational, and tactical decision-making. In doing so, we present, define and provide examples of our key classes of operational data for cyber situational awareness and present a hypothetical case study demonstrating how they must be consolidated to provide a clear and relevant picture to a commander. In addition, current organizational and technical challenges are discussed, and areas for future research are addressed.
Keywords: decision making; defence industry; information systems; military computing; security of data; Department of Defense; United States;cyber attacks; cyber situational awareness; cyberspace; information systems; networking technologies; operational cyber environment; operational data classes; operational decision-making; strategic decision-making; tactical decision-making; Cyberspace; Decision making; Educational institutions; Intrusion detection; Real-time systems; US Department of Defense; cyber situational awareness; cyberspace operations; operational needs (ID#: 15-3822)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6916402&isnumber=6916383
Zonouz, S.; Davis, C.M.; Davis, K.R.; Berthier, R.; Bobba, R.B.; Sanders, W.H., "SOCCA: A Security-Oriented Cyber-Physical Contingency Analysis in Power Infrastructures," Smart Grid, IEEE Transactions on, vol.5, no.1, pp. 3,13, Jan. 2014. doi: 10.1109/TSG.2013.2280399 Contingency analysis is a critical activity in the context of the power infrastructure because it provides a guide for resiliency and enables the grid to continue operating even in the case of failure. In this paper, we augment this concept by introducing SOCCA, a cyber-physical security evaluation technique to plan not only for accidental contingencies but also for malicious compromises. SOCCA presents a new unified formalism to model the cyber-physical system including interconnections among cyber and physical components. The cyber-physical contingency ranking technique employed by SOCCA assesses the potential impacts of events. Contingencies are ranked according to their impact as well as attack complexity. The results are valuable in both cyber and physical domains. From a physical perspective, SOCCA scores power system contingencies based on cyber network configuration, whereas from a cyber perspective, control network vulnerabilities are ranked according to the underlying power system topology.
Keywords: power grids; power system planning; power system security; SOCCA; accidental contingency; control network; cyber components; cyber network configuration; cyber perspective; cyber-physical security evaluation; grid operation; malicious compromises; physical components; power infrastructures; power system contingency; power system topology; security-oriented cyber-physical contingency analysis; Algorithm design and analysis; Indexes; Mathematical model; Network topology; Power grids; Security; Contingency analysis; cyber-physical systems; security; situational awareness; state estimation (ID#: 15-3823)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6687271&isnumber=6693741
Boleng, J.; Novakouski, M.; Cahill, G.; Simanta, S.; Morris, E., "Fusing Open Source Intelligence and Handheld Situational Awareness: Benghazi Case Study," Military Communications Conference (MILCOM), 2014 IEEE, pp.1421, 1426, 6-8 Oct. 2014. doi: 10.1109/MILCOM.2014.158 This paper reports the results and findings of a historical analysis of open source intelligence (OSINT) information (namely Twitter data) surrounding the events of the September 11, 2012 attack on the US Diplomatic mission in Benghazi, Libya. In addition to this historical analysis, two prototype capabilities were combined for a table top exercise to explore the effectiveness of using OSINT combined with a context aware handheld situational awareness framework and application to better inform potential responders as the events unfolded. Our experience shows that the ability to model sentiment, trends, and monitor Keywords in streaming social media, coupled with the ability to share that information to edge operators can increase their ability to effectively respond to contingency operations as they unfold.
Keywords: history; national security; social networking (online); ubiquitous computing; Benghazi case study ;Libya; OSINT information; Twitter data; US Diplomatic mission; context aware handheld situational awareness framework; context computing; contingency operations; edge operators; events attack; historical analysis; information sharing; open source intelligence information; prototype capabilities; social media streaming; table top exercise; Command and control systems; Context; Media; Personnel; Prototypes; Real-time systems; Twitter; context computing; open source intelligence; real time processing; situational awareness; social media (ID#: 15-3824)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6956956&isnumber=6956719
Kuntz, K.; Smith, M.; Wedeward, K.; Collins, M., "Detecting, Locating, & Quantifying False Data Injections Utilizing Grid Topology Through Optimized D-FACTS Device Placement," North American Power Symposium (NAPS), 2014, pp.1, 6, 7-9 Sept. 2014. doi: 10.1109/NAPS.2014.6965352 Power grids are monitored by gathering data through remote sensors and estimating the state of the grid. Bad data detection schemes detect and remove poor data. False data is a special type of data injection designed to evade typical bad data detection schemes and compromise state estimates, possibly leading to improper control of the grid. Topology perturbation is a situational awareness method that implements the use of distributed flexible AC transmission system devices to alter impedance on optimally chosen lines, updating the grid topology and exposing the presence of false data. The success of the topology perturbation for improving grid control and exposing false data in AC state estimation is demonstrated. A technique is developed for identifying the false data injection attack vector and quantifying the compromised measurements. The proposed method provides successful false data detection and identification in IEEE 14, 24, and 39-bus test systems using AC state estimation.
Keywords: flexible AC transmission systems; power grids; power system state estimation; AC state estimation; bad data detection scheme; distributed flexible AC transmission system devices; false data injection attack vector; grid topology; optimized D-FACTS device placement; power grids; situational awareness method; topology perturbation; Jacobian matrices; Perturbation methods; Power grids; State estimation; Topology; Transmission line measurements; Vectors; Distributed Flexible AC Transmission Systems; Power Grids; Power System Security; Voltage Control (ID#: 15-3825)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6965352&isnumber=6965351
Linda, O.; Wijayasekara, D.; Manic, M.; McQueen, M., "Optimal Placement of Phasor Measurement Units in Power Grids using Memetic Algorithms," Industrial Electronics (ISIE), 2014 IEEE 23rd International Symposium on, pp. 2035, 2041, 1-4 June 2014. doi: 10.1109/ISIE.2014.6864930 Wide area monitoring, protection and control for power network systems are one of the fundamental components of the smart grid concept. Synchronized measurement technology such as the Phasor Measurement Units (PMUs) will play a major role in implementing these components and they have the potential to provide reliable and secure full system observability. The problem of Optimal Placement of PMUs (OPP) consists of locating a minimal set of power buses where the PMUs must be placed in order to provide full system observability. In this paper a novel solution to the OPP problem using a Memetic Algorithm (MA) is proposed. The implemented MA combines the global optimization power of genetic algorithms with local solution tuning using the hill-climbing method. The performance of the proposed approach was demonstrated on IEEE benchmark power networks as well as on a segment of the Idaho region power network. It was shown that the proposed solution using a MA features significantly faster convergence rate towards the optimum solution.
Keywords: distribution networks; genetic algorithms; phasor measurement; power system control; power system protection; power system reliability; power system security; smart power grids; IEEE benchmark power networks; Idaho region power network; OPP problem; genetic algorithms; hill-climbing method; memetic algorithms; phasor measurement units; power buses; power grids; power network systems control; power network systems protection; smart grid; synchronized measurement technology; wide area monitoring; Genetic algorithms; Memetics; Observability; Phasor measurement units; Power grids; Sociology; Statistics; Memetic Algorithm; Optimal PMU Placement; Phasor Measurement Units; Power Grid; Situational Awareness (ID#: 15-3826)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6864930&isnumber=6864573
Falcon, Rafael; Abielmona, Rami; Billings, Sean; Plachkov, Alex; Abbass, Hussein, "Risk Management With Hard-Soft Data Fusion In Maritime Domain Awareness," Computational Intelligence for Security and Defense Applications (CISDA), 2014 Seventh IEEE Symposium on, pp. 1, 8, 14-17 Dec. 2014. doi: 10.1109/CISDA.2014.7035641 Enhanced situational awareness is integral to risk management and response evaluation. Dynamic systems that incorporate both hard and soft data sources allow for comprehensive situational frameworks which can supplement physical models with conceptual notions of risk. The processing of widely available semi-structured textual data sources can produce soft information that is readily consumable by such a framework. In this paper, we augment the situational awareness capabilities of a recently proposed risk management framework (RMF) with the incorporation of soft data. We illustrate the beneficial role of the hard-soft data fusion in the characterization and evaluation of potential vessels in distress within Maritime Domain Awareness (MDA) scenarios. Risk features pertaining to maritime vessels are defined a priori and then quantified in real time using both hard (e.g., Automatic Identification System, Douglas Sea Scale) as well as soft (e.g., historical records of worldwide maritime incidents) data sources. A risk-aware metric to quantify the effectiveness of the hard-soft fusion process is also proposed. Though illustrated with MDA scenarios, the proposed hard-soft fusion methodology within the RMF can be readily applied to other domains.
Keywords: Data mining; Feature extraction; Feeds; Hidden Markov models; Marine vehicles; Measurement; Risk management (ID#: 15-3827)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7035641&isnumber=7035614
Chenine, M.; Ullberg, J.; Nordstrom, L.; Wu, Y.; Ericsson, G.N., "A Framework for Wide-Area Monitoring and Control Systems Interoperability and Cybersecurity Analysis," Power Delivery, IEEE Transactions on, vol. 29, no. 2, pp.633,641, April 2014. doi: 10.1109/TPWRD.2013.2279182 Wide-area monitoring and control (WAMC) systems are the next-generation operational-management systems for electric power systems. The main purpose of such systems is to provide high resolution real-time situational awareness in order to improve the operation of the power system by detecting and responding to fast evolving phenomenon in power systems. From an information and communication technology (ICT) perspective, the nonfunctional qualities of these systems are increasingly becoming important and there is a need to evaluate and analyze the factors that impact these nonfunctional qualities. Enterprise architecture methods, which capture properties of ICT systems in architecture models and use these models as a basis for analysis and decision making, are a promising approach to meet these challenges. This paper presents a quantitative architecture analysis method for the study of WAMC ICT architectures focusing primarily on the interoperability and cybersecurity aspects.
Keywords: SCADA systems; decision making; open systems; power system management; power system measurement; power system security; WAMC ICT architecture; cybersecurity analysis; decision making; electric power system; enterprise architecture method; information and communication technology; next generation operational management system; nonfunctional quality; real time situational awareness; wide area monitoring and control systems interoperability; Analytical models; Computer security; Interoperability; Network interfaces; Power systems; Protocols; Unified modeling language; Communication systems; cybersecurity; enterprise architecture analysis; interoperability; wide-area monitoring and control systems (WAMCS) (ID#: 15-3828)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6702498&isnumber=6776443
Kaci, A.; Kamwa, I.; Dessaint, L.-A.; Guillon, S., "Phase Angles as Predictors of Network Dynamic Security Limits and Further Implications," PES General Meeting | Conference & Exposition, 2014 IEEE, pp.1, 6, 27-31 July 2014. doi: 10.1109/PESGM.2014.6939281 In the United States, the number of Phasor Measurement Units (PMU) will increase from 166 networked devices in 2010 to 1043 in 2014. According to the Department of Energy, they are being installed in order to “evaluate and visualize reliability margin (which describes how close the system is to the edge of its stability boundary).” However, there is still a lot of debate in academia and industry around the usefulness of phase angles as unambiguous predictors of dynamic stability. In this paper, using 4-year of actual data from Hydro-Québec EMS, it is shown that phase angles enable satisfactory predictions of power transfer and dynamic security margins across critical interface using random forest models, with both explanation level and R-squares accuracy exceeding 99%. A generalized linear model (GLM) is next implemented to predict phase angles from day-ahead to hour-ahead time frames, using historical phase angles values and load forecast. Combining GLM based angles forecast with random forest mapping of phase angles to power transfers result in a new data-driven approach for dynamic security monitoring.
Keywords: energy management systems; load forecasting; phasor measurement; random processes; GLM;P MU; R-squares accuracy; dynamic security margins; dynamic security monitoring; generalized linear model; historical phase angles values; load forecast; network dynamic security limits; phasor measurement units; power transfer; random forest mapping; random forest models; Monitoring; Phasor measurement units; Power system stability; Predictive models; Radio frequency; Security; Stability analysis; Data mining; Dynamic Security Assessment (DSA); Dynamic Security Monitoring; Phasor measurement unit (PMU);Random Forest (RF); Synchrophasor; System reliability; Wide-Area Situational Awareness (WASA) (ID#: 15-3829)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6939281&isnumber=6938773
Cam, H.; Mouallem, P.; Yilin Mo; Sinopoli, B.; Nkrumah, B., "Modeling Impact Of Attacks, Recovery, And Attackability Conditions For Situational Awareness," Cognitive Methods in Situation Awareness and Decision Support (CogSIMA), 2014 IEEE International Inter-Disciplinary Conference on, pp.181,187, 3-6 March 2014. doi: 10.1109/CogSIMA.2014.6816560 A distributed cyber control system comprises various types of assets, including sensors, intrusion detection systems, scanners, controllers, and actuators. The modeling and analysis of these components usually require multi-disciplinary approaches. This paper presents a modeling and dynamic analysis of a distributed cyber control system for situational awareness by taking advantage of control theory and time Petri net. Linear time-invariant systems are used to model the target system, attacks, assets influences, and an anomaly-based intrusion detection system. Time Petri nets are used to model the impact and timing relationships of attacks, vulnerability, and recovery at every node. To characterize those distributed control systems that are perfectly attackable, algebraic and topological attackability conditions are derived. Numerical evaluation is performed to determine the impact of attacks on distributed control system.
Keywords: Petri nets; distributed processing; security of data; actuators; anomaly-based intrusion detection system; assets influence; control theory; controllers; distributed control system; distributed cyber control system; dynamic analysis; linear time-invariant system; modeling impact; numerical evaluation; scanners; situational awareness; time Petri nets; timing relationships; topological attackability condition; Analytical models; Decentralized control; Fires; Intrusion detection; Linear systems; Sensors (ID#: 15-3830)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6816560&isnumber=6816529
Kornmaier, A.; Jaouen, F., "Beyond Technical Data - A More Comprehensive Situational Awareness Fed By Available Intelligence Information," Cyber Conflict (CyCon 2014), 2014 6th International Conference on, pp.139,154, 3-6 June 2014. doi: 10.1109/CYCON.2014.6916400 Information on cyber incidents and threats are currently collected and processed with a strong technical focus. Threat and vulnerability information alone are not a solid base for effective, affordable or actionable security advice for decision makers. They need more than a small technical cut of a bigger situational picture to combat and not only to mitigate the cyber threat. We first give a short overview over the related work that can be found in the literature. We found that the approaches mostly analysed “what” has been done, instead of looking more generically beyond the technical aspects for the tactics, techniques and procedures to identify the “how” it was done, by whom and why. We examine then, what information categories and data already exist to answer the question for an adversary's capabilities and objectives. As traditional intelligence tries to serve a better understanding of adversaries' capabilities, actions, and intent, the same is feasible in the cyber space with cyber intelligence. Thus, we identify information sources in the military and civil environment, before we propose to link that traditional information with the technical data for a better situational picture. We give examples of information that can be collected from traditional intelligence for correlation with technical data. Thus, the same intelligence operational picture for the cyber sphere could be developed like the one that is traditionally fed from conventional intelligence disciplines. Finally we propose a way of including intelligence processing in cyber analysis. We finally outline requirements that are key for a successful exchange of information and intelligence between military/civil information providers.
Keywords: decision making; information resources; security of data; adversary capabilities; civil environment; civil information providers; cyber analysis; cyber incidents; cyber intelligence; cyber space; cyber threats; decision makers; information categories; Information sources; intelligence information; intelligence processing; military environment; military information providers; situational awareness; technical data; threat information; vulnerability information; Bibliographies; Charge coupled devices; Context; Decision making; Malware; Solids; cyber; cyber intelligence; information collection fusion; intelligence (ID#: 15-3931)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6916400&isnumber=6916383
Okathe, T.; Heydari, S.S.; Sood, V.; El-Khatib, K., "Unified Multi-Critical Infrastructure Communication Architecture," Communications (QBSC), 2014 27th Biennial Symposium on, pp.178,183, 1-4 June 2014. doi: 10.1109/QBSC.2014.6841209 Recent events have brought to light the increasingly intertwined nature of modern infrastructures. As a result much effort is being put towards protecting these vital infrastructures without which modern society suffers dire consequences. These infrastructures, due to their intricate nature, behave in complex ways. Improving their resilience and understanding their behavior requires a collaborative effort between the private sector that operates these infrastructures and the government sector that regulates them. This collaboration in the form of information sharing requires a new type of information network whose goal is in two parts to enable infrastructure operators share status information among interdependent infrastructure nodes and also allow for the sharing of vital information concerning threats and other contingencies in the form of alerts. A communication model that meets these requirements while maintaining flexibility and scalability is presented in this paper.
Keywords: computer network reliability; critical infrastructures; communication model; government sector; information network; information sharing; interdependent infrastructure nodes; private sector; unified multicritical infrastructure communication architecture; Data models; Information management; Monitoring; Quality of service; Security; Subscriptions; Critical Infrastructure; Information Sharing; Interdependency; Publish/Subscribe; Situational awareness (ID#: 15-3832)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6841209&isnumber=6841165
Coatsworth, M.; Tran, J.; Ferworn, A., "A Hybrid Lossless And Lossy Compression Scheme for streaming RGB-D data in Real Time," Safety, Security, and Rescue Robotics (SSRR), 2014 IEEE International Symposium on, pp. 1,6, 27-30 Oct. 2014. doi: 10.1109/SSRR.2014.7017650 Mobile and aerial robots used in urban search and rescue (USAR) operations have shown the potential for allowing us to explore, survey and assess collapsed structures effectively at a safe distance. RGB-D cameras, such as the Microsoft Kinect, allow us to capture 3D depth data in addition to RGB images, providing a significantly richer user experience than flat video, which may provide improved situational awareness for first responders. However, the richer data comes at a higher cost in terms of data throughput and computing power requirements. In this paper we consider the problem of live streaming RGB-D data over wired and wireless communication channels, using low-power, embedded computing equipment. When assessing a disaster environment, a range camera is typically mounted on a ground or aerial robot along with the onboard computer system. Ground robots can use both wireless radio and tethers for communications, whereas aerial robots can only use wireless communication. We propose a hybrid lossless and lossy streaming compression format designed specifically for RGB-D data and investigate the feasibility and usefulness of live-streaming this data in disaster situations.
Keywords: aerospace robotics; cameras; data compression; image colour analysis; rescue robots; robot vision; video streaming;3D depth data capture; Microsoft Kinect; RGB images; RGB-D cameras; RGB-D data streaming; USAR operations; aerial robots; computing power requirements; data throughput; disaster environment; live streaming; lossless compression scheme; lossy compression scheme; low-power embedded computing equipment; mobile robots; red-green-blue-depth data; tethers; urban search and rescue; wireless radio; Computers; Hardware; Image coding; Robots; Servers; Three-dimensional displays; Wireless communication;3D;USAR;compression;point cloud; response robot; streaming; video (ID#: 15-3833)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7017650&isnumber=7017643
Sunny, S.; Pavithran, V.; Achuthan, K., "Synthesizing Perception Based On Analysis Of Cyber Attack Environments," Advances in Computing, Communications and Informatics (ICACCI, 2014 International Conference on, pp.2027, 2030, 24-27 Sept. 2014. doi: 10.1109/ICACCI.2014.6968639 Analysing cyber attack environments yield tremendous insight into adversary behavior, their strategy and capabilities. Designing cyber intensive games that promote offensive and defensive activities to capture or protect assets assist in the understanding of cyber situational awareness. There exists tangible metrics to characterizing games such as CTFs to resolve the intensity and aggression of a cyber attack. This paper synthesizes the characteristics of InCTF (India CTF) and provides an understanding of the types of vulnerabilities that have the potential to cause significant damage by trained hackers. The two metrics i.e. toxicity and effectiveness and its relation to the final performance of each team is detailed in this context.
Keywords: computer crime; computer games; social aspects of automation; InCTF characteristics; India CTF; adversary behavior; assets protection;cyber attack aggression; cyber attack environments; cyber attack intensity ;cyber intensive games; cyber situational awareness; defensive activities; hackers; offensive activities; perception synthesis; toxicity metrics; vulnerabilities types; Computer crime; Computer hacking ;Equations; Games; Measurement; Analytic Hierarchy Process; Cyber situational awareness; Framework; Hacking; Vulnerability (ID#: 15-3834)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6968639&isnumber=6968191
Vellaithurai, C.; Srivastava, A.; Zonouz, S.; Berthier, R., "CPINDEX: Cyber-Physical Vulnerability Assessment for Power-Grid Infrastructures," Smart Grid, IEEE Transactions on, vol. PP, no.99, pp.1, 1, 08 December 2014. doi: 10.1109/TSG.2014.2372315 To protect complex power-grid control networks, power operators need efficient security assessment techniques that take into account both cyber side and the power side of the cyber-physical critical infrastructures. In this paper, we present CPINDEX, a security-oriented stochastic risk management technique that calculates cyber-physical security indices to measure the security level of the underlying cyber-physical setting. CPINDEX installs appropriate cyber-side instrumentation probes on individual host systems to dynamically capture and profile low-level system activities such as interprocess communications among operating system assets. CPINDEX uses the generated logs along with the topological information about the power network configuration to build stochastic Bayesian network models of the whole cyber-physical infrastructure and update them dynamically based on the current state of the underlying power system. Finally, CPINDEX implements belief propagation algorithms on the created stochastic models combined with a novel graph-theoretic power system indexing algorithm to calculate the cyber-physical index, i.e., to measure the security-level of the system's current cyber-physical state. The results of our experiments with actual attacks against a real-world power control network shows that CPINDEX, within few seconds, can efficiently compute the numerical indices during the attack that indicate the progressing malicious attack correctly.
Keywords: Generators; Indexes; Power measurement; Security; Smart grids; Cyber-physical security metrics; cyber-physical systems; intrusion detection systems; situational awareness (ID#: 15-3835)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6979242&isnumber=5446437
Pirinen, R., "Studies of Integration Readiness Levels: Case Shared Maritime Situational Awareness System," Intelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint, pp.212, 215, 24-26 Sept. 2014. doi: 10.1109/JISIC.2014.79 The research question of this study is: How Integration Readiness Level (IRL) metrics can be understood and realized in the domain of border control information systems. The study address to the IRL metrics and their definition, criteria, references, and questionnaires for validation of border control information systems in case of the shared maritime situational awareness system. The target of study is in improvements of ways for acceptance, operational validation, risk assessment, and development of sharing mechanisms and integration of information systems and border control information interactions and collaboration concepts in Finnish national and European border control domains.
Keywords: national security; risk analysis; surveillance; European border control domains; Finnish national border control domains; IRL metrics; border control information interactions; border control information systems; information system integration; integration readiness level metrics; operational validation; risk assessment; shared maritime situational awareness system; sharing mechanisms; Buildings; Context; Control systems; Information systems; Interviews; measurement; Systems engineering and theory; integration; integration readiness levels; maturity; pre-operational validation; situational awareness (ID#: 15-3836)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6975575&isnumber=6975536
Robertson, J., "Integrity of a Common Operating Picture In Military Situational Awareness," Information Security for South Africa (ISSA), 2014, pp. 1, 7, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950514
The lack of qualification of a common operating picture (COP) directly impacts the situational awareness of military Command and Control (C2). Since a commander is reliant on situational awareness information in order to make decisions regarding military operations, the COP needs to be trustworthy and provide accurate information for the commander to base decisions on the resultant information. If the COP's integrity is questioned, there is no definite way of defining its integrity. This paper looks into the integrity of the COP and how it can impact situational awareness. It discusses a potential solution to this problem on which future research can be based.
Keywords: {command and control systems; decision making; military computing;C2;COP integrity; common operating picture integrity; decision making; military command and control; military operations; military situational awareness; situational awareness information; Cameras; Microwave integrated circuits; Weight measurement; Wireless communication; Command and Control; Common Operating Picture; Integrity; Situational Awareness (ID#: 15-3837)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950514&isnumber=6950479
Fernandez Arguedas, V.; Pallotta, G.; Vespe, M., "Automatic Generation Of Geographical Networks For Maritime Traffic Surveillance," Information Fusion (FUSION), 2014 17th International Conference on, pp. 1, 8, 7-10 July 2014 In this paper, an algorithm is proposed to automatically produce hierarchical graph-based representations of maritime shipping lanes extrapolated from historical vessel positioning data. Each shipping lane is generated based on the detection of the vessel behavioural changes and represented in a compact synthetic route composed of the network nodes and route segments. The outcome of the knowledge discovery process is a geographical maritime network that can be used in Maritime Situational Awareness (MSA) applications such as track reconstruction from missing information, situation/destination prediction, and detection of anomalous behaviour. Experimental results are presented, testing the algorithm in a specific scenario of interest, the Dover Strait.
Keywords: geographic information systems; marine systems; surveillance; traffic; automatic generation; geographical maritime network; hierarchical graph based representations; historical vessel positioning data; knowledge discovery process; maritime shipping lanes; maritime traffic surveillance; network nodes; route segments; track reconstruction; Knowledge discovery; Ports (Computers);Security; Standards; Surveillance; Trajectory; Anomaly Detection; Maritime Knowledge Discovery; Maritime Surveillance; Maritime Traffic Networks; Trajectory Mining and Synthetic Trajectories (ID#: 15-3838)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6915990&isnumber=6915967
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.