Abstract
The maritime ecosystem has undergone through changes due to the increasing use of information systems and smart devices. The newly introduced technologies give rise to new attack surface in maritime infrastructures. In this position paper, we propose the MAritime Threat INtelligence FRAMEwork (MAINFRAME), which is tailored towards collection and analysis of threat intelligence in maritime environments. MAINFRAME combines: (i) data collection from ship sensors; (ii) collection of publicly available data from social media; (iii) variety of honeypots emulating different hardware and software component; (iv) event detection assisted by deep learning; (v) blockchain implementation that maintains audit trail for activities and transactions, and electronic IDs; and (vi) visual threat analytics. To highlight the interdependencies between cyber and cyber-physical threats in autonomous ships, MAINFRAME’s operation is evaluated through the liquefied natural gas (LNG) Carrier case study.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Greenberg, A.: The untold story of NotPetya, the most devastating cyberattack in history. Wired, August 2018
Taddeo, M., Floridi, L.: Regulate artificial intelligence to avert cyber arms race. Nature 556(7701), 296–298 (2018)
Apostolou, B., Apostolou, N., Schaupp, L.C.: Assessing and responding to cyber risk: the energy industry as example. J. Forensic Investig. Account. 10(1) (2018)
DNVGL: Veracity. https://www.dnvgl.com/data-platform/index.html/. Accessed 09 Feb 2019
Mansfield-Devine, S.: The imitation game: how business email compromise scams are robbing organisations. Comput. Fraud Secur. 2016(11), 5–10 (2016)
O’Donnell, L.: Gold galleon hacking group plunders shipping industry. https://threatpost.com/gold-galleon-hacking-group-plunders-shippingindustry/131203/. Accessed 09 Feb 2019
Shapo, V.: Cybersecurity implementation aspects at shipping 4.0 and industry 4.0 concepts realization. J. Sci. Perspect. 2(4), 1–12 (2018)
Johnson, B., Caban, D., Krotofil, M., Scali, D., Brubaker, N., Glyer, C.: Attackers deploy new ICS attack framework “TRITON” and cause operational disruption to critical infrastructure. Threat Research Blog (2017)
Marks, P.: Why the Stuxnet worm is like nothing seen before. News Science (2010)
Cachin, C.: Architecture of the hyperledger blockchain fabric. In: Workshop on Distributed Cryptocurrencies and Consensus Ledgers, vol. 310 (2016)
OSSEC: Ossec. https://www.ossec.net/. Accessed 09 Feb 2019
Pitropakis, N., Lambrinoudakis, C., Geneiatakis, D.: Till all are one: towards a unified cloud IDS. In: Fischer-Hübner, S., Lambrinoudakis, C., Lopez, J. (eds.) TrustBus 2015. LNCS, vol. 9264, pp. 136–149. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22906-5_11
IBM: Artificial intelligence for a smarter kind of cybersecurity. https://www.ibm.com/security/artificial-intelligence/. Accessed 09 Feb 2019
Carasso, D.: Exploring Splunk. CITO Research, New York (2012)
Wei, J., Mendis, G.J.: A deep learning-based cyber-physical strategy to mitigate false data injection attack in smart grids. In: Joint Workshop on Cyber-Physical Security and Resilience in Smart Grids (CPSR-SG), pp. 1–6. IEEE (2016)
Bezemskij, A., Loukas, G., Gan, D., Anthony, R.: Detecting cyber-physical threats in an autonomous robotic vehicle using Bayesian networks, pp. 98–103 (2017)
IBM: Honeything. https://www.ibm.com/security/artificial-intelligence/. Accessed 09 Feb 2019
Conpot: Conpot. http://conpot.org/. Accessed 09 Feb 2019
BruteForce Lab: HoneyDrive. https://bruteforcelab.com/honeydrive/. Accessed 09 Feb 2019
Jasek, R., Kolarik, M., Vymola, T.: APT detection system using honeypots. In: Proceedings of the 13th International Conference on Applied Informatics and Communications (AIC 2013), pp. 25–29. WSEAS Press (2013)
Pitropakis, N., Panaousis, E., Giannakoulias, A., Kalpakis, G., Rodriguez, R.D., Sarigiannidis, P.: An enhanced cyber attack attribution framework. In: Furnell, S., Mouratidis, H., Pernul, G. (eds.) TrustBus 2018. LNCS, vol. 11033, pp. 213–228. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98385-1_15
Solomon, J.F.: Maritime deception and concealment: concepts for defeating wide-area oceanic surveillance-reconnaissance-strike networks. Naval War Coll. Rev. 66(4), 87 (2013)
Bou-Harb, E., Kaisar, E.I., Austin, M.: On the impact of empirical attack models targeting marine transportation. In: 2017 5th IEEE International Conference on Models and Technologies for Intelligent Transportation Systems (MT-ITS), pp. 200–205. IEEE (2017)
Jiang, X., Wang, X.: “Out-of-the-Box” monitoring of VM-based high-interaction honeypots. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 198–218. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74320-0_11
Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Proj. Yellow Pap. 151, 1–32 (2014)
Keim, E.D., Kohlhammer, J., Ellis, G.: Mastering the information age: solving problems with visual analytics. Eurographics Association (2010)
Andrienko, N., et al.: Viewing visual analytics as model building. In: Computer Graphics Forum. Wiley Online Library (2018)
Andrienko, G., Andrienko, N., Fuchs, G.: Understanding movement data quality. J. Locat. Based Serv. 10(1), 31–46 (2016)
Endert, A., et al.: The state of the art in integrating machine learning into visual analytics. In: Computer Graphics Forum, vol. 36, pp. 458–486. Wiley Online Library (2017)
Shiravi, H., Shiravi, A., Ghorbani, A.A.: A survey of visualization systems for network security. IEEE Trans. Vis. Comput. Graph. 18(8), 1313–1329 (2012)
Fischer, F., Keim, D.A.: NStreamAware: real-time visual analytics for data streams to enhance situational awareness. In: Proceedings of the Eleventh Workshop on Visualization for Cyber Security, pp.65–72. ACM (2014)
Chen, S., Guo, C., Yuan, X., Merkle, F., Schaefer, H., Ertl, T.: OCEANS: online collaborative explorative analysis on network security. In: Proceedings of the Eleventh Workshop on Visualization for Cyber Security, pp. 1–8. ACM (2014)
Chen, S., et al.: User behavior map: visual exploration for cyber security session data (2018)
Acknowledgments
This work has been partially supported by the Research Center of the University of Piraeus.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Pitropakis, N., Logothetis, M., Andrienko, G., Stefanatos, J., Karapistoli, E., Lambrinoudakis, C. (2020). Towards the Creation of a Threat Intelligence Framework for Maritime Infrastructures. In: Katsikas, S., et al. Computer Security. CyberICPS SECPRE SPOSE ADIoT 2019 2019 2019 2019. Lecture Notes in Computer Science(), vol 11980. Springer, Cham. https://doi.org/10.1007/978-3-030-42048-2_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-42048-2_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-42047-5
Online ISBN: 978-3-030-42048-2
eBook Packages: Computer ScienceComputer Science (R0)