Skip to main content
SpringerLink
Log in

Towards the Creation of a Threat Intelligence Framework for Maritime Infrastructures

  • Conference paper
  • First Online:
Computer Security (CyberICPS 2019, SECPRE 2019, SPOSE 2019, ADIoT 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11980))

Abstract

The maritime ecosystem has undergone through changes due to the increasing use of information systems and smart devices. The newly introduced technologies give rise to new attack surface in maritime infrastructures. In this position paper, we propose the MAritime Threat INtelligence FRAMEwork (MAINFRAME), which is tailored towards collection and analysis of threat intelligence in maritime environments. MAINFRAME combines: (i) data collection from ship sensors; (ii) collection of publicly available data from social media; (iii) variety of honeypots emulating different hardware and software component; (iv) event detection assisted by deep learning; (v) blockchain implementation that maintains audit trail for activities and transactions, and electronic IDs; and (vi) visual threat analytics. To highlight the interdependencies between cyber and cyber-physical threats in autonomous ships, MAINFRAME’s operation is evaluated through the liquefied natural gas (LNG) Carrier case study.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Greenberg, A.: The untold story of NotPetya, the most devastating cyberattack in history. Wired, August 2018

    Google Scholar 

  2. Taddeo, M., Floridi, L.: Regulate artificial intelligence to avert cyber arms race. Nature 556(7701), 296–298 (2018)

    Article  Google Scholar 

  3. Apostolou, B., Apostolou, N., Schaupp, L.C.: Assessing and responding to cyber risk: the energy industry as example. J. Forensic Investig. Account. 10(1) (2018)

    Google Scholar 

  4. DNVGL: Veracity. https://www.dnvgl.com/data-platform/index.html/. Accessed 09 Feb 2019

  5. Mansfield-Devine, S.: The imitation game: how business email compromise scams are robbing organisations. Comput. Fraud Secur. 2016(11), 5–10 (2016)

    Article  Google Scholar 

  6. O’Donnell, L.: Gold galleon hacking group plunders shipping industry. https://threatpost.com/gold-galleon-hacking-group-plunders-shippingindustry/131203/. Accessed 09 Feb 2019

  7. Shapo, V.: Cybersecurity implementation aspects at shipping 4.0 and industry 4.0 concepts realization. J. Sci. Perspect. 2(4), 1–12 (2018)

    Google Scholar 

  8. Johnson, B., Caban, D., Krotofil, M., Scali, D., Brubaker, N., Glyer, C.: Attackers deploy new ICS attack framework “TRITON” and cause operational disruption to critical infrastructure. Threat Research Blog (2017)

    Google Scholar 

  9. Marks, P.: Why the Stuxnet worm is like nothing seen before. News Science (2010)

    Google Scholar 

  10. Cachin, C.: Architecture of the hyperledger blockchain fabric. In: Workshop on Distributed Cryptocurrencies and Consensus Ledgers, vol. 310 (2016)

    Google Scholar 

  11. OSSEC: Ossec. https://www.ossec.net/. Accessed 09 Feb 2019

  12. Pitropakis, N., Lambrinoudakis, C., Geneiatakis, D.: Till all are one: towards a unified cloud IDS. In: Fischer-Hübner, S., Lambrinoudakis, C., Lopez, J. (eds.) TrustBus 2015. LNCS, vol. 9264, pp. 136–149. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22906-5_11

    Chapter  Google Scholar 

  13. IBM: Artificial intelligence for a smarter kind of cybersecurity. https://www.ibm.com/security/artificial-intelligence/. Accessed 09 Feb 2019

  14. Carasso, D.: Exploring Splunk. CITO Research, New York (2012)

    Google Scholar 

  15. Wei, J., Mendis, G.J.: A deep learning-based cyber-physical strategy to mitigate false data injection attack in smart grids. In: Joint Workshop on Cyber-Physical Security and Resilience in Smart Grids (CPSR-SG), pp. 1–6. IEEE (2016)

    Google Scholar 

  16. Bezemskij, A., Loukas, G., Gan, D., Anthony, R.: Detecting cyber-physical threats in an autonomous robotic vehicle using Bayesian networks, pp. 98–103 (2017)

    Google Scholar 

  17. IBM: Honeything. https://www.ibm.com/security/artificial-intelligence/. Accessed 09 Feb 2019

  18. Conpot: Conpot. http://conpot.org/. Accessed 09 Feb 2019

  19. BruteForce Lab: HoneyDrive. https://bruteforcelab.com/honeydrive/. Accessed 09 Feb 2019

  20. Jasek, R., Kolarik, M., Vymola, T.: APT detection system using honeypots. In: Proceedings of the 13th International Conference on Applied Informatics and Communications (AIC 2013), pp. 25–29. WSEAS Press (2013)

    Google Scholar 

  21. Pitropakis, N., Panaousis, E., Giannakoulias, A., Kalpakis, G., Rodriguez, R.D., Sarigiannidis, P.: An enhanced cyber attack attribution framework. In: Furnell, S., Mouratidis, H., Pernul, G. (eds.) TrustBus 2018. LNCS, vol. 11033, pp. 213–228. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98385-1_15

    Chapter  Google Scholar 

  22. Solomon, J.F.: Maritime deception and concealment: concepts for defeating wide-area oceanic surveillance-reconnaissance-strike networks. Naval War Coll. Rev. 66(4), 87 (2013)

    Google Scholar 

  23. Bou-Harb, E., Kaisar, E.I., Austin, M.: On the impact of empirical attack models targeting marine transportation. In: 2017 5th IEEE International Conference on Models and Technologies for Intelligent Transportation Systems (MT-ITS), pp. 200–205. IEEE (2017)

    Google Scholar 

  24. Jiang, X., Wang, X.: “Out-of-the-Box” monitoring of VM-based high-interaction honeypots. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 198–218. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74320-0_11

    Chapter  Google Scholar 

  25. Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Proj. Yellow Pap. 151, 1–32 (2014)

    Google Scholar 

  26. Keim, E.D., Kohlhammer, J., Ellis, G.: Mastering the information age: solving problems with visual analytics. Eurographics Association (2010)

    Google Scholar 

  27. Andrienko, N., et al.: Viewing visual analytics as model building. In: Computer Graphics Forum. Wiley Online Library (2018)

    Google Scholar 

  28. Andrienko, G., Andrienko, N., Fuchs, G.: Understanding movement data quality. J. Locat. Based Serv. 10(1), 31–46 (2016)

    Article  Google Scholar 

  29. Endert, A., et al.: The state of the art in integrating machine learning into visual analytics. In: Computer Graphics Forum, vol. 36, pp. 458–486. Wiley Online Library (2017)

    Google Scholar 

  30. Shiravi, H., Shiravi, A., Ghorbani, A.A.: A survey of visualization systems for network security. IEEE Trans. Vis. Comput. Graph. 18(8), 1313–1329 (2012)

    Article  Google Scholar 

  31. Fischer, F., Keim, D.A.: NStreamAware: real-time visual analytics for data streams to enhance situational awareness. In: Proceedings of the Eleventh Workshop on Visualization for Cyber Security, pp.65–72. ACM (2014)

    Google Scholar 

  32. Chen, S., Guo, C., Yuan, X., Merkle, F., Schaefer, H., Ertl, T.: OCEANS: online collaborative explorative analysis on network security. In: Proceedings of the Eleventh Workshop on Visualization for Cyber Security, pp. 1–8. ACM (2014)

    Google Scholar 

  33. Chen, S., et al.: User behavior map: visual exploration for cyber security session data (2018)

    Google Scholar 

Download references

Acknowledgments

This work has been partially supported by the Research Center of the University of Piraeus.

Author information

Authors and Affiliations

  1. Blockpass Identity Lab, Edinburgh Napier University, Edinburgh, UK

    Nikolaos Pitropakis

  2. INTRASOFT International SA, Luxembourg, Luxembourg

    Marios Logothetis

  3. Fraunhofer Institute IAIS, Sankt Augustin, Germany

    Gennady Andrienko

  4. DNV GL, Oslo, Norway

    Jason Stefanatos

  5. Cyberlens, Amsterdam, The Netherlands

    Eirini Karapistoli

  6. Department of Digital Systems, University of Piraeus, Piraeus, Greece

    Costas Lambrinoudakis

Authors
  1. Nikolaos Pitropakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marios Logothetis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gennady Andrienko
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jason Stefanatos
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Eirini Karapistoli
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Costas Lambrinoudakis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nikolaos Pitropakis .

Editor information

Editors and Affiliations

  1. Open University of Cyprus, Latsia, Cyprus

    Sokratis Katsikas

  2. IMT Atlantique, Brest, France

    Frédéric Cuppens

  3. IMT Atlantique, Brest, France

    Nora Cuppens

  4. University of Piraeus, Piraeus, Greece

    Costas Lambrinoudakis

  5. University of the Aegean, Mytilene, Greece

    Christos Kalloniatis

  6. University of Toronto, Toronto, ON, Canada

    John Mylopoulos

  7. Georgia Institute of Technology, Atlanta, GA, USA

    Annie AntĂłn

  8. University of Piraeus, Piraeus, Greece

    Stefanos Gritzalis

  9. Technical University of Berlin, Berlin, Germany

    Frank Pallas

  10. Alexander von Humboldt Institute for Internet and Society, Berlin, Germany

    Jörg Pohle

  11. Ruhr University Bochum, Bochum, Germany

    Angela Sasse

  12. Technical University of Denmark, Kongens Lyngby, Denmark

    Weizhi Meng

  13. University of Plymouth, Plymouth, UK

    Steven Furnell

  14. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Pitropakis, N., Logothetis, M., Andrienko, G., Stefanatos, J., Karapistoli, E., Lambrinoudakis, C. (2020). Towards the Creation of a Threat Intelligence Framework for Maritime Infrastructures. In: Katsikas, S., et al. Computer Security. CyberICPS SECPRE SPOSE ADIoT 2019 2019 2019 2019. Lecture Notes in Computer Science(), vol 11980. Springer, Cham. https://doi.org/10.1007/978-3-030-42048-2_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-42048-2_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-42047-5

  • Online ISBN: 978-3-030-42048-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation