Skip to main content
SpringerLink
Log in

Integration of a System for Critical Infrastructure Protection with the OSSIM SIEM Platform: A dam case study

  • Conference paper
Computer Safety, Reliability, and Security (SAFECOMP 2011)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 6894))

Included in the following conference series:

Abstract

In recent years the monitoring and control devices in charge of supervising the critical processes of Critical Infrastructures have been victims of cyber attacks. To face such threat, organizations providing critical services are increasingly focusing on protecting their network infrastructures. Security Information and Event Management (SIEM) frameworks support network protection by performing centralized correlation of network asset reports. In this work we propose an extension of a commercial SIEM framework, namely OSSIM by AlienVault, to perform the analysis of the reports (events) generated by monitoring, control and security devices of the dam infrastructure. Our objective is to obtain evidences of misuses and malicious activities occurring at the dam monitoring and control system, since they can result in issuing hazardous commands to control devices. We present examples of misuses and malicious activities and procedures to extend OSSIM for analyzing new event types.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Regan, P.J.: Dams as systems - a holistic approach to dam safety. In: 30th Annual USSD Conference Sacramento, California (2010)

    Google Scholar 

  2. White Paper, Global Energy Cyberattacks: “Night Dragon”, McAfee® Foundstone®Professional Services and McAfee Labs (2011)

    Google Scholar 

  3. White Paper, Symantec®Intelligence Quarterly Report, Targeted Attacks on Critical Infrastructures, http://bit.ly/g8kpvz (October-December, 2010)

  4. Jeon, J., Lee, J., Shin, D., Park, H.: Development of dam safety management system. Advances in Engineering Software 40(8), 554–563 (2009) ISSN 0965-9978

    Article  Google Scholar 

  5. Farinha, F., Portela, E., Domingues, C., Sousa, L.: Knowledge-based systems in civil engineering: Three case studies. In: Advances in Engineering Software. Selected papers from Civil-Comp 2003 and AICivil-Comp 2003, vol. 36(11-12), pp. 729–739 (November-December 2005) ISSN 0965-9978

    Google Scholar 

  6. Ingelrest, F., Barrenetxea, G., Schaefer, G., Vetterli, M., Couach, O., Parlange, M.: SensorScope: Application-specific sensor network for environmental monitoring. ACM Trans. Sen. Netw. 6(2) Article 17 (2010)

    Google Scholar 

  7. Briesemeister, L., Cheung, S., Lindqvist, U., Valdes, A.: Detection, correlation, and visualization of attacks against critical infrastructure systems. In: Eighth Annual International Conference on Privacy Security and Trust (PST), 2010, August 17-19, pp. 15–22 (2010), doi:10.1109/PST.2010.5593242

    Google Scholar 

  8. Madrid, J.M., Munera, L.E., Montoya, C.A., Osorio, J.D., Cardenas, L.E., Bedoya, R., Latorre, C.: Functionality, reliability and adaptability improvements to the OSSIM information security console. In: IEEE Latin-American Conference on Communications, LATINCOM 2009, September 10-11, pp. 1–6 (2009)

    Google Scholar 

  9. Myers, B.K., Dutson, G.C., Sherman, T.: City of Salem Utilizing Automated Monitoring for the Franzen Reservoir Dam Safety Program. In: 25th USSD Annual Meeting and Conference Proceedings (2005)

    Google Scholar 

  10. Parekh, M., Stone, K., Delborne, J.: Coordinating Intelligent and Continuous Performance Monitoring with Dam and Levee Safety Management Policy. In: Association of State Dam Safety Officials Conference Proceedings, at the 2010 Dam Safety Conference (2010)

    Google Scholar 

  11. Karg, D., Casal, J.: Ossim: Open source security information management. Tech. report, OSSIM (2008)

    Google Scholar 

  12. AlienVault®, http://alienvault.com/

  13. AlienVault OSSIM Available Plugins, http://alienvault.com/community/plugins

Download references

Author information

Authors and Affiliations

  1. Epsilon S.r.l., Naples, Italy

    Luigi Coppolino

  2. Department of Technology, University of Naples ”Parthenope”, Italy

    Salvatore D’Antonio, Valerio Formicola & Luigi Romano

Authors
  1. Luigi Coppolino
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Salvatore D’Antonio
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Valerio Formicola
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Luigi Romano
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Ansaldo STS, Via Argine, 425, 80147, Napoli, Italy

    Francesco Flammini

  2. Italian Association Critical Infrastructure (AIIC), Rome, Italy

    Sandro Bologna

  3. Dipartimento di Informatica e Sistemistica, Università di Napoli Federico II, Via Claudio, 21, Napoli, Italy

    Valeria Vittorini

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Coppolino, L., D’Antonio, S., Formicola, V., Romano, L. (2011). Integration of a System for Critical Infrastructure Protection with the OSSIM SIEM Platform: A dam case study. In: Flammini, F., Bologna, S., Vittorini, V. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2011. Lecture Notes in Computer Science, vol 6894. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24270-0_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-24270-0_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-24269-4

  • Online ISBN: 978-3-642-24270-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation