Abstract
The trend towards automation of security management processes, including in industrial cyber-physical systems, has led to a change in the role of information security monitoring from solving the problem of conformity assessment to ensuring timely awareness of security management methods—active monitoring. Requirements for the data collection and processing subsystem for active monitoring of information security have been formulated. The systematization of a number of security management problems for cyber-physical systems has been carried out, examples of methods for their solution have been considered, and data structures that are in demand by the considered methods have been highlighted.
Similar content being viewed by others
REFERENCES
Pavlenko, E., Zegzhda, D., and Shtyrkina, A., Criterion of cyber-physical systems sustainability, CEUR Workshop Proc., Moscow, 2019, Basarab, M. and Markov, A.S., Eds., Moscow: CEUR Workshop Proceedings, 2019, pp. 60–64.
Petrenko, S.A., Controlling the cyber sustainability: Problem formulation, Zashchita Inf. Insaid, 2019, no. 3, pp. 16–24.
Zegzhda, P.D., Poltavtseva, M.A., Pechenkin, A.I., Lavrova, D.S., and Zaitseva, E.A., A use case analysis of heterogeneous semistructured objects in information security problems, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 918–930. https://doi.org/10.3103/S0146411618080278
Zaitsev, O.E. and Lyubimov, A.V., Functional modeling method of information technologies safety evaluation by common criteria, Nauch.-Tekh. Vestn. St. Petersburg Gos. Univ. Inf. Tekhnol., Mekh. Opt., 2008, no. 56, pp. 3–8.
Kazarin, O.V., Kondakov, S.E., and Troitskii, I.I., Approaches to measuring of information security resources of automated systems, Vopr. Kiberbezop., 2015, no. 2, pp. 31–35.
Makarevich, O.B. and Shelud’ko, I.A., Registration and analysis of security events in information systems, Izv. Taganrog. Tekh. Univ., 2003, no. 4, pp. 211–216.
Zegzhda, D., Zegzhda, P., Pechenkin, A., and Poltavtseva, M., Modeling of information systems to their security evaluation, Proc. 10th Int. Conf. on Security of Information and Networks, Jaipur, India, 2017, New York: Association for Computing Machinery, 2017, pp. 295–298. https://doi.org/10.1145/3136825.3136857
Krundyshev, V. and Kalinin, M., The security risk analysis methodology for smart network environments, Int. Russian Automation Conf. (RusAutoCon), Sochi, Russia, 2020, IEEE, 2020, pp. 437–442. https://doi.org/10.1109/RusAutoCon49822.2020.9208116
Zegzhda, D., Lavrova, D., Pavlenko, E., and Shtyrkina, A., Cyber attack prevention based on evolutionary cybernetics approach, Symmetry, 2020, vol. 12, no. 11, p. 1931. https://doi.org/10.3390/sym12111931
Pavlenko, E., Zegzhda, D., and Shtyrkina, A., Estimating the sustainability of cyber-physical systems based on spectral graph theory, IEEE Int. Black Sea Conf. on Communications and Networking (BlackSeaCom), , Sochi, Russia, 2019, IEEE, 2019, pp. 1–5. https://doi.org/10.1109/BlackSeaCom.2019.8812826
Branitskii, A.A. and Kotenko, I.V., Analysis and classification of methods of network attack detection, Tr. SPIIRAN, 2016, vol. 2, no. 45, pp. 207–244. https://doi.org/10.15622/sp.45.13
Aleksandrova, E.B., Lavrova, D.S., and Yarmak, A.V., Benford’s law in the detection of DoS attacks on industrial systems, Autom. Control Comput. Sci., 2019, vol. 53, no. 8, pp. 954–962. https://doi.org/10.3103/S0146411619080030
Mudzingwa, D. and Agrawal, R., A study of methodologies used in intrusion detection and prevention systems (IDPS), Proc. of IEEE Southeastcon, Orlando, Fla., 2012, IEEE, 2012, pp. 1–6. https://doi.org/10.1109/SECon.2012.6197080
Aldwairi, M., Abu-Dalo, A.M., and Jarrah, M., Pattern matching of signature-based IDS using Myers algorithm under MapReduce framework, EURASIP J. Inf. Secur., 2017, vol. 2017, p. 9. https://doi.org/10.1186/s13635-017-0062-7
Denning, D.E., An intrusion-detection model, IEEE Trans. Software Eng., 1987, vol. SE-13, no. 2, pp. 222–232. https://doi.org/10.1109/TSE.1987.232894
Goonatilake, R., Herath, S., and Herath, A., Probabilistic models for anomaly detection based on usage of network traffic, J. Inf. Eng. Appl., 2013, vol. 3, no. 9, pp. 28–40.
Bereziński, P., Jasiul, B., and Szpyrka, M., An entropy-based network anomaly detection method, Entropy, 2015, vol. 17, no. 4, pp. 2367–2408. https://doi.org/10.3390/e17042367
Lavrova, D., Zaitceva, E., and Zegzhda, P., Bio-inspired approach to self-regulation for industrial dynamic network infrastructure, CEUR Workshop Proc., Moscow, 2019, Basarab, M. and Markov, A.S., Eds., Moscow: CEUR Workshop Proceedings, 2019, pp. 34–39.
Petrov, V.V. and Platov, V.V., Studying self-similar structure of teletraffic of wireless network, Radiotekh. Tetradi, 2004, no. 30, pp. 58–62.
Lavrova, D.S., Alekseev, I.V., and Shtyrkina, A.A., Security analysis based on controlling dependences of network traffic parameters by wavelet transformation, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 931–935. https://doi.org/10.3103/S0146411618080187
Zegzhda, D., Lavrova, D., and Poltavtseva, M., Multifractal security analysis of cyberphysical systems, Nonlinear Phenom. Complex Syst. (Minsk, Belarus), 2019, vol. 22, no. 2, 196–204.
Marukhlenko, A.L., Seleznyov, K.D., Tanygin, M.O, and Marukhlenko, L.O., Arrangement of the system of network monitoring and assessment of the state of information security of an object, Izv. Yugo-Zap. Gos. Univ., 2019, vol. 23, no. 1, pp. 118–129. https://doi.org/10.21869/2223-1560-2019-23-1-118-129
Zegzhda, D.P., Vasil’ev, Yu.S., and Poltavtseva, M.A., Approaches to modeling the security of cyberphysical systems, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1000–1009. https://doi.org/10.3103/S014641161808031X
Glindis, L.D., et al., Network intrusion detection using machine learning techniques, Int. J. Res., 2018, vol. 5, no. 22, pp. 1122–1131.
Bharti, K.K., Shukla, S., and Jain, S., Intrusion detection using clustering, Int. J. Comput. Commun. Technol., 2010, vol. 1, no. 4, pp. 248–255.
Anton, S.D.D., Sinha, S., and Schotten, H.D., Anomaly-based intrusion detection in industrial data with svm and random forests, Int. Conf. on Software, Telecommunications and Computer Networks (SoftCOM), Split, Croatia, 2019, IEEE, 2019, pp. 1–6. https://doi.org/10.23919/SOFTCOM.2019.8903672
Htun, P.T. and Khaing, K.T., Detection model for daniel-of-service attacks using random forest and k-nearest neighbors, Int. J. Adv. Res. Comput. Eng. Technol., 2013, vol. 2, no. 5, pp. 1855–1860.
Lavrova, D., Zegzhda, D., and Yarmak, A., Using GRU neural network for cyber-attack detection in automated process control systems, IEEE Int. Black Sea Conf. on Communications and Networking (BlackSeaCom), Sochi, Russia, 2019, IEEE, 2019, pp. 1–3. https://doi.org/10.1109/BlackSeaCom.2019.8812818
Krundyshev, V. and Kalinin, M., Hybrid neural network frame work for detection of cyber attacks at smart infrastructures, Proc. 12th Int. Conf. on Security of Information and Network, Sochi, Russia, 2019, New York: Association for Computing Machinery, 2019, p. 9. https://doi.org/10.1145/3357613.3357623
Malhotra P., Ramakrishnan, A., Anand, G., Vig, L., Agarwal, P., and Shroff, G., LSTM-based encoder-decoder for multi-sensor anomaly detection, ICML 2016 Anomaly Detection Workshop, New York, 2016. arXiv:1607.00148 [cs.AI]
Krundyshev, V., Kalinin, M., and Zegzhda, P., Artificial swarm algorithm for VANET protection against routing attacks, IEEE Industrial Cyber-Physical Systems (ICPS), St. Petersburg, 2018, IEEE, 2018, pp. 795–800. https://doi.org/10.1109/ICPHYS.2018.8390808
Kalinin, M. and Krundyshev, V., Sequence alignment algorithms for intrusion detection in the internet of things, Nonlinear Phenom. Complex Syst. (Minsk, Belarus), 2020, vol. 23, no. 4, pp. 397–404.
Lavrova, D.S., Zegzhda, D.P., and Zaitceva, E.A., Simulation of complex objects network infrastructure t osolve the problem of counteraction to cyber attacks, Vopr. Kiberbezop., 2019, no. 2, pp. 13–20. https://doi.org/10.21681/2311-3456-2019-2-13-20
Kalinin, M.O., Krundyshev, V.M., and Semianov, P.V., Architectures for building secure vehicular networks based on SDN technology, Autom. Control Comput. Sci., 2017, vol. 51, no. 8, pp. 907–914. https://doi.org/10.3103/S0146411617080120
Zegzhda, D.P. and Pavlenko, E.Yu., Cyber- system homeostatic security management, Autom. Control Comput. Sci., 2017, vol. 51, no. 8, pp. 805–816. https://doi.org/10.3103/S0146411617080260
Zaitseva, E.A. and Lavrova, D.S., Self-regulation of the network infrastructure of cyberphysical systems on the basis of the genome assembly problem, Autom. Control Comput. Sci., 2020, vol. 54, no. 8, pp. 813–821. https://doi.org/10.3103/S0146411620080350
Ovasapyan, T.D. and Ivanov, D.V., Security provision in wireless sensor networks on the basis of the trust model, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1042–1048. https://doi.org/10.3103/S0146411618080205
Solovey, R. and Lavrova, D., Game-theoretic approach to self-regulation of dynamic network infrastructure to protect against cyber attacks, Int. Scientific and Technical Conf. Modern Computer Network Technologies (MoNeTeC), Moscow, 2020, IEEE, 2020, pp. 1–7. https://doi.org/10.1109/MoNeTeC49726.2020.9258105
Belenko, V., Chernenko, V., Krundyshev, V., and Kalinin, M., Data-driven failure analysis for the cyber physical infrastructures, IEEE Int. Conf. on Industrial Cyber Physical Systems (ICPS), Taipei, 2019, IEEE, 2019, pp. 1–5. https://doi.org/10.1109/ICPHYS.2019.8854888
Funding
The reported study was funded by the Russian Ministry of Science (information security), project no. 2/2020.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
The authors declare that they have no conflicts of interest.
Additional information
Translated by S. Avodkova
About this article
Cite this article
Poltavtseva, M.A. Formation of Data Structures in the Problems of Active Security Monitoring. Aut. Control Comp. Sci. 55, 1201–1208 (2021). https://doi.org/10.3103/S0146411621080423
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411621080423