SlideShare a Scribd company logo

Developing Advanced Threat Detection for Critical Infrastructure

Download as PPTX, PDF
Power System Operation
Power System Operation

This document discusses developing advanced security monitoring and threat detection for cyber resilience in operational technology (OT) environments. It outlines RSE's applied research on cyber security assessments for the electro-energetic sector. Topics covered include cyber challenges to the energy transition, European regulations, industrial control system cyber security analyses using security tools, advanced probabilistic models for anomaly detection and attack forecasting, and experimental platforms for security monitoring, anomaly detection and recovery. Machine learning and deep learning techniques are discussed for application to anomaly detection in OT environments.

Engineering
1 of 39
Threat Detection Developing Advanced Security Monitoring & Threat Detection to deliver Cyber Resilience in OT Environments
About RSE Applied research on the electro-energetic sector, experimental activities including Cyber Security experimental assessment January 2020, Berlin, Germany
Table of contents January 2020, Berlin, Germany • Cyber challenges to the energy transition • European Regulations • ICS cyber security analyses with state of art tools • Advanced probabilistic models for anomaly detection and attack forecast • Experimental platform for security monitoring, anomaly detection and recovery • Application of machine/deep learning to cyber anomaly detection
Cyber challenges to the energy transition The number of known attack groups increased from 140 in 2018 to 155 in 2019.6 [WEC] January 2020, Berlin, Germany
Attack to Ukrainian Grid - details • E‐ISAC | Analysis of the Cyber Attack on the Ukrainian Power Grid | March 18, 2016 January 2020, Berlin, Germany
NIS Directive EU 2016/1148 CHAPTER IV SECURITY OF THE NETWORK AND INFORMATION SYSTEMS OF OPERATORS OF ESSENTIAL SERVICES Article 14 Security requirements and incident notification 1.Member States shall ensure that operators of essential services take appropriate and proportionate technical and organisational measures to manage the risks posed to the security of network and information systems which they use in their operations. 2.Member States shall ensure that operators of essential services take appropriate measures to prevent and minimise the impact of incidents affecting the security of the network and information systems used for the provision of such essential services, with a view to ensuring the continuity of those services. 3.Member States shall ensure that operators of essential services notify, without undue delay, the competent authority or the CSIRT of incidents having a significant impact on the continuity of the essential services they provide. Notifications shall include information enabling the competent authority or the CSIRT to determine any cross-border impact of the incident. Notification shall not make the notifying party subject to increased liability.
Network Code on Cybersecurity [Euopean Commission, Smart Grid Task Force, Expert Group 2] January 2020, Berlin, Germany
Power System Resilience - Definition CIGRE WG C4.47 Reference Paper January 2020, Berlin, Germany
NIST Cyber Security Framework January 2020, Berlin, Germany
NIST Cyber Security Framework (cont.) • Functions and categories January 2020, Berlin, Germany
RSE Cyber Security Framework Research and InnovationFoundations Experiments ICT Simulators Power Simulators Standards Regulations Analysis methodologi es AI Algorithms Technologies January 2020, Berlin, Germany
RSE Cyber Security Framework (cont.) January 2020, Berlin, Germany
ICS cyber security analyses Field Network Corporate Network Control Network DMZ Network NIST 800-82 January 2020, Berlin, Germany
SecuriCAD based methodology • SecuriCAD tool by Foreseeti (SE) allows the evaluation of the TTC indicator (Time To Compromise); TTC represents the expected time an attacker would take to compromise every single asset in the modelled ICT infrastructure • Each asset on the model has specific attack steps associate with it that can be exploited to control the component, this is dependent on the type of asset and the values of the configured parameters • Pre-determined attack steps • Pre-defined attack step probability • Graphical interface
SecuriCAD architecture Field Network Corporate Network Control Network DMZ Network January 2020, Berlin, Germany
Attack path Attack graph Imperfect defenses SecuriCAD Attack Graph
Measure Success % in 10 days Success % in 20 days Success % in 50 days Δ% Vs Base line 10 days Δ% Vs Baseline 20 days Δ% Vs Baseline 50 days Firewall off 25% 38% 58% 19% 28% 36% Baseline (fw on) 6% 10% 22% - - - Baseline + Protocol security 5% 8% 21% -1% -2% -1% Baseline + Protocol sec + IDS 4% 7% 18% -2% -3% -4% Baseline + Protocol sec + IDS+IPS 3% 7% 20% -3% -3% -2% Baseline + Protocol sec + IDS+IPS + AC sec (no default pw) 2% 4% 12% -4% -6% -10% SecuriCAD Analyses
Probabilistic graphical models Bayesian Networks • based on real world knowledge and parameters • oriented to the power system • predictive and diagnostic analysis • for planning, assessment, detection, forecasting January 2020, Berlin, Germany
Analysis types planning • security measures • monitoring sensors setup detection • early detection of intrusions assessment • effectiveness of security measures • effectiveness of monitoring system forecasting • adversarial moves
20 Adversarial Tactics Techniques and Common Knowledge https://attack.mitre.org/
https://attack.mitre.org/ Attack process
Threat Detection Report 2019 - Red Canary ATT&CK technique leverage
Attack process to power control infrastructure Field Network Corporate Network Control Network DMZ Network Power Control Area Attack Graph IT Area Attack Graph 23
Methodological approach Attack Graph 24 Bayesian Network IT techniques • MITRE ATT&CK - scores based on attack groups, software, references OT techniques • US ICS-CERT Vulnerability Advisories - CVSS scores Analytics • events whose observation is significant to the security analyst • MITRE CAR + power domain specific
Predictive/Diagnostic Analysis 25 Detection: Importance of monitoring system security Planning /Assessment: Network specific risk assessment for defence planning Planning/ Assessment : Relevance of analytics in the planning of the monitoring system D. Cerotti, D. Codetta-Raiteri, L. Egidi, R. Terruggia, G. Dondossola, «Analysis and Detection of Cyber Attack Processes targeting Smart Grids», 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe), September2019
Attack Emulation Detection tools Scenarios Demonstration & Evaluation Anomaly Detection Experiments January 2020, Berlin, Germany
Analysis and Correlation Detection of anomalies Alert Prevention/ Recovery SNMP Syslog Evidence Monitoring values Logs Collection January 2020, Berlin, Germany Detection and Response Process
Traditional IT detection • Transport layer • Information flow Context specific detection • Application level detection Syntactic vs semantic analysis Indicators Machine learning & Big Data approach Detection @ different layers January 2020, Berlin, Germany
RSE Power Control System Resilience Testing PCS-ResTest Lab January 2020, Berlin, Germany
Monitoring integrated platform RSE integrated platform supports IEC 62351 application examples January 2020, Berlin, Germany
Remediation Vulnerability & Threat Real Time Monitoring Event Analysis Threat intelligence January 2020, Berlin, Germany
Emerging platforms/applications Devices/algorithms/services January 2020, Berlin, Germany
NextGen Cyber Security Analyses New technologies = more cyber security opportunities January 2020, Berlin, Germany
Supervised • Expert-> Labelling -> Analysis -> Prediction Log/event analysis Selection of algorithm is based on the problem statement ‘’bad’’ ‘’good’’ ‘’good’’ Unsupervised • Clustering algorithms January 2020, Berlin, Germany Machine learning for anomaly detection
AI Machine learning Deep learning Deep learning • Multi layer • High level features from raw data • Artificial neural networks • “non linear” decision boundaries • Supervised, unsupervised or semi- supervised type of problems Bayesian belief networks • Inference and learning in Bayesian networks • Describe a multivariate distribution representing the relations between evidences and system status Machine Learning approach Anomaly detection Monitoring Evidences Logs
• Studies related to cyber anomalies/attack processes to power-digital infrastructures including IoT/Fog/Cloud platforms • Monitoring & Logging of IT/OT indicators • Attack emulations to power-digital infrastructures including IoT/Fog/Cloud platforms • Cyber anomaly detection with Machine and Deep Learning AI techniques applied to anomaly detection
• Simulation of power control schemes • Attack emulations • Cyber anomaly monitoring, detection, visualization, recovery (MDVR) platforms • Integration of IT/OT MDVR platforms in power control simulations • Evaluation of cyber resilient scenarios Resilience of Cyber-Power Systems
References 1. World Energy Council, “Cyber challenges to the energy transition”, 2019 2. E‐ISAC | Analysis of the Cyber Attack on the Ukrainian Power Grid | March 18, 2016 3. NIST Cybersecurity Framework Version 1.1, April 2018, https://www.nist.gov/cyberframework/framework 4. Smart Grid Task Force-Expert Group 2-Cybersecurity , «Recommendations to the European Commission for the Implementation of Sector-Specific Rules for Cybersecurity Aspects of Cross- Border Electricity Flows, on Common Minimum Requirements, Planning, Monitoring, Reporting and Crisis Management,» 2019 5. R. Terruggia, G. Dondossola, M. Ekstedt, “Cyber security analysis of Web-of-Cells energy architectures”, 5th International Symposium for ICS and SCADA Cyber Security Research 2018, Hamburg, August 2018 6. G. Dondossola, R. Terruggia, “Amonitoring architecture for smart grid cyber security”, Cigré Science and Engineering, February 2018 7. D. Cerotti, D. Codetta-Raiteri, L. Egidi, R. Terruggia, G. Dondossola, «Analysis and Detection of Cyber Attack Processes targeting Smart Grids», 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe), September 2019 38
Thank you!

Recommended

Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityCybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityLeonardo ENERGY
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Leonardo ENERGY
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...Dale Butler
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada securityYulia Rotar
 
CYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDCYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDSiva Sasthri
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilitiesNirmal Thaliyil
 
Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...sidhota
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramEnergySec
 

Recommended

Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityCybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityLeonardo ENERGY
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Leonardo ENERGY
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...Dale Butler
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada securityYulia Rotar
 
CYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDCYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDSiva Sasthri
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilitiesNirmal Thaliyil
 
Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...sidhota
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramEnergySec
 
Cyber security for smart grid
Cyber security for smart grid Cyber security for smart grid
Cyber security for smart grid Krithika Muthusubramanian
 
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...KazHackStan
 
Cyber security in power sector
Cyber security in power sectorCyber security in power sector
Cyber security in power sectorP K Agarwal
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodClubHack
 
Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense NESslides
 
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...Sardegna Ricerche
 
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...University of Southern California
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsSergey Gordeychik
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsIJEACS
 
Secure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingSecure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingAnita D'Amico
 
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...IRJET Journal
 
Hazardex 2018 when safety met security
Hazardex 2018 when safety met securityHazardex 2018 when safety met security
Hazardex 2018 when safety met securityRob Turner
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityBoston Global Forum
 
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733SIVA SASTHRI
 
Ijscs
IjscsIjscs
Ijscsijfcst journal
 
13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)pijans
 
Call for papers - 13th International Conference on Network Security & Appli...
Call for papers - 13th International Conference on Network Security & Appli...Call for papers - 13th International Conference on Network Security & Appli...
Call for papers - 13th International Conference on Network Security & Appli...IJNSA Journal
 
13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)IJNSA Journal
 
Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Chinedu Opara
 
Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2Smart Grid Interoperability Panel
 
NIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesNIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesDr Dev Kambhampati
 

More Related Content

What's hot

Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...KazHackStan
 
Cyber security in power sector
Cyber security in power sectorCyber security in power sector
Cyber security in power sectorP K Agarwal
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodClubHack
 
Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense NESslides
 
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...Sardegna Ricerche
 
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...University of Southern California
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsSergey Gordeychik
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsIJEACS
 
Secure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingSecure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingAnita D'Amico
 
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...IRJET Journal
 
Hazardex 2018 when safety met security
Hazardex 2018 when safety met securityHazardex 2018 when safety met security
Hazardex 2018 when safety met securityRob Turner
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityBoston Global Forum
 
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733SIVA SASTHRI
 
13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)pijans
 
Call for papers - 13th International Conference on Network Security & Appli...
Call for papers - 13th International Conference on Network Security & Appli...Call for papers - 13th International Conference on Network Security & Appli...
Call for papers - 13th International Conference on Network Security & Appli...IJNSA Journal
 
13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)IJNSA Journal
 
Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Chinedu Opara
 

What's hot (20)

Cyber security for smart grid
Cyber security for smart grid Cyber security for smart grid
Cyber security for smart grid
 
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
 
Cyber security in power sector
Cyber security in power sectorCyber security in power sector
Cyber security in power sector
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun Rathod
 
Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense
 
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
 
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart grids
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control Systems
 
Secure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingSecure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security Sensemaking
 
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
 
Hazardex 2018 when safety met security
Hazardex 2018 when safety met securityHazardex 2018 when safety met security
Hazardex 2018 when safety met security
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber security
 
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational Awareness
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733
 
Ijscs
IjscsIjscs
Ijscs
 
13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)
 
Call for papers - 13th International Conference on Network Security & Appli...
Call for papers - 13th International Conference on Network Security & Appli...Call for papers - 13th International Conference on Network Security & Appli...
Call for papers - 13th International Conference on Network Security & Appli...
 
13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)
 
Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)
 

Similar to Developing Advanced Threat Detection for Critical Infrastructure

NIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesNIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesDr Dev Kambhampati
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...TelecomValley
 
Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)Nikandrov Maxim
 
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...IRJET Journal
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid systemamaljose949563
 
IBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATION
IBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATIONIBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATION
IBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATIONIRJET Journal
 
Securing Critical Infrastructures with a cybersecurity digital twin
Securing Critical Infrastructures with a cybersecurity digital twin Securing Critical Infrastructures with a cybersecurity digital twin
Securing Critical Infrastructures with a cybersecurity digital twin Massimiliano Masi
 
Power Plants Security Webinar Presentation
Power Plants Security Webinar PresentationPower Plants Security Webinar Presentation
Power Plants Security Webinar PresentationCertrec
 
Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018aztechcouncil
 
[GITSN] wireless data security system
[GITSN] wireless data security system[GITSN] wireless data security system
[GITSN] wireless data security system운상 조
 
Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance EnergyTech2015
 
International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)ijfcst journal
 
IEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkIEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkNathan Wallace, PhD, PE
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA NetworksIJRES Journal
 
Threats to AI-Driven Industry 4.O From Neural Backdoors.pdf
Threats to AI-Driven Industry 4.O From Neural Backdoors.pdfThreats to AI-Driven Industry 4.O From Neural Backdoors.pdf
Threats to AI-Driven Industry 4.O From Neural Backdoors.pdfPentaTech
 
International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) MiajackB
 

Similar to Developing Advanced Threat Detection for Critical Infrastructure (20)

Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2
 
NIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesNIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric Utilities
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
 
Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)
 
02 ibm security for smart grids
02 ibm security for smart grids02 ibm security for smart grids
02 ibm security for smart grids
 
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
 
Irjet v7 i3475
Irjet v7 i3475Irjet v7 i3475
Irjet v7 i3475
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid system
 
IBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATION
IBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATIONIBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATION
IBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATION
 
Securing Critical Infrastructures with a cybersecurity digital twin
Securing Critical Infrastructures with a cybersecurity digital twin Securing Critical Infrastructures with a cybersecurity digital twin
Securing Critical Infrastructures with a cybersecurity digital twin
 
Power Plants Security Webinar Presentation
Power Plants Security Webinar PresentationPower Plants Security Webinar Presentation
Power Plants Security Webinar Presentation
 
Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018
 
[GITSN] wireless data security system
[GITSN] wireless data security system[GITSN] wireless data security system
[GITSN] wireless data security system
 
Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA Networks
 
Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance
 
International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)
 
IEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkIEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel Talk
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA Networks
 
Threats to AI-Driven Industry 4.O From Neural Backdoors.pdf
Threats to AI-Driven Industry 4.O From Neural Backdoors.pdfThreats to AI-Driven Industry 4.O From Neural Backdoors.pdf
Threats to AI-Driven Industry 4.O From Neural Backdoors.pdf
 
International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA)
 

More from Power System Operation

Thermography test of electrical panels
Thermography test of electrical panelsThermography test of electrical panels
Thermography test of electrical panelsPower System Operation
 
Big Data Analytics for Power Grid Operations
Big Data Analytics for Power Grid OperationsBig Data Analytics for Power Grid Operations
Big Data Analytics for Power Grid OperationsPower System Operation
 
SPS to RAS Special Protection Scheme Remedial Action Scheme
SPS to RAS Special Protection Scheme Remedial Action SchemeSPS to RAS Special Protection Scheme Remedial Action Scheme
SPS to RAS Special Protection Scheme Remedial Action SchemePower System Operation
 
SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...
SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...
SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...Power System Operation
 
Principles & Testing Methods Of Earth Ground Resistance
Principles & Testing Methods Of Earth Ground ResistancePrinciples & Testing Methods Of Earth Ground Resistance
Principles & Testing Methods Of Earth Ground ResistancePower System Operation
 
Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)
Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)
Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)Power System Operation
 
Electrical Transmission Tower Types - Design & Parts
Electrical Transmission Tower Types - Design & PartsElectrical Transmission Tower Types - Design & Parts
Electrical Transmission Tower Types - Design & PartsPower System Operation
 
The Need for Enhanced Power System Modelling Techniques & Simulation Tools
The Need for Enhanced Power System Modelling Techniques & Simulation Tools The Need for Enhanced Power System Modelling Techniques & Simulation Tools
The Need for Enhanced Power System Modelling Techniques & Simulation Tools Power System Operation
 
Power Quality Trends in the Transition to Carbon-Free Electrical Energy System
Power Quality Trends in the Transition to Carbon-Free Electrical Energy SystemPower Quality Trends in the Transition to Carbon-Free Electrical Energy System
Power Quality Trends in the Transition to Carbon-Free Electrical Energy SystemPower System Operation
 

More from Power System Operation (20)

ENERGY TRANSITION OUTLOOK 2021
ENERGY TRANSITION OUTLOOK 2021ENERGY TRANSITION OUTLOOK 2021
ENERGY TRANSITION OUTLOOK 2021
 
Thermography test of electrical panels
Thermography test of electrical panelsThermography test of electrical panels
Thermography test of electrical panels
 
What does peak shaving mean
What does peak shaving meanWhat does peak shaving mean
What does peak shaving mean
 
What's short circuit level
What's short circuit levelWhat's short circuit level
What's short circuit level
 
Power System Restoration Guide
Power System Restoration Guide Power System Restoration Guide
Power System Restoration Guide
 
Big Data Analytics for Power Grid Operations
Big Data Analytics for Power Grid OperationsBig Data Analytics for Power Grid Operations
Big Data Analytics for Power Grid Operations
 
SPS to RAS Special Protection Scheme Remedial Action Scheme
SPS to RAS Special Protection Scheme Remedial Action SchemeSPS to RAS Special Protection Scheme Remedial Action Scheme
SPS to RAS Special Protection Scheme Remedial Action Scheme
 
Substation Neutral Earthing
Substation Neutral EarthingSubstation Neutral Earthing
Substation Neutral Earthing
 
SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...
SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...
SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...
 
Principles & Testing Methods Of Earth Ground Resistance
Principles & Testing Methods Of Earth Ground ResistancePrinciples & Testing Methods Of Earth Ground Resistance
Principles & Testing Methods Of Earth Ground Resistance
 
Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)
Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)
Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)
 
Electrical Transmission Tower Types - Design & Parts
Electrical Transmission Tower Types - Design & PartsElectrical Transmission Tower Types - Design & Parts
Electrical Transmission Tower Types - Design & Parts
 
What is load management
What is load managementWhat is load management
What is load management
 
What does merit order mean
What does merit order meanWhat does merit order mean
What does merit order mean
 
What are Balancing Services ?
What are Balancing Services ?What are Balancing Services ?
What are Balancing Services ?
 
The Need for Enhanced Power System Modelling Techniques & Simulation Tools
The Need for Enhanced Power System Modelling Techniques & Simulation Tools The Need for Enhanced Power System Modelling Techniques & Simulation Tools
The Need for Enhanced Power System Modelling Techniques & Simulation Tools
 
Power Quality Trends in the Transition to Carbon-Free Electrical Energy System
Power Quality Trends in the Transition to Carbon-Free Electrical Energy SystemPower Quality Trends in the Transition to Carbon-Free Electrical Energy System
Power Quality Trends in the Transition to Carbon-Free Electrical Energy System
 
Power Purchase Agreement PPA
Power Purchase Agreement PPA Power Purchase Agreement PPA
Power Purchase Agreement PPA
 
Harmonic study and analysis
Harmonic study and analysisHarmonic study and analysis
Harmonic study and analysis
 
What is leakage current testing
What is leakage current testingWhat is leakage current testing
What is leakage current testing
 

Recently uploaded

MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Suman Mia
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidNikhilNagaraju
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 

Recently uploaded (20)

MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 

Developing Advanced Threat Detection for Critical Infrastructure

  • 1. Threat Detection Developing Advanced Security Monitoring & Threat Detection to deliver Cyber Resilience in OT Environments
  • 2. About RSE Applied research on the electro-energetic sector, experimental activities including Cyber Security experimental assessment January 2020, Berlin, Germany
  • 3. Table of contents January 2020, Berlin, Germany • Cyber challenges to the energy transition • European Regulations • ICS cyber security analyses with state of art tools • Advanced probabilistic models for anomaly detection and attack forecast • Experimental platform for security monitoring, anomaly detection and recovery • Application of machine/deep learning to cyber anomaly detection
  • 4. Cyber challenges to the energy transition The number of known attack groups increased from 140 in 2018 to 155 in 2019.6 [WEC] January 2020, Berlin, Germany
  • 5. Attack to Ukrainian Grid - details • E‐ISAC | Analysis of the Cyber Attack on the Ukrainian Power Grid | March 18, 2016 January 2020, Berlin, Germany
  • 6. NIS Directive EU 2016/1148 CHAPTER IV SECURITY OF THE NETWORK AND INFORMATION SYSTEMS OF OPERATORS OF ESSENTIAL SERVICES Article 14 Security requirements and incident notification 1.Member States shall ensure that operators of essential services take appropriate and proportionate technical and organisational measures to manage the risks posed to the security of network and information systems which they use in their operations. 2.Member States shall ensure that operators of essential services take appropriate measures to prevent and minimise the impact of incidents affecting the security of the network and information systems used for the provision of such essential services, with a view to ensuring the continuity of those services. 3.Member States shall ensure that operators of essential services notify, without undue delay, the competent authority or the CSIRT of incidents having a significant impact on the continuity of the essential services they provide. Notifications shall include information enabling the competent authority or the CSIRT to determine any cross-border impact of the incident. Notification shall not make the notifying party subject to increased liability.
  • 7. Network Code on Cybersecurity [Euopean Commission, Smart Grid Task Force, Expert Group 2] January 2020, Berlin, Germany
  • 8. Power System Resilience - Definition CIGRE WG C4.47 Reference Paper January 2020, Berlin, Germany
  • 9. NIST Cyber Security Framework January 2020, Berlin, Germany
  • 10. NIST Cyber Security Framework (cont.) • Functions and categories January 2020, Berlin, Germany
  • 11. RSE Cyber Security Framework Research and InnovationFoundations Experiments ICT Simulators Power Simulators Standards Regulations Analysis methodologi es AI Algorithms Technologies January 2020, Berlin, Germany
  • 12. RSE Cyber Security Framework (cont.) January 2020, Berlin, Germany
  • 13. ICS cyber security analyses Field Network Corporate Network Control Network DMZ Network NIST 800-82 January 2020, Berlin, Germany
  • 14. SecuriCAD based methodology • SecuriCAD tool by Foreseeti (SE) allows the evaluation of the TTC indicator (Time To Compromise); TTC represents the expected time an attacker would take to compromise every single asset in the modelled ICT infrastructure • Each asset on the model has specific attack steps associate with it that can be exploited to control the component, this is dependent on the type of asset and the values of the configured parameters • Pre-determined attack steps • Pre-defined attack step probability • Graphical interface
  • 16. Attack path Attack graph Imperfect defenses SecuriCAD Attack Graph
  • 17. Measure Success % in 10 days Success % in 20 days Success % in 50 days Δ% Vs Base line 10 days Δ% Vs Baseline 20 days Δ% Vs Baseline 50 days Firewall off 25% 38% 58% 19% 28% 36% Baseline (fw on) 6% 10% 22% - - - Baseline + Protocol security 5% 8% 21% -1% -2% -1% Baseline + Protocol sec + IDS 4% 7% 18% -2% -3% -4% Baseline + Protocol sec + IDS+IPS 3% 7% 20% -3% -3% -2% Baseline + Protocol sec + IDS+IPS + AC sec (no default pw) 2% 4% 12% -4% -6% -10% SecuriCAD Analyses
  • 18. Probabilistic graphical models Bayesian Networks • based on real world knowledge and parameters • oriented to the power system • predictive and diagnostic analysis • for planning, assessment, detection, forecasting January 2020, Berlin, Germany
  • 19. Analysis types planning • security measures • monitoring sensors setup detection • early detection of intrusions assessment • effectiveness of security measures • effectiveness of monitoring system forecasting • adversarial moves
  • 20. 20 Adversarial Tactics Techniques and Common Knowledge https://attack.mitre.org/
  • 22. Threat Detection Report 2019 - Red Canary ATT&CK technique leverage
  • 23. Attack process to power control infrastructure Field Network Corporate Network Control Network DMZ Network Power Control Area Attack Graph IT Area Attack Graph 23
  • 24. Methodological approach Attack Graph 24 Bayesian Network IT techniques • MITRE ATT&CK - scores based on attack groups, software, references OT techniques • US ICS-CERT Vulnerability Advisories - CVSS scores Analytics • events whose observation is significant to the security analyst • MITRE CAR + power domain specific
  • 25. Predictive/Diagnostic Analysis 25 Detection: Importance of monitoring system security Planning /Assessment: Network specific risk assessment for defence planning Planning/ Assessment : Relevance of analytics in the planning of the monitoring system D. Cerotti, D. Codetta-Raiteri, L. Egidi, R. Terruggia, G. Dondossola, «Analysis and Detection of Cyber Attack Processes targeting Smart Grids», 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe), September2019
  • 26. Attack Emulation Detection tools Scenarios Demonstration & Evaluation Anomaly Detection Experiments January 2020, Berlin, Germany
  • 27. Analysis and Correlation Detection of anomalies Alert Prevention/ Recovery SNMP Syslog Evidence Monitoring values Logs Collection January 2020, Berlin, Germany Detection and Response Process
  • 28. Traditional IT detection • Transport layer • Information flow Context specific detection • Application level detection Syntactic vs semantic analysis Indicators Machine learning & Big Data approach Detection @ different layers January 2020, Berlin, Germany
  • 29. RSE Power Control System Resilience Testing PCS-ResTest Lab January 2020, Berlin, Germany
  • 30. Monitoring integrated platform RSE integrated platform supports IEC 62351 application examples January 2020, Berlin, Germany
  • 31. Remediation Vulnerability & Threat Real Time Monitoring Event Analysis Threat intelligence January 2020, Berlin, Germany
  • 33. NextGen Cyber Security Analyses New technologies = more cyber security opportunities January 2020, Berlin, Germany
  • 34. Supervised • Expert-> Labelling -> Analysis -> Prediction Log/event analysis Selection of algorithm is based on the problem statement ‘’bad’’ ‘’good’’ ‘’good’’ Unsupervised • Clustering algorithms January 2020, Berlin, Germany Machine learning for anomaly detection
  • 35. AI Machine learning Deep learning Deep learning • Multi layer • High level features from raw data • Artificial neural networks • “non linear” decision boundaries • Supervised, unsupervised or semi- supervised type of problems Bayesian belief networks • Inference and learning in Bayesian networks • Describe a multivariate distribution representing the relations between evidences and system status Machine Learning approach Anomaly detection Monitoring Evidences Logs
  • 36. • Studies related to cyber anomalies/attack processes to power-digital infrastructures including IoT/Fog/Cloud platforms • Monitoring & Logging of IT/OT indicators • Attack emulations to power-digital infrastructures including IoT/Fog/Cloud platforms • Cyber anomaly detection with Machine and Deep Learning AI techniques applied to anomaly detection
  • 37. • Simulation of power control schemes • Attack emulations • Cyber anomaly monitoring, detection, visualization, recovery (MDVR) platforms • Integration of IT/OT MDVR platforms in power control simulations • Evaluation of cyber resilient scenarios Resilience of Cyber-Power Systems
  • 38. References 1. World Energy Council, “Cyber challenges to the energy transition”, 2019 2. E‐ISAC | Analysis of the Cyber Attack on the Ukrainian Power Grid | March 18, 2016 3. NIST Cybersecurity Framework Version 1.1, April 2018, https://www.nist.gov/cyberframework/framework 4. Smart Grid Task Force-Expert Group 2-Cybersecurity , «Recommendations to the European Commission for the Implementation of Sector-Specific Rules for Cybersecurity Aspects of Cross- Border Electricity Flows, on Common Minimum Requirements, Planning, Monitoring, Reporting and Crisis Management,» 2019 5. R. Terruggia, G. Dondossola, M. Ekstedt, “Cyber security analysis of Web-of-Cells energy architectures”, 5th International Symposium for ICS and SCADA Cyber Security Research 2018, Hamburg, August 2018 6. G. Dondossola, R. Terruggia, “Amonitoring architecture for smart grid cyber security”, Cigré Science and Engineering, February 2018 7. D. Cerotti, D. Codetta-Raiteri, L. Egidi, R. Terruggia, G. Dondossola, «Analysis and Detection of Cyber Attack Processes targeting Smart Grids», 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe), September 2019 38