SlideShare a Scribd company logo

08-01-cyrail_fc_fortiss_-_how_to_detect_attacks_and_supervise_rail_systems.ppsx

Download as PPSX, PDF
A
Agostinho9

ids

Internet
1 of 19
EU Project 730843 EU Project 730843 How to Detect Attacks and Supervise Rail Systems? Taha Abdelmoutaleb Cherfia fortiss CYRAIL Final Conference Paris, 18.09.2018
EU Project 730843 Assessment of Existing IDS Solutions Identifying and analyzing the current open source and commercial intrusion detection solutions for IT and OT systems.
EU Project 730843 Intrusion Detection Intrusion detection is the process of monitoring the events occurring in a computer system or network and analysing them for signs of possible incidents, which are violations or imminent threats of violation of computer security policies, acceptable use policies, or standard security practices. Collection Analysis Response
EU Project 730843 Intrusion Detection System An intrusion detection system (IDS) is a hardware/software that automates the intrusion detection process.
EU Project 730843 IDS Characteristics An intrusion detection system has to fulfil the following requirements: Accuracy: IDS must detect and distinguish malicious activities from the legitimate ones. Performance: IDS must be able to perform real-time intrusion detection. Completeness: IDS should not fail to detect and intrusion. Fault tolerance: IDS must itself be resistant and robust against malicious attacks. Scalability: IDS must be able to monitor the worst-case number of events in a large network topology
EU Project 730843 IDS Taxonomy Host-based Intrusion Detection System (HIDS): HIDS is a software application which resides on and monitors a single host and the events occurring within that host for malicious activities. Network-based Intrusion Detection System (NIDS): NIDS is a standalone hardware device that monitors networks traffic for particular network segments or devices to identify malicious activities.
EU Project 730843 Intrusion Detection Methodologies Signature-based intrusion detection is the process of comparing signatures against observed events to identify possible incidents. Anomaly-based intrusion detection is the process of comparing definitions of what activity is considered normal against observed events to identify significant deviations. Audit Data Knowledge Base Attack Statistically Anomalous? Audit Data Knowledge Base Attack Match ?
EU Project 730843 • Exhaustive study on current intrusion detection solutions to assess their applicability to railways. March 08, 2018 CyRail – Internal Review © fortiss GmbH 8 UTM Firewalls HYBRID IDS NIDS . HIDS Technical Assessment
EU Project 730843 Technical Assessment 13 8 5  Open-source and Commercial IT solutions  Commercial IT + OT solutions  Industrial-focused solutions 26 open-source and commercial intrusion detection solutions
EU Project 730843 Assessment Criteria Solution Type Country Detection Mode Protocol Asset Discovery Response Capacity Integration Capacity Maturity
EU Project 730843 Railways IDS Solutions Cylus Country: Israel Type: Industrial Detection Mode: Anomaly Protocol: Unknown Asset : Unknown Response : Yes Integration: Unknown Maturity: Weak RadiFlow Country: Israel Type: Industrial Detection Mode: Hybrid Protocol: DPI / OT Asset : Yes Response : Yes Integration: SIEM Maturity: Good RazorSecure Country: United Kingdom Type: Industrial Detection Mode: Anomaly Protocol: N/A Asset Discovery: N/A Response : Yes Integration: SIEM Maturity: Weak Sentryo Country: France Type: Industrial Detection Mode: Anomaly Protocol: DPI / OT Asset Discovery: Yes Response : Unknown Integration: SIEM Maturity: Medium
EU Project 730843 Deployment of Intrusion Detection Solutions Proposing a flexible deployment scheme of the intrusion detection solutions on the different zones of CyRail’s operational scenario.
EU Project 730843 NIDS Solutions 1 1 = NIDS for CI NIDS monitoring internet networks for critical infrastructures They are designed by cyber security experts and then implement attack detection rules (attack patterns and behaviour). They have to be deployed in a way they can analyse the IN/OUT internet network traffic. Eg. GateWatcher and KeelbackNet.
EU Project 730843 2 2 = Industrial NIDS Industrial NIDS Specialized in the industrial protocols, based on operational knowledge of the processes and communications. They are mostly designed to detect anomalies. Eg. Claroty, Cyberbit, CyberX, Cylus, Cypres, ICS², Indegy, NexDefense, Nozomi, Radiflow, SecurityMatters and Sentryo. Industrial NIDS Solutions
EU Project 730843 3 3 = HIDS Host-based Intrusion Detection System Eg. RazorSecure. HIDS Solutions
EU Project 730843 4 4 = FW/IPS Firewall Intrusion Prevention System Located at the border of a zone. E.g. Stormshield. FW/IPS Solutions
EU Project 730843 5 5 = IT NIDS IT-extended IDS They can fit IT networks monitoring, due to their origin. Their capability to address industrial networks is more limited than industrial NIDS. Eg. Checkpoint, TippingPoint, Cisco IPS, Fortinet, Forcepoint, Leidos and Juniper. IT NIDS Solutions
EU Project 730843 1 2 4 3 5 1 = NIDS for CI 2 = Industrial NIDS 3 = HIDS 4 = FW/IPS 5 = IT NIDS Deployment of Intrusion Detection Solutions
EU Project 730843 Facts and Figures  Europe has a strong representation of industrial IDS companies.  Most Industrial IDS vendors are recent SMEs.  Fast growing market, but not mature enough yet.

Recommended

Detect Network Threat Using SNORT Intrusion Detection System
Detect Network Threat Using SNORT Intrusion Detection SystemDetect Network Threat Using SNORT Intrusion Detection System
Detect Network Threat Using SNORT Intrusion Detection System
IRJET Journal
 
IRJET- A Review on Intrusion Detection System
IRJET- A Review on Intrusion Detection SystemIRJET- A Review on Intrusion Detection System
IRJET- A Review on Intrusion Detection System
IRJET Journal
 
A new algorithm to enhance security against cyber threats for internet of thi...
A new algorithm to enhance security against cyber threats for internet of thi...A new algorithm to enhance security against cyber threats for internet of thi...
A new algorithm to enhance security against cyber threats for internet of thi...
IJECEIAES
 
IoT Based Anti-Theft Detection and Alarm System Using NodeMCU and Blynk Appli...
IoT Based Anti-Theft Detection and Alarm System Using NodeMCU and Blynk Appli...IoT Based Anti-Theft Detection and Alarm System Using NodeMCU and Blynk Appli...
IoT Based Anti-Theft Detection and Alarm System Using NodeMCU and Blynk Appli...
IRJET Journal
 
A Modular Approach To Intrusion Detection in Homogenous Wireless Network
A Modular Approach To Intrusion Detection in Homogenous Wireless NetworkA Modular Approach To Intrusion Detection in Homogenous Wireless Network
A Modular Approach To Intrusion Detection in Homogenous Wireless Network
IOSR Journals
 
A Study On Recent Trends And Developments In Intrusion Detection System
A Study On Recent Trends And Developments In Intrusion Detection SystemA Study On Recent Trends And Developments In Intrusion Detection System
A Study On Recent Trends And Developments In Intrusion Detection System
Lindsey Sais
 
Integrated AI Surveillance Ecosystem: Enhancing Industrial Health and Safety ...
Integrated AI Surveillance Ecosystem: Enhancing Industrial Health and Safety ...Integrated AI Surveillance Ecosystem: Enhancing Industrial Health and Safety ...
Integrated AI Surveillance Ecosystem: Enhancing Industrial Health and Safety ...
IRJET Journal
 
Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...
Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...
Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...
IRJET Journal
 

Recommended

Detect Network Threat Using SNORT Intrusion Detection System
Detect Network Threat Using SNORT Intrusion Detection SystemDetect Network Threat Using SNORT Intrusion Detection System
Detect Network Threat Using SNORT Intrusion Detection System
IRJET Journal
 
IRJET- A Review on Intrusion Detection System
IRJET- A Review on Intrusion Detection SystemIRJET- A Review on Intrusion Detection System
IRJET- A Review on Intrusion Detection System
IRJET Journal
 
A new algorithm to enhance security against cyber threats for internet of thi...
A new algorithm to enhance security against cyber threats for internet of thi...A new algorithm to enhance security against cyber threats for internet of thi...
A new algorithm to enhance security against cyber threats for internet of thi...
IJECEIAES
 
IoT Based Anti-Theft Detection and Alarm System Using NodeMCU and Blynk Appli...
IoT Based Anti-Theft Detection and Alarm System Using NodeMCU and Blynk Appli...IoT Based Anti-Theft Detection and Alarm System Using NodeMCU and Blynk Appli...
IoT Based Anti-Theft Detection and Alarm System Using NodeMCU and Blynk Appli...
IRJET Journal
 
A Modular Approach To Intrusion Detection in Homogenous Wireless Network
A Modular Approach To Intrusion Detection in Homogenous Wireless NetworkA Modular Approach To Intrusion Detection in Homogenous Wireless Network
A Modular Approach To Intrusion Detection in Homogenous Wireless Network
IOSR Journals
 
A Study On Recent Trends And Developments In Intrusion Detection System
A Study On Recent Trends And Developments In Intrusion Detection SystemA Study On Recent Trends And Developments In Intrusion Detection System
A Study On Recent Trends And Developments In Intrusion Detection System
Lindsey Sais
 
Integrated AI Surveillance Ecosystem: Enhancing Industrial Health and Safety ...
Integrated AI Surveillance Ecosystem: Enhancing Industrial Health and Safety ...Integrated AI Surveillance Ecosystem: Enhancing Industrial Health and Safety ...
Integrated AI Surveillance Ecosystem: Enhancing Industrial Health and Safety ...
IRJET Journal
 
Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...
Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...
Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...
IRJET Journal
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
Mohit Belwal
 
IRJET- Research Paper Firewall- Prevent Unauthorized Users
IRJET- Research Paper Firewall- Prevent Unauthorized UsersIRJET- Research Paper Firewall- Prevent Unauthorized Users
IRJET- Research Paper Firewall- Prevent Unauthorized Users
IRJET Journal
 
A Study on Recent Trends and Developments in Intrusion Detection System
A Study on Recent Trends and Developments in Intrusion Detection SystemA Study on Recent Trends and Developments in Intrusion Detection System
A Study on Recent Trends and Developments in Intrusion Detection System
IOSR Journals
 
A STUDY ON SECURITY ISSUES AND CHALLENGES IN IoT
A STUDY ON SECURITY ISSUES AND CHALLENGES IN IoTA STUDY ON SECURITY ISSUES AND CHALLENGES IN IoT
A STUDY ON SECURITY ISSUES AND CHALLENGES IN IoT
Daniel Wachtel
 
SCADAShield-Datasheet
SCADAShield-DatasheetSCADAShield-Datasheet
SCADAShield-Datasheet
Oscar Williams
 
Detecting Various Intrusion Attacks using A Fuzzy Triangular Membership Function
Detecting Various Intrusion Attacks using A Fuzzy Triangular Membership FunctionDetecting Various Intrusion Attacks using A Fuzzy Triangular Membership Function
Detecting Various Intrusion Attacks using A Fuzzy Triangular Membership Function
IRJET Journal
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
Nozomi Networks
 
IRJET- Enhance Smart Cities Security by Mitigating IoT Vulnerabilities
IRJET- Enhance Smart Cities Security by Mitigating IoT VulnerabilitiesIRJET- Enhance Smart Cities Security by Mitigating IoT Vulnerabilities
IRJET- Enhance Smart Cities Security by Mitigating IoT Vulnerabilities
IRJET Journal
 
A STUDY ON INTRUSION DETECTION
A STUDY ON INTRUSION DETECTIONA STUDY ON INTRUSION DETECTION
A STUDY ON INTRUSION DETECTION
IAEME Publication
 
A STUDY ON INTRUSION DETECTION
A STUDY ON INTRUSION DETECTIONA STUDY ON INTRUSION DETECTION
A STUDY ON INTRUSION DETECTION
IAEME Publication
 
A Study of Intrusion Detection and Prevention System for Network Security
A Study of Intrusion Detection and Prevention System for Network SecurityA Study of Intrusion Detection and Prevention System for Network Security
A Study of Intrusion Detection and Prevention System for Network Security
IRJET Journal
 
IRJET- Home Automation using IoT: Review
IRJET- Home Automation using IoT: ReviewIRJET- Home Automation using IoT: Review
IRJET- Home Automation using IoT: Review
IRJET Journal
 
IRJET - IDS for Wifi Security
IRJET - IDS for Wifi SecurityIRJET - IDS for Wifi Security
IRJET - IDS for Wifi Security
IRJET Journal
 
EENA 2018 - Smart Solutions for Safe Cities
EENA 2018 - Smart Solutions for Safe CitiesEENA 2018 - Smart Solutions for Safe Cities
EENA 2018 - Smart Solutions for Safe Cities
EENA (European Emergency Number Association)
 
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
South Tyrol Free Software Conference
 
Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...
Eng. Mohammed Ahmed Siddiqui
 
Efficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion DetectionEfficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion Detection
editor1knowledgecuddle
 
Main Innovations of the SerIoT project
Main Innovations of the SerIoT project Main Innovations of the SerIoT project
Main Innovations of the SerIoT project
SerIoT project
 
Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018
African Cyber Security Summit
 
Io t first(1)
Io t first(1)Io t first(1)
Io t first(1)
MuhammadAbduArRahman
 
ids.ppt
ids.pptids.ppt
ids.ppt
Agostinho9
 
Sistemas de Detecção de Intrusão.pdf
Sistemas de Detecção de Intrusão.pdfSistemas de Detecção de Intrusão.pdf
Sistemas de Detecção de Intrusão.pdf
Agostinho9
 

More Related Content

Similar to 08-01-cyrail_fc_fortiss_-_how_to_detect_attacks_and_supervise_rail_systems.ppsx

A STUDY ON INTRUSION DETECTION
A STUDY ON INTRUSION DETECTIONA STUDY ON INTRUSION DETECTION
A STUDY ON INTRUSION DETECTION
IAEME Publication
 
A STUDY ON INTRUSION DETECTION
A STUDY ON INTRUSION DETECTIONA STUDY ON INTRUSION DETECTION
A STUDY ON INTRUSION DETECTION
IAEME Publication
 
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
South Tyrol Free Software Conference
 
Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...
Eng. Mohammed Ahmed Siddiqui
 
Efficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion DetectionEfficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion Detection
editor1knowledgecuddle
 

Similar to 08-01-cyrail_fc_fortiss_-_how_to_detect_attacks_and_supervise_rail_systems.ppsx (20)

Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
 
IRJET- Research Paper Firewall- Prevent Unauthorized Users
IRJET- Research Paper Firewall- Prevent Unauthorized UsersIRJET- Research Paper Firewall- Prevent Unauthorized Users
IRJET- Research Paper Firewall- Prevent Unauthorized Users
 
A Study on Recent Trends and Developments in Intrusion Detection System
A Study on Recent Trends and Developments in Intrusion Detection SystemA Study on Recent Trends and Developments in Intrusion Detection System
A Study on Recent Trends and Developments in Intrusion Detection System
 
A STUDY ON SECURITY ISSUES AND CHALLENGES IN IoT
A STUDY ON SECURITY ISSUES AND CHALLENGES IN IoTA STUDY ON SECURITY ISSUES AND CHALLENGES IN IoT
A STUDY ON SECURITY ISSUES AND CHALLENGES IN IoT
 
SCADAShield-Datasheet
SCADAShield-DatasheetSCADAShield-Datasheet
SCADAShield-Datasheet
 
Detecting Various Intrusion Attacks using A Fuzzy Triangular Membership Function
Detecting Various Intrusion Attacks using A Fuzzy Triangular Membership FunctionDetecting Various Intrusion Attacks using A Fuzzy Triangular Membership Function
Detecting Various Intrusion Attacks using A Fuzzy Triangular Membership Function
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
 
IRJET- Enhance Smart Cities Security by Mitigating IoT Vulnerabilities
IRJET- Enhance Smart Cities Security by Mitigating IoT VulnerabilitiesIRJET- Enhance Smart Cities Security by Mitigating IoT Vulnerabilities
IRJET- Enhance Smart Cities Security by Mitigating IoT Vulnerabilities
 
A STUDY ON INTRUSION DETECTION
A STUDY ON INTRUSION DETECTIONA STUDY ON INTRUSION DETECTION
A STUDY ON INTRUSION DETECTION
 
A STUDY ON INTRUSION DETECTION
A STUDY ON INTRUSION DETECTIONA STUDY ON INTRUSION DETECTION
A STUDY ON INTRUSION DETECTION
 
A Study of Intrusion Detection and Prevention System for Network Security
A Study of Intrusion Detection and Prevention System for Network SecurityA Study of Intrusion Detection and Prevention System for Network Security
A Study of Intrusion Detection and Prevention System for Network Security
 
IRJET- Home Automation using IoT: Review
IRJET- Home Automation using IoT: ReviewIRJET- Home Automation using IoT: Review
IRJET- Home Automation using IoT: Review
 
IRJET - IDS for Wifi Security
IRJET - IDS for Wifi SecurityIRJET - IDS for Wifi Security
IRJET - IDS for Wifi Security
 
EENA 2018 - Smart Solutions for Safe Cities
EENA 2018 - Smart Solutions for Safe CitiesEENA 2018 - Smart Solutions for Safe Cities
EENA 2018 - Smart Solutions for Safe Cities
 
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
 
Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...
 
Efficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion DetectionEfficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion Detection
 
Main Innovations of the SerIoT project
Main Innovations of the SerIoT project Main Innovations of the SerIoT project
Main Innovations of the SerIoT project
 
Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018
 
Io t first(1)
Io t first(1)Io t first(1)
Io t first(1)
 

More from Agostinho9

More from Agostinho9 (14)

ids.ppt
ids.pptids.ppt
ids.ppt
 
Sistemas de Detecção de Intrusão.pdf
Sistemas de Detecção de Intrusão.pdfSistemas de Detecção de Intrusão.pdf
Sistemas de Detecção de Intrusão.pdf
 
analise_e_coleta_dados.pptx
analise_e_coleta_dados.pptxanalise_e_coleta_dados.pptx
analise_e_coleta_dados.pptx
 
SEGURANÇA DE REDES.ppt
SEGURANÇA DE REDES.pptSEGURANÇA DE REDES.ppt
SEGURANÇA DE REDES.ppt
 
Capítulo 2 Conceitos de Segurança Física e Segurança Lógica.pdf
Capítulo 2 Conceitos de Segurança Física e Segurança Lógica.pdfCapítulo 2 Conceitos de Segurança Física e Segurança Lógica.pdf
Capítulo 2 Conceitos de Segurança Física e Segurança Lógica.pdf
 
redes de pc.ppt
redes de pc.pptredes de pc.ppt
redes de pc.ppt
 
REDES.ppt
REDES.pptREDES.ppt
REDES.ppt
 
Redes Wireless.ppt
Redes Wireless.pptRedes Wireless.ppt
Redes Wireless.ppt
 
Redes Wireless.ppt
Redes Wireless.pptRedes Wireless.ppt
Redes Wireless.ppt
 
Redes.ppt
Redes.pptRedes.ppt
Redes.ppt
 
Enderecamento IP - sub-redes v1.1 com sumarizacao.pdf
Enderecamento IP - sub-redes v1.1 com sumarizacao.pdfEnderecamento IP - sub-redes v1.1 com sumarizacao.pdf
Enderecamento IP - sub-redes v1.1 com sumarizacao.pdf
 
IDS.pdf
IDS.pdfIDS.pdf
IDS.pdf
 
Vulnerabilidade.ppt
Vulnerabilidade.pptVulnerabilidade.ppt
Vulnerabilidade.ppt
 
IDS.ppt
IDS.pptIDS.ppt
IDS.ppt
 

Recently uploaded

𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
Neha Pandey
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Delhi Call girls
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
imonikaupta
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
tanu pandey
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
ydyuyu
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
SUHANI PANDEY
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
ruhi
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
SUHANI PANDEY
 
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
SUHANI PANDEY
 
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
nirzagarg
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
nirzagarg
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
singhpriety023
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Delhi Call girls
 
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
SUHANI PANDEY
 

Recently uploaded (20)

𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
 
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
 

08-01-cyrail_fc_fortiss_-_how_to_detect_attacks_and_supervise_rail_systems.ppsx

  • 1. EU Project 730843 EU Project 730843 How to Detect Attacks and Supervise Rail Systems? Taha Abdelmoutaleb Cherfia fortiss CYRAIL Final Conference Paris, 18.09.2018
  • 2. EU Project 730843 Assessment of Existing IDS Solutions Identifying and analyzing the current open source and commercial intrusion detection solutions for IT and OT systems.
  • 3. EU Project 730843 Intrusion Detection Intrusion detection is the process of monitoring the events occurring in a computer system or network and analysing them for signs of possible incidents, which are violations or imminent threats of violation of computer security policies, acceptable use policies, or standard security practices. Collection Analysis Response
  • 4. EU Project 730843 Intrusion Detection System An intrusion detection system (IDS) is a hardware/software that automates the intrusion detection process.
  • 5. EU Project 730843 IDS Characteristics An intrusion detection system has to fulfil the following requirements: Accuracy: IDS must detect and distinguish malicious activities from the legitimate ones. Performance: IDS must be able to perform real-time intrusion detection. Completeness: IDS should not fail to detect and intrusion. Fault tolerance: IDS must itself be resistant and robust against malicious attacks. Scalability: IDS must be able to monitor the worst-case number of events in a large network topology
  • 6. EU Project 730843 IDS Taxonomy Host-based Intrusion Detection System (HIDS): HIDS is a software application which resides on and monitors a single host and the events occurring within that host for malicious activities. Network-based Intrusion Detection System (NIDS): NIDS is a standalone hardware device that monitors networks traffic for particular network segments or devices to identify malicious activities.
  • 7. EU Project 730843 Intrusion Detection Methodologies Signature-based intrusion detection is the process of comparing signatures against observed events to identify possible incidents. Anomaly-based intrusion detection is the process of comparing definitions of what activity is considered normal against observed events to identify significant deviations. Audit Data Knowledge Base Attack Statistically Anomalous? Audit Data Knowledge Base Attack Match ?
  • 8. EU Project 730843 • Exhaustive study on current intrusion detection solutions to assess their applicability to railways. March 08, 2018 CyRail – Internal Review © fortiss GmbH 8 UTM Firewalls HYBRID IDS NIDS . HIDS Technical Assessment
  • 9. EU Project 730843 Technical Assessment 13 8 5  Open-source and Commercial IT solutions  Commercial IT + OT solutions  Industrial-focused solutions 26 open-source and commercial intrusion detection solutions
  • 10. EU Project 730843 Assessment Criteria Solution Type Country Detection Mode Protocol Asset Discovery Response Capacity Integration Capacity Maturity
  • 11. EU Project 730843 Railways IDS Solutions Cylus Country: Israel Type: Industrial Detection Mode: Anomaly Protocol: Unknown Asset : Unknown Response : Yes Integration: Unknown Maturity: Weak RadiFlow Country: Israel Type: Industrial Detection Mode: Hybrid Protocol: DPI / OT Asset : Yes Response : Yes Integration: SIEM Maturity: Good RazorSecure Country: United Kingdom Type: Industrial Detection Mode: Anomaly Protocol: N/A Asset Discovery: N/A Response : Yes Integration: SIEM Maturity: Weak Sentryo Country: France Type: Industrial Detection Mode: Anomaly Protocol: DPI / OT Asset Discovery: Yes Response : Unknown Integration: SIEM Maturity: Medium
  • 12. EU Project 730843 Deployment of Intrusion Detection Solutions Proposing a flexible deployment scheme of the intrusion detection solutions on the different zones of CyRail’s operational scenario.
  • 13. EU Project 730843 NIDS Solutions 1 1 = NIDS for CI NIDS monitoring internet networks for critical infrastructures They are designed by cyber security experts and then implement attack detection rules (attack patterns and behaviour). They have to be deployed in a way they can analyse the IN/OUT internet network traffic. Eg. GateWatcher and KeelbackNet.
  • 14. EU Project 730843 2 2 = Industrial NIDS Industrial NIDS Specialized in the industrial protocols, based on operational knowledge of the processes and communications. They are mostly designed to detect anomalies. Eg. Claroty, Cyberbit, CyberX, Cylus, Cypres, ICS², Indegy, NexDefense, Nozomi, Radiflow, SecurityMatters and Sentryo. Industrial NIDS Solutions
  • 15. EU Project 730843 3 3 = HIDS Host-based Intrusion Detection System Eg. RazorSecure. HIDS Solutions
  • 16. EU Project 730843 4 4 = FW/IPS Firewall Intrusion Prevention System Located at the border of a zone. E.g. Stormshield. FW/IPS Solutions
  • 17. EU Project 730843 5 5 = IT NIDS IT-extended IDS They can fit IT networks monitoring, due to their origin. Their capability to address industrial networks is more limited than industrial NIDS. Eg. Checkpoint, TippingPoint, Cisco IPS, Fortinet, Forcepoint, Leidos and Juniper. IT NIDS Solutions
  • 18. EU Project 730843 1 2 4 3 5 1 = NIDS for CI 2 = Industrial NIDS 3 = HIDS 4 = FW/IPS 5 = IT NIDS Deployment of Intrusion Detection Solutions
  • 19. EU Project 730843 Facts and Figures  Europe has a strong representation of industrial IDS companies.  Most Industrial IDS vendors are recent SMEs.  Fast growing market, but not mature enough yet.

Editor's Notes

  1. Network-based Intrusion Detection System
  2. Network-based Intrusion Detection System
  3. Intrusion Detection System