Samuel Dubus scite author profile

Diagnosing accidental and malicious events in an industrial control system requires an event model with specific capacities. Most models are dedicated to either safety or security but rarely both. And the latter are developed for objectives other than diagnosis and therefore unfit for this task. In this paper, we propose an event model considering both safety and security events, usable in real-time, with a probabilistic measure of on-going and future events. This model is able to replace alerts in the context of more global scenarios, including with reinforcements or conflicts between safety and security. The model is then used to provide an analysis of some of the the security and safety events in the Taum Sauk Hydroelectric Power Station.

show abstract

Success Likelihood of Ongoing Attacks for Intrusion Detection and Response Systems

Kanoun¹,

Cuppens-Boulahia²,

Cuppens³

et al. 2009

View full text Add to dashboard Cite

Risk-Aware Framework for Activating and Deactivating Policy-Based Response

Kanoun

Cuppens-Boulahia

Cuppens

et al. 2010

View full text Add to dashboard Cite

With the growth of modern systems and infrastructures, automated and intelligent response systems become the holy grail of the security community. An interesting approach proposes to use dynamic access control policies to specify response policies for such systems. These policies should be enforced when an ongoing attack, that threatens the monitored system, is detected. However, existing work do not present a clear methodology to specify the Response policies. In particular, the deactivation issue is not yet tackled. In this paper, we first present how to specify response policies. Second, a risk-aware framework is proposed to activate and deactivate response policies. Hence, the success likelihood of the threat, and the cumulative impact of both of the threat and the response, are all considered.

show abstract

Operational security assurance evaluation in open infrastructures

Haddad

Dubus²,

Hecker

et al. 2011

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Samuel Dubus

Dynamic risk management response system to handle cyber threats

Probabilistic Event Graph to Model Safety and Security for Diagnosis Purposes

Success Likelihood of Ongoing Attacks for Intrusion Detection and Response Systems

Risk-Aware Framework for Activating and Deactivating Policy-Based Response

Operational security assurance evaluation in open infrastructures

Contact Info

Product

Resources

About