An Ontology to Promote Interoperability between Cyber-physical Security Systems in Critical Infrastructures

Canito, Alda; Aleid, Katia; Praça, Isabel; Corchado, Juan M.; Marreiros, Goreti

doi:10.1109/iccc51575.2020.9345163

Cited by 7 publications

(4 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This approach was necessary since there is little real-world data for malicious insider threat activities, effectively using human observations as a substitute. Canito et al [31] developed an ontology to improve interoperability between various cybersecurity systems, focusing on critical infrastructure and cyberphysical systems, particularly those systems found at airports. Their work included evaluating the SOFIT model for inclusion in their overall ontology.…”

Section: Ontologies For Insider Threatsmentioning

confidence: 99%

Create the Taxonomy for Unintentional Insider Threat via Text Mining and Hierarchical Clustering Analysis

Baugher,

2024

EJECE

View full text Add to dashboard Cite

The unintentional activities of system users can jeopardize the confidentiality, integrity, and assurance of data on information systems. These activities, known as unintentional insider threat activities, account for a significant percentage of data breaches. A method to mitigate or prevent this threat is using smart systems or artificial intelligence (AI). The construction of an AI requires the development of a taxonomy of activities. The literature review focused on data breach threats, mitigation tools, taxonomy usage in cybersecurity, and taxonomy development using Endnote and Google Scholar. This study aims to develop a taxonomy of unintentional insider threat activities based on narrative descriptions of the breach events in public data breach databases. The public databases were from the California Department of Justice, US Health and Human Services, and Verizon, resulting in 1850 examples of human errors. A taxonomy was constructed to specify the dimensions and characteristics of objects. Text mining and hierarchical cluster analysis were used to create the taxonomy, indicating a quantitative approach. Ward’s agglomeration coefficient was used to ensure the cluster was valid. The resulting top-level taxonomy categories are application errors, communication errors, inappropriate data permissions, lost media, and misconfigurations.

show abstract

Section: Ontologies For Insider Threatsmentioning

confidence: 99%

Create the Taxonomy for Unintentional Insider Threat via Text Mining and Hierarchical Clustering Analysis

Baugher,

2024

EJECE

View full text Add to dashboard Cite

show abstract

“…Other research highlights the importance of having an effective model that regulates the management of security incidents in critical infrastructures and analyses the characteristics that an incident management model should have, focusing on the energy sector ( Pl ėta et al, 2020 ). Focusing on the critical sector of airports, attempts have been made to develop some models based on ontologies, which include aspects such as incident management, and the attempts made to correlate them and enrich them with information from external databases ( Canito et al, 2020 ). With regard to the aviation sector, research has also been carried out based on the analysis of the most serious incidents suffered in recent years, reaching the conclusion that it is necessary to develop specific CSIRTs for this sector and that they should be based on NIST principles ( Lekota and Coetzee, 2019 ).…”

Section: Related Work and Backgroundmentioning

confidence: 99%

Modelling language for cyber security incident handling for critical infrastructures

Mouratidis¹,

Islam²,

Santos-Olmo³

et al. 2023

Computers & Security

View full text Add to dashboard Cite

“…Moreover, IoT devices are capable of collecting, pre-processing, and transmitting security-critical and sensitive private data and, hence, they are vulnerable targets for various intruders [22] [23]. Accordingly, to offer the greater and safe functionality of IoT systems, it is vital to strengthen the security and privacy of the underlying components, especially their protocols, devices, and data, against adversary agents [24]. Compared with the traditional communication systems, IoT systems are more prone to cyber security attacks due to [12], [25]:…”

Section: ) Perception Layermentioning

confidence: 99%

Security in the Internet of Things Application Layer: Requirements, Threats, and Solutions

et al. 2022

View full text Add to dashboard Cite

Communication systems and networks are evolving as an integral part of not only of our everyday life but also as a part of the industry, fundamental infrastructures, companies, etc. Current directions and concepts, such as the Internet of Things (IoT), promise enhanced quality of life, greater business opportunities, cost-effective manufacturing, and efficient operation management through ubiquitous connectivity and deployment of smart physical objects. IoT networks are able to collect, preprocess, and transmit a huge amount of data. A considerable portion of this data is security-and privacycritical data, which makes IoT networks a tempting option for attackers. Given that these networks deal with the actual aspects of our lives and fundamental infrastructures (e.g. smart grids), cybersecurity in such networks is crucial. The large scale of these networks and their unique characteristics and complexity bring further vulnerabilities. In this study we give an introduction to IoT, focusing on the IoT application layer, security requirements, threats, and countermeasures in this layer, and some of the open issues and future research lines.

show abstract

An Ontology to Promote Interoperability between Cyber-physical Security Systems in Critical Infrastructures

Cited by 7 publications

References 25 publications

Create the Taxonomy for Unintentional Insider Threat via Text Mining and Hierarchical Clustering Analysis

Create the Taxonomy for Unintentional Insider Threat via Text Mining and Hierarchical Clustering Analysis

Modelling language for cyber security incident handling for critical infrastructures

Security in the Internet of Things Application Layer: Requirements, Threats, and Solutions

Contact Info

Product

Resources

About