Bayesian network model to distinguish between intentional attacks and accidental technical failures: a case study of floodgates

Chockalingam, Sabarathinam; Pieters, Wolter; Teixeira, André; Gelder, P.H.A.J.M. van

doi:10.1186/s42400-021-00086-6

Cited by 12 publications

(3 citation statements)

References 36 publications

(41 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Installation environment: Ubuntu16.04, Docker version 17.12.0-c, Docker Compose 1.23.1, Golang 1.10.3, Hyperledger Fabric 1.4, etc. Docker Compose is a tool for rapidly deploying distributed applications [32,33].…”

Section: 3mentioning

confidence: 99%

Application of Blockchain Technology in Water Rights Trading in the Irrigation Area under the Internet-of-Things Environment

Xie

Yang

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

Water rights trading is an important way to solve the shortage of water resources. Combined with the characteristics of water resources and the requirements of the market economy, the organic combination of the government and the market should be strengthened. Through the establishment of a water rights system and a water rights trading market, the implementation of water rights trading will be promoted. Due to the decentralized and distributed structure, blockchain technology greatly reduces its intermediary cost in the application process. The tamper-resistant timestamp feature can realize data tracking and information anticounterfeiting, and flexible programming attributes can promote the specification of market order. Firstly, the reasons for water rights trading are studied, and the water rights trading system is analyzed. It is found that the system has the problems of the cumbersome transaction process and high transaction costs. According to the characteristics of water rights trading, the alliance chain Hyperledger Fabric is selected as the underlying network system of the trading system. Secondly, combined with water rights trading, Hyperledger Fabric multichannel technology is used to design a three-channel accounting method, and the chain code for water rights trading is designed and implemented based on the Go language. CouchDB is adopted to store key-value data, and Ubuntu, Docker, and Docker Compose are used to construct an operating environment of the chain code. Finally, the proposed system is tested. The test findings reveal that the distributed water volume of experimental area 1 is 41.8368 million m3, the current water volume is 23.831 million m3, and the quota management water volume is 20.432 million m3. The distributed water volume in area 2 is 40.4605 million m3, the current water volume is 4317.64 m3, and the quota management water volume is 77.4795 million m3. The distributed water volume in area 3 is 65.6928 million m3, the current water volume is 77.472 million m3, and the quota management water volume is 64.412 million m3. The water rights trading system based on Hyperledger Fabric can record each transaction data, which can be stored in each node, and the data stored in each node are the same. The proposed scheme provides a certain reference for the application of blockchain technology in water rights trading in irrigation areas.

show abstract

Section: 3mentioning

confidence: 99%

Application of Blockchain Technology in Water Rights Trading in the Irrigation Area under the Internet-of-Things Environment

Xie

Yang

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…There are three different types of variables in the developed framework which includes: (i) contributory factors, (ii) problem, (iii) observations (or test results). (Chockalingam et al, 2021) developed a BN model for the problem of incorrect sensor measurements in the flood management domain based on the proposed framework for distinguishing attacks and technical failures. (Chockalingam et al, 2019) proposed a framework which would help to develop BN models for determining the failure cause in case the considered problem is caused by a technical failure or attack vector when the considered problem is caused by an attack.…”

Section: Review On Security Incident Managementmentioning

confidence: 99%

Ontology for Effective Security Incident Management

Chockalingam¹,

Maathuis²

2022

iccws

Self Cite

View full text Add to dashboard Cite

With the evolution of technologies like Internet of Things (IoTs), there will be more and more connected devices in use around the world. This is one of the reasons why cyber security is critical to contemporary society as it makes the large majority susceptible to cyber-attacks. Such cyber-attacks not only impact confidentiality, integrity, and availability but also can cause physical damage. This is evident from cyber-attacks like Stuxnet and German steel mill. Effective security incident management plays an important role in minimising negative impact of such attacks mainly in terms of the organizations’ finance, reputation, and personnel safety. Typically, the main phases of security incident management include: (i) preparation, (ii) mid-incident, and (iv) post-incident. There are diverse set of concepts like Structured Threat Information Expression (STIX) and Incident Object Description Exchange Format (IODEF) in the above-mentioned phases of security incident management. However, a comprehensive overview of different concepts and the relationships between such concepts in security incident management is missing. In this paper, we develop an ontology model with relevant concepts and their corresponding relationships between them especially in the mid-incident and post-incident phases of security incident management. Furthermore, we demonstrate the proposed ontology model using colonial pipeline example case study. The proposed model will help incident responders to operationalise concepts, by having a clear understanding on different concepts and their corresponding relationships, which in turn would also make the incident response more effective in practice.

show abstract

“…Once the evidence for variables in the upper/lower layer is provided, target's posterior probability is updated. (Chockalingam et al, 2021) developed a three-layer BN that helps operators in distinguishing between attacks and faults. The upper layer has contributory factors like easy physical access to sensor, lack of maintenance.…”

Section: Bn Model Structure and Demonstrationmentioning

confidence: 99%

Responsible Digital Security Behaviour: Definition and Assessment Model

Maathuis

Chockalingam

2022

eccws

View full text Add to dashboard Cite

Digital landscape transforms remarkably and grows exponentially tackling important societal challenges and needs. In the modern age, futuristic digital concepts are ideated and developed. These digital developments create a diverse pallet of opportunities for organizations and their members like decision makers and financial personnel. Simultaneously, they also introduce different factors that influence users’ behaviour related to digital security. However, no method exists to determine whether users’ behaviour could be considered responsible or not, and in case this behaviour is irresponsible, how it could be managed effectively to avoid negative consequences. Thus far, no attempt was made to investigate this to the best of our knowledge. Then this research aims to: (i) introduce ‘responsible digital security behaviour’ notion, (ii) identify different factors influencing this behaviour, (iii) design a Bayesian Network model that classifies responsible/irresponsible digital security behaviour considering these factors, and (iv) draw recommendations for improving users’ responsible digital security behaviour. To address these, extensive literature review is conducted through technical, ethical, and social lenses in a Design Science Research approach for defining, building, and exemplifying the model. The results contribute to increasing digital security awareness and empowering in a responsible way users’ behaviours and decision-processes involved in developing and adopting new standards, methodologies, and tools in the modern digital era.

show abstract

Bayesian network model to distinguish between intentional attacks and accidental technical failures: a case study of floodgates

Cited by 12 publications

References 36 publications

Application of Blockchain Technology in Water Rights Trading in the Irrigation Area under the Internet-of-Things Environment

Application of Blockchain Technology in Water Rights Trading in the Irrigation Area under the Internet-of-Things Environment

Ontology for Effective Security Incident Management

Responsible Digital Security Behaviour: Definition and Assessment Model

Contact Info

Product

Resources

About