Towards Deployment Strategies for Deception Systems

Fraunholz, Daniel; Zimmermann, Marc

doi:10.25046/aj0203161

Cited by 9 publications

(3 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another positive aspect of AI in perimeter security is that it is more cost-effective than the traditional model. AI requires fewer staff and less (Fraunholz et al, 2017 ) maintenance, which means total costs are much lower. Furthermore, AI is also more scalable, meaning it can be used in a wide variety of environments and for a wide variety of applications.…”

Section: Discussionmentioning

confidence: 99%

Authentication, access, and monitoring system for critical areas with the use of artificial intelligence integrated into perimeter security in a data center

Villegas-Ch,

García-Ortiz

2023

Front. Big Data

View full text Add to dashboard Cite

Perimeter security in data centers helps protect systems and the data they store by preventing unauthorized access and protecting critical resources from potential threats. According to the report of the information security company SonicWall, in 2021, there was a 66% increase in the number of ransomware attacks. In addition, the message from the same company indicates that the total number of cyber threats detected in 2021 increased by 24% compared to 2019. Among these attacks, the infrastructure of data centers was compromised; for this reason, organizations include elements Physical such as security cameras, movement detection systems, authentication systems, etc., as an additional measure that contributes to perimeter security. This work proposes using artificial intelligence in the perimeter security of data centers. It allows the automation and optimization of security processes, which translates into greater efficiency and reliability in the operations that prevent intrusions through authentication, permit verification, and monitoring critical areas. It is crucial to ensure that AI-based perimeter security systems are designed to protect and respect user privacy. In addition, it is essential to regularly monitor the effectiveness and integrity of these systems to ensure that they function correctly and meet security standards.

show abstract

Section: Discussionmentioning

confidence: 99%

Authentication, access, and monitoring system for critical areas with the use of artificial intelligence integrated into perimeter security in a data center

Villegas-Ch,

García-Ortiz

2023

Front. Big Data

View full text Add to dashboard Cite

show abstract

“…The introduction of context information into the anomaly detection process is promising and capable of increasing the performance [12]. Furthermore, the employment of deception technologies as sensors for anomaly detection could be used to enhance the insight about malicious behaviour [17].…”

Section: Discussionmentioning

confidence: 99%

Evaluation of Machine Learning-based Anomaly Detection Algorithms on an Industrial Modbus/TCP Data Set

Antón

Kanoor

Fraunholz

et al. 2018

Proceedings of the 13th International Conference on Availability, Reliability and Security

Self Cite

View full text Add to dashboard Cite

In the context of the Industrial Internet of Things, communication technology, originally used in home and office environments, is introduced into industrial applications. Commercial off-the-shelf products, as well as unified and well-established communication protocols make this technology easy to integrate and use. Furthermore, productivity is increased in comparison to classic industrial control by making systems easier to manage, set up and configure. Unfortunately, most attack surfaces of home and office environments are introduced into industrial applications as well, which usually have very few security mechanisms in place. Over the last years, several technologies tackling that issue have been researched. In this work, machine learning-based anomaly detection algorithms are employed to find malicious traffic in a synthetically generated data set of Modbus/TCP communication of a fictitious industrial scenario. The applied algorithms are Support Vector Machine (SVM), Random Forest, k-nearest neighbour and k-means clustering. Due to the synthetic data set, supervised learning is possible. Support Vector Machine and k-nearest neighbour perform well with different data sets, while k-nearest neighbour and k-means clustering do not perform satisfactorily.

show abstract

“…There is an abundance of examples, where systems that provide full-fledged operating systems are suffering from easy detection, relay attacks and monitoring circumvention [49][50][51][52][53]. To mitigate detection attempts, it is of significant importance to enable a dynamic configuration, deployment and management of such systems [54,55]. However, not only technical requirements need to be considered when applying such technologies.…”

Section: Honeypotsmentioning

confidence: 99%

The Dos and Don'ts of Industrial Network Simulation

Antón

Fraunholz

Krummacker

et al. 2018

Proceedings of the 2nd International Symposium on Computer Science and Intelligent Control

Self Cite

View full text Add to dashboard Cite

Advances in industrial control lead to increasing incorporation of intercommunication technologies and embedded devices into the production environment. In addition to that, the rising complexity of automation tasks creates demand for extensive solutions. Standardised protocols and commercial off the shelf devices aid in providing these solutions. Still, setting up industrial communication networks is a tedious and high effort task. This justifies the need for simulation environments in the industrial context, as they provide cost-, resource-and time-efficient evaluation of solution approaches. In this work, industrial use cases are identified and the according requirements are derived. Furthermore, available simulation and emulation tools are analysed. They are mapped onto the requirements of industrial applications, so that an expressive assignment of solutions to application domains is given.

show abstract

Towards Deployment Strategies for Deception Systems

Cited by 9 publications

References 17 publications

Authentication, access, and monitoring system for critical areas with the use of artificial intelligence integrated into perimeter security in a data center

Authentication, access, and monitoring system for critical areas with the use of artificial intelligence integrated into perimeter security in a data center

Evaluation of Machine Learning-based Anomaly Detection Algorithms on an Industrial Modbus/TCP Data Set

The Dos and Don'ts of Industrial Network Simulation

Contact Info

Product

Resources

About