Improving Detection Capabilities in OT Environments Through Multisource Data Sensors
Simola, J., Takala, A., Lehkonen, R., Frantti, T., & Savola, R. (2024). Improving Detection Capabilities in OT Environments Through Multisource Data Sensors. In M. Lehto, & M. Karjalainen (Eds.), Proceedings of the 23rd European Conference on Cyber Warfare and Security (23, pp. 496-505). Academic Conferences International Ltd. Proceedings of the European Conference on Cyber Warfare and Security. https://doi.org/10.34190/eccws.23.1.2339
Julkaistu sarjassa
Proceedings of the European Conference on Cyber Warfare and SecurityPäivämäärä
2024Tekijänoikeudet
© 2024 European Conference on Cyber Warfare and Security
This research focuses on implementing cyber threat detection in OT environments by combining data from IT and OT sensors and logs to enhance SOC's situational awareness. OT environment is challenging to monitor and includes various sensors. We deal with the key concepts and differences of the industrial operating environment, which create challenges compared to the traditional IT environment. This is important because the policies defined at the European level for the NIS2 regulation will affect all member countries. Hostile actors cause security challenges highlighting the importance of critical infrastructure protection. Cyber security solutions have often solely focused on IT threats, but similar investments have yet to be made in response to the challenges of the OT environment. The security solutions of OT operators rely heavily on solutions from the IT side. Here, we delve into whether it is possible to find threats in the IT/OT ecosystem by combining data from the IT and OT sides. All threats are not found by monitoring data separately from IT or OT sources but we identified hidden threats by monitoring and comparing IT and OT data. This paper shows the importance of detecting OT threats. The study proposes how the detection of cyber threat capabilities should be developed.
...
Julkaisija
Academic Conferences International LtdKonferenssi
European Conference on Cyber Warfare and SecurityKuuluu julkaisuun
Proceedings of the 23rd European Conference on Cyber Warfare and SecurityISSN Hae Julkaisufoorumista
2048-8602Asiasanat
Julkaisu tutkimustietojärjestelmässä
https://converis.jyu.fi/converis/portal/detail/Publication/220871965
Metadata
Näytä kaikki kuvailutiedotKokoelmat
Rahoittaja(t)
Rahoitusohjelmat(t)
Lisätietoja rahoituksesta
The research was supported by Business Finland (grant number 10/31/2022) and the University of Jyväskylä.Lisenssi
Samankaltainen aineisto
Näytetään aineistoja, joilla on samankaltainen nimeke tai asiasanat.
-
Validation of Sensor Data Integrity in OT Environments Through Multisource Data Sensors
Simola, Jussi; Takala, Arttu; Lehkonen, Riku; Frantti, Tapio; Savola, Reijo (Academic Conferences International Ltd, 2024)This research paper focuses on detecting cyber threats from the OT environment by combining data from multiple sources. Monitoring cyber security or hybrid threats in an industrial OT environment is difficult due to different ... -
Cyber Situational Awareness in Critical Infrastructure Organizations
Pöyhönen, Jouni; Rajamäki, Jyri; Nuojua, Viivi; Lehto, Martti (Springer, 2021)The capability related to cybersecurity plays an ever-growing role on overall national security and securing the functions vital to society. The national cyber capability is mainly composed by resilience of companies running ... -
Anomaly-based online intrusion detection system as a sensor for cyber security situational awareness system
Kokkonen, Tero (University of Jyväskylä, 2016)Almost all the organisations and even individuals rely on complex structures of data networks and networked computer systems. That complex data ensemble, the cyber domain, provides great opportunities, but at the same ... -
Saving Lives in a Health Crisis Through the National Cyber Threat Prevention Mechanism Case COVID-19
Simola, Jussi (Springer, 2022)Today’s ongoing coronavirus pandemic has shown that our overall public security mechanism in Finland requires a more coherent system that combines different types of sensors with artificial intelligence-based systems. ... -
The Impact of Operational Technology Requirements in Maritime Industries
Simola, Jussi; Paavola, Jarkko; Satopää, Piia; Vanharanta, Jani (Academic Conferences International Ltd, 2024)The maritime ecosystem and industry require more efficient and coordinated cybersecurity governance. No common cybersecurity mechanism in the maritime sector may steer the whole supply chain management, for example, in the ...
Ellei toisin mainittu, julkisesti saatavilla olevia JYX-metatietoja (poislukien tiivistelmät) saa vapaasti uudelleenkäyttää CC0-lisenssillä.