Improving Detection Capabilities in OT Environments Through Multisource Data Sensors
| dc.contributor.author | Simola, Jussi | |
| dc.contributor.author | Takala, Arttu | |
| dc.contributor.author | Lehkonen, Riku | |
| dc.contributor.author | Frantti, Tapio | |
| dc.contributor.author | Savola, Reijo | |
| dc.contributor.editor | Lehto, Martti | |
| dc.contributor.editor | Karjalainen, Mika | |
| dc.date.accessioned | 2024-06-27T12:12:13Z | |
| dc.date.available | 2024-06-27T12:12:13Z | |
| dc.date.issued | 2024 | |
| dc.identifier.citation | Simola, J., Takala, A., Lehkonen, R., Frantti, T., & Savola, R. (2024). Improving Detection Capabilities in OT Environments Through Multisource Data Sensors. In M. Lehto, & M. Karjalainen (Eds.), <i>Proceedings of the 23rd European Conference on Cyber Warfare and Security</i> (23, pp. 496-505). Academic Conferences International Ltd. Proceedings of the European Conference on Cyber Warfare and Security. <a href="https://doi.org/10.34190/eccws.23.1.2339" target="_blank">https://doi.org/10.34190/eccws.23.1.2339</a> | |
| dc.identifier.other | CONVID_220871965 | |
| dc.identifier.uri | https://jyx.jyu.fi/handle/123456789/96196 | |
| dc.description.abstract | This research focuses on implementing cyber threat detection in OT environments by combining data from IT and OT sensors and logs to enhance SOC's situational awareness. OT environment is challenging to monitor and includes various sensors. We deal with the key concepts and differences of the industrial operating environment, which create challenges compared to the traditional IT environment. This is important because the policies defined at the European level for the NIS2 regulation will affect all member countries. Hostile actors cause security challenges highlighting the importance of critical infrastructure protection. Cyber security solutions have often solely focused on IT threats, but similar investments have yet to be made in response to the challenges of the OT environment. The security solutions of OT operators rely heavily on solutions from the IT side. Here, we delve into whether it is possible to find threats in the IT/OT ecosystem by combining data from the IT and OT sides. All threats are not found by monitoring data separately from IT or OT sources but we identified hidden threats by monitoring and comparing IT and OT data. This paper shows the importance of detecting OT threats. The study proposes how the detection of cyber threat capabilities should be developed. | en |
| dc.format.mimetype | application/pdf | |
| dc.language.iso | eng | |
| dc.publisher | Academic Conferences International Ltd | |
| dc.relation.ispartof | Proceedings of the 23rd European Conference on Cyber Warfare and Security | |
| dc.relation.ispartofseries | Proceedings of the European Conference on Cyber Warfare and Security | |
| dc.rights | CC BY-NC-ND 4.0 | |
| dc.subject.other | operational technology | |
| dc.subject.other | testbed | |
| dc.subject.other | security operations center | |
| dc.subject.other | threat detection | |
| dc.subject.other | situational awareness | |
| dc.title | Improving Detection Capabilities in OT Environments Through Multisource Data Sensors | |
| dc.type | conferenceObject | |
| dc.identifier.urn | URN:NBN:fi:jyu-202406275038 | |
| dc.contributor.laitos | Informaatioteknologian tiedekunta | fi |
| dc.contributor.laitos | Faculty of Information Technology | en |
| dc.type.uri | http://purl.org/eprint/type/ConferencePaper | |
| dc.type.coar | http://purl.org/coar/resource_type/c_5794 | |
| dc.description.reviewstatus | peerReviewed | |
| dc.format.pagerange | 496-505 | |
| dc.relation.issn | 2048-8602 | |
| dc.relation.numberinseries | 1 | |
| dc.relation.volume | 23 | |
| dc.type.version | publishedVersion | |
| dc.rights.copyright | © 2024 European Conference on Cyber Warfare and Security | |
| dc.rights.accesslevel | openAccess | fi |
| dc.relation.conference | European Conference on Cyber Warfare and Security | |
| dc.relation.grantnumber | 10/31/2022 | |
| dc.subject.yso | kyberturvallisuus | |
| dc.subject.yso | turvallisuus | |
| dc.subject.yso | uhkakuvat | |
| dc.subject.yso | tilannekuva | |
| dc.format.content | fulltext | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p26189 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p7349 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p10844 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p25187 | |
| dc.rights.url | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
| dc.relation.doi | 10.34190/eccws.23.1.2339 | |
| dc.relation.funder | Business Finland | en |
| dc.relation.funder | Business Finland | fi |
| jyx.fundingprogram | Co-Innovation, BF | en |
| jyx.fundingprogram | Co-Innovation, BF | fi |
| jyx.fundinginformation | The research was supported by Business Finland (grant number 10/31/2022) and the University of Jyväskylä. | |
| dc.type.okm | A4 |
Aineistoon kuuluvat tiedostot
Aineisto kuuluu seuraaviin kokoelmiin
Ellei muuten mainita, aineiston lisenssi on CC BY-NC-ND 4.0