Abstract
This paper refers to research activities related to SAFEGUARD project (IST Project Number: IST-2001-32685). The aims of the project is to examine LCCI’s in terms of nature of different facets in each infrastructure: organizational, computational (cyber) and physical layers. Critical inter-dependencies among layers can thus be analyzed. Possible impact of bad events, early classified in attack scenarios with and without SAFEGUARD, will be coped with countermeasures to maintain at acceptable level system’s operability. SAFEGUARD, an agent-based middleware, is conceived to operate embedded inside of the cyber-layers, the more sensitive part to malicious attacks and anomalies, and is designed to enhance dependability and survivability of a LCCI. Self-healing mechanism of SAFEGUARD agents will start with the trouble diagnosis and classification using Hybrid Intrusion Detection techniques (software instrumentation, novelty detection, etc.). Once the problem has been diagnosed, a number of techniques will be used to solve and repair the fault (i.e.: adaptive middleware technology, backup, hot standby and so on). More self-healing mechanisms will have to be combined and coordinated to with an attempt to deal with the source of the problem.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Anderson, D., Lunt, T.F., Javitz, H., Tamaru, A., Valdes, A.: ‘Detecting Unusual Program Behaviour Using the Statistical Component of the Next-generation Intrusion Detection Expert System (NIDES) SRI International technical report, SRI-CSL-95-06 (May 1995)
Balasubramaniyan, J.S., Garcia-Fernandez, J.O., Isacoff, D., Spafford, E., Zamboni, D.: An Architecture for Intrusion Detection using Autonomous Agents, COAST Technical Report 98/ 05, June 11 (1998)
Neumann, P.G.: Practical Architectures for Survivable Systems and Networks, SRI Report (2000)
Stillerman, M., Marceau, C., Stillman, M.: Intrusion Detection Distributed. Communications of the ACM 42(7) (July 1999)
Wood, A.J., Wollenberg, B.F.: Power Generation, Operation and Control, 2nd edn. John Wiley & Sons, Inc., New York (1996)
Thompson, B.B., Marks II, R.J., Choi, J.J., El-Sharkawi, M.A., Huang, M.Y., Bunje, C.: Implicit Learning in Autoencoder Novelty Asssement. In: Proceedings of the 2002 International Joint Conference on Neural Networks, 2002 IEEE World Congress on Computational Intelligence, Honolulu, May 12-17, pp. 2878–2883 (2002)
Aamodt, A., Plaza, E.: Case Based Reasoning: Fundamental Issues, Methodological Variation, and System Approaches. AI Communications 7(1), 39–59 (1994)
Wettschereck, D., Aha, D.W.: Weighting features. In: Proceedings of the First International Conference on Case-Based Reasoning, Lisbon, Portugal, pp. 347–358. Springer, Heidelberg (1995)
Lowe, D.G.: Similarity metric learning for a variable-kernel classifier. Neural Computation 7, 72–85 (1995)
Ricci, F., Avesani, P.: Learning an asymmetric and anisotropic similarity metric for Case-Based Reasoning. AI Review: Special Issue on Lazy Learning (April 1995)
Balducelli, C., Brusoni, F.: A CBR tool to simulate diagnostic Case-Based operator models. In: Proceedings of ESS96 European Simulation Symposium and Exhibition, Genoa, Italy, October 24–26 (1996)
Witten, H., Frank, E.: Data Mining. Morgan Kaufmann Publishers, San Francisco (2000)
Weka Data Miner, http://www.cs.waikato.ac.nz/ml/weka
Holte, R.C.: Very simple classification rules perform well on most data commonly used datasets. Machine Learning 11, 63–91 (1993)
Quinlan, J.R.: Programs for Machine Learning. Morgan Kaufmann, San Francisco (1993)
Langley, P., Sage, S.: Induction on selective Bayesian classifiers. In: Proc. of 10th Conference on Uncertainty in Artificial Intelligence, Seattle, WA USA, pp. 399–406. Morgan Kauffmann, San Francisco (1994)
Heckermann, D., Geiger, D., Chickering, D.M.: Learning Bayesian Networks: The combination of Knowledge and statistical data. Machine Learning 20(3), 197–243 (1995)
Aha, D.: Tolerating noisy, irrelevant and novel attributes in instance-based learning algorithms. International Journal of Man-Machine Studies 36(2), 267–287 (1992)
Wolpert, D.H.: Stacked Generalization. Neural Networks 5, 241–259 (1992)
Hertz, J., Krogh, A., Palmer, R.G.: Introduction to the theory of Neural Computation. Addison-Wesley Publishing Company, Reading (1991)
Carpenter, G., Grossberg, S., Reynolds, J.: ARTMAP: Supervised Real-Time Learning and Classification of Nonstationary Date by a Self-Organizing Neural Network. Neural Networks 4, 565 (1991), Lars Liden, ftp://cns-ftp.bu.edu/pub/ART_GALLERY/Unix/unix_gal.tar, laliden@cns.bu.edu
Tveter, D.R., http://www.mcs.com/~drt/home.html , drt@mcs.com
Schneier, B.: Attack Trees: Modeling Security Threats. Dr. Dobb’s Journal (December 1999) ISSN 1044-789X
Bigham, J., Gamez, D., Lu, N.: Safeguarding SCADA Systems with Anomaly Detection Department of Electronic Engineering, Queen Mary, University of London, London, E1 4NS, UK
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bologna, S., Balducelli, C., Dipoppa, G., Vicoli, G. (2003). Dependability and Survivability of Large Complex Critical Infrastructures. In: Anderson, S., Felici, M., Littlewood, B. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2003. Lecture Notes in Computer Science, vol 2788. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39878-3_27
Download citation
DOI: https://doi.org/10.1007/978-3-540-39878-3_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20126-7
Online ISBN: 978-3-540-39878-3
eBook Packages: Springer Book Archive