Scenarios for Process-Aware Insider Attack Detection in Manufacturing
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F22%3A00126445" target="_blank" >RIV/00216224:14330/22:00126445 - isvavai.cz</a>
Result on the web
<a href="https://doi.org/10.1145/3538969.3544449" target="_blank" >https://doi.org/10.1145/3538969.3544449</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1145/3538969.3544449" target="_blank" >10.1145/3538969.3544449</a>
Alternative languages
Result language
angličtina
Original language name
Scenarios for Process-Aware Insider Attack Detection in Manufacturing
Original language description
Manufacturing production heavily depends on the processes that need to be followed during manufacturing. As there might be many reasons behind possible deviations from these processes, the deviations can also cover ongoing insider attacks, e.g., intended to perform sabotage or espionage on these infrastructures. Insider attacks can cause tremendous damage to a manufacturing company because an insider knows how to act inconspicuously, making insider attacks very hard to detect. In this paper, we examine the potential of process-mining methods for insider-attack detection in the context of manufacturing, which is a new and promising application context for process-aware methods. To this end, we present five manufacturing-related scenarios of insider threats identified in cooperation with a manufacturing company, where the process mining could be most helpful in the detection of their respective attack events. We describe these scenarios and demonstrate the utilization of process mining in this context, creating ground for further future research.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
<a href="/en/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach
Others
Publication year
2022
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
Proceedings of the 17th International Conference on Availability, Reliability and Security
ISBN
9781450396707
ISSN
—
e-ISSN
—
Number of pages
10
Pages from-to
860-869
Publisher name
Association for Computing Machinery
Place of publication
New York, NY, USA
Event location
Vienna, Austria
Event date
Jan 1, 2022
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
—