Scenarios for Process-Aware Insider Attack Detection in Manufacturing

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F22%3A00126445" target="_blank" >RIV/00216224:14330/22:00126445 - isvavai.cz</a>

Výsledek na webu

<a href="https://doi.org/10.1145/3538969.3544449" target="_blank" >https://doi.org/10.1145/3538969.3544449</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/3538969.3544449" target="_blank" >10.1145/3538969.3544449</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Scenarios for Process-Aware Insider Attack Detection in Manufacturing

Popis výsledku v původním jazyce

Manufacturing production heavily depends on the processes that need to be followed during manufacturing. As there might be many reasons behind possible deviations from these processes, the deviations can also cover ongoing insider attacks, e.g., intended to perform sabotage or espionage on these infrastructures. Insider attacks can cause tremendous damage to a manufacturing company because an insider knows how to act inconspicuously, making insider attacks very hard to detect. In this paper, we examine the potential of process-mining methods for insider-attack detection in the context of manufacturing, which is a new and promising application context for process-aware methods. To this end, we present five manufacturing-related scenarios of insider threats identified in cooperation with a manufacturing company, where the process mining could be most helpful in the detection of their respective attack events. We describe these scenarios and demonstrate the utilization of process mining in this context, creating ground for further future research.

Název v anglickém jazyce

Scenarios for Process-Aware Insider Attack Detection in Manufacturing

Popis výsledku anglicky

Manufacturing production heavily depends on the processes that need to be followed during manufacturing. As there might be many reasons behind possible deviations from these processes, the deviations can also cover ongoing insider attacks, e.g., intended to perform sabotage or espionage on these infrastructures. Insider attacks can cause tremendous damage to a manufacturing company because an insider knows how to act inconspicuously, making insider attacks very hard to detect. In this paper, we examine the potential of process-mining methods for insider-attack detection in the context of manufacturing, which is a new and promising application context for process-aware methods. To this end, we present five manufacturing-related scenarios of insider threats identified in cooperation with a manufacturing company, where the process mining could be most helpful in the detection of their respective attack events. We describe these scenarios and demonstrate the utilization of process mining in this context, creating ground for further future research.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

<a href="/cs/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2022

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 17th International Conference on Availability, Reliability and Security

ISBN

9781450396707

ISSN

—

e-ISSN

—

Počet stran výsledku

10

Strana od-do

860-869

Název nakladatele

Association for Computing Machinery

Místo vydání

New York, NY, USA

Místo konání akce

Vienna, Austria

Datum konání akce

1. 1. 2022

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—