Using an Event Data Taxonomy to Represent the Impact of Cyber Events as Geometrical Instances

Gustavo Gonzalez-Granadillo; Jose Rubio-Hernan; Joaquin Garcia-Alfaro

doi:10.1109/ACCESS.2017.2740402

Using an Event Data Taxonomy to Represent the Impact of Cyber Events as Geometrical Instances

Gustavo Gonzalez-Granadillo, Jose Rubio-Hernan, Joaquin Garcia-Alfaro

Research output: Contribution to journal › Article › peer-review

Abstract

Visualization and simulation models used for the evaluation and selection of security countermeasures need accurate data to compute the impact of cyber events (e.g., malicious and benign actions). The information required to build appropriate impact models depends directly on the nature of the system. The information dealt by water supply systems, for instance, is particularly different from the information obtained by energy, telecommunication, transportation, or finance systems. It is, therefore, important to properly classify the data of security events according to the nature of the system. This paper proposes an event data taxonomy based on the system's criticality, the geographical location of the target, the time at which the information is obtained by the attacker, and the nature of the data. A use case on the impact assessment of events originated in a critical infrastructure is presented to show the applicability of the proposed taxonomy.

Original language	English
Pages (from-to)	8810-8828
Number of pages	19
Journal	IEEE Access
Volume	6
DOIs	https://doi.org/10.1109/ACCESS.2017.2740402
Publication status	Published - 24 Aug 2017
Externally published	Yes

Keywords

Security
critical infrastructures
data visualization
detection algorithms
event data taxonomies
event detection
geometrical models
impact assessment
security events

Access to Document

10.1109/ACCESS.2017.2740402

Cite this

@article{b48423ac4f1049b2b0d953fdce5a2969,

title = "Using an Event Data Taxonomy to Represent the Impact of Cyber Events as Geometrical Instances",

abstract = "Visualization and simulation models used for the evaluation and selection of security countermeasures need accurate data to compute the impact of cyber events (e.g., malicious and benign actions). The information required to build appropriate impact models depends directly on the nature of the system. The information dealt by water supply systems, for instance, is particularly different from the information obtained by energy, telecommunication, transportation, or finance systems. It is, therefore, important to properly classify the data of security events according to the nature of the system. This paper proposes an event data taxonomy based on the system's criticality, the geographical location of the target, the time at which the information is obtained by the attacker, and the nature of the data. A use case on the impact assessment of events originated in a critical infrastructure is presented to show the applicability of the proposed taxonomy.",

keywords = "Security, critical infrastructures, data visualization, detection algorithms, event data taxonomies, event detection, geometrical models, impact assessment, security events",

author = "Gustavo Gonzalez-Granadillo and Jose Rubio-Hernan and Joaquin Garcia-Alfaro",

note = "Publisher Copyright: {\textcopyright} 2013 IEEE.",

year = "2017",

month = aug,

day = "24",

doi = "10.1109/ACCESS.2017.2740402",

language = "English",

volume = "6",

pages = "8810--8828",

journal = "IEEE Access",

issn = "2169-3536",

}

TY - JOUR

T1 - Using an Event Data Taxonomy to Represent the Impact of Cyber Events as Geometrical Instances

AU - Gonzalez-Granadillo, Gustavo

AU - Rubio-Hernan, Jose

AU - Garcia-Alfaro, Joaquin

PY - 2017/8/24

Y1 - 2017/8/24

N2 - Visualization and simulation models used for the evaluation and selection of security countermeasures need accurate data to compute the impact of cyber events (e.g., malicious and benign actions). The information required to build appropriate impact models depends directly on the nature of the system. The information dealt by water supply systems, for instance, is particularly different from the information obtained by energy, telecommunication, transportation, or finance systems. It is, therefore, important to properly classify the data of security events according to the nature of the system. This paper proposes an event data taxonomy based on the system's criticality, the geographical location of the target, the time at which the information is obtained by the attacker, and the nature of the data. A use case on the impact assessment of events originated in a critical infrastructure is presented to show the applicability of the proposed taxonomy.

AB - Visualization and simulation models used for the evaluation and selection of security countermeasures need accurate data to compute the impact of cyber events (e.g., malicious and benign actions). The information required to build appropriate impact models depends directly on the nature of the system. The information dealt by water supply systems, for instance, is particularly different from the information obtained by energy, telecommunication, transportation, or finance systems. It is, therefore, important to properly classify the data of security events according to the nature of the system. This paper proposes an event data taxonomy based on the system's criticality, the geographical location of the target, the time at which the information is obtained by the attacker, and the nature of the data. A use case on the impact assessment of events originated in a critical infrastructure is presented to show the applicability of the proposed taxonomy.

KW - Security

KW - critical infrastructures

KW - data visualization

KW - detection algorithms

KW - event data taxonomies

KW - event detection

KW - geometrical models

KW - impact assessment

KW - security events

U2 - 10.1109/ACCESS.2017.2740402

DO - 10.1109/ACCESS.2017.2740402

M3 - Article

AN - SCOPUS:85028724258

SN - 2169-3536

VL - 6

SP - 8810

EP - 8828

JO - IEEE Access

JF - IEEE Access

ER -

Using an Event Data Taxonomy to Represent the Impact of Cyber Events as Geometrical Instances

Abstract

Keywords

Access to Document

Fingerprint

Cite this