Technology evolves quickly. Low-cost and ready-to-connect devices are designed to provide new services and applications. Smart grids or smart healthcare systems are some examples of these applications, all of which are in the context of smart cities. In this total-connectivity scenario, some security issues arise since the larger the number of connected devices is, the greater the surface attack dimension. In this way, new solutions for monitoring and detecting security events are needed to address new challenges brought about by this scenario, among others, the large number of devices to monitor, the large amount of data to manage and the real-time requirement to provide quick security event detection and, consequently, quick response to attacks. In this work, a practical and ready-to-use tool for monitoring and detecting security events in these environments is developed and introduced. The tool is based on the Multivariate Statistical Network Monitoring (MSNM) methodology for monitoring and anomaly detection and we call it MSNM-Sensor. Although it is in its early development stages, experimental results based on the detection of well-known attacks in hierarchical network systems prove the suitability of this tool for more complex scenarios, such as those found in smart cities or IoT ecosystems.
翻译:技术迅速发展; 低成本和随时可以连接的装置设计为提供新的服务和应用程序; 智能电网或智能保健系统是这些应用的一些例子,所有这些都是在智能城市的范围内; 在这种总的连通性假设中,由于连通装置数目越多,就会产生一些安全问题,地面攻击的尺寸越大; 需要新的监测和探测安全事件的解决办法,以应对这种假设带来的新挑战,除其他外,需要监测的装置数量众多,管理的数据数量巨大,以及提供快速安全事件探测和因此对攻击作出快速反应的实时需要; 在这项工作中,开发和引进了监测和探测这些环境中安全事件的实用和现用工具; 该工具以多变统计网络监测(MSNM)的监测和异常探测方法为基础,我们称之为MSNM-传感器。虽然它处于早期发展阶段,但根据对已知的网络系统攻击的探测而得出的实验结果证明,这一工具适合更复杂的假设,例如在智能城市或IT生态系统中发现的那些情况。
相关内容
微信扫码咨询专知VIP会员