Authors:
Christian Callegari
1
;
Alessandro Cantelli Forti
1
;
Giuseppe D'Amore
2
;
Enrique de la Hoz
3
;
David Echarri Santamaria
4
;
Ivan García-Ferreira
4
and
German López-Civera
3
Affiliations:
1
RaSS National Laboratory and CNIT, Italy
;
2
Vitrociset S.p.A., Italy
;
3
University of Alcala, Spain
;
4
Oesia Network, Spain
Keyword(s):
Critical Infrastructure, Intrusion Detection System, Intrusion Prevention System, Honeynet, Firewall.
Abstract:
The disruption of communications in critical infrastructures could have a serious impact on the health, safety, security or economic well-being of citizens or even prevent the effective functioning of governments or other agencies. For this reason, in this paper we present a distributed architecture, named CYBERSENS, aimed at preventing, early detecting, and mitigating cyber attacks to critical infrastructure networks. CYBERSENS is an advanced IDS/IPS system specially tailored for securing communications in critical infrastructures. It’s federated architecture, the combination of misuse detection techniques and novel anomaly detection approaches, and the inclusion of mechanisms for self-obfuscation and self-protection, makes our proposal specially suit- able for these scenarios.