Scenarios for Process-Aware Insider Attack Detection in Manufacturing

Logo poskytovatele

Varování

Publikace nespadá pod Filozofickou fakultu, ale pod Fakultu informatiky. Oficiální stránka publikace je na webu muni.cz.
Autoři

MACÁK Martin VÁCLAVEK Radek KUŠNIRÁKOVÁ Daša RAIMUNDAS Matulevičius BÜHNOVÁ Barbora

Rok publikování 2022
Druh Článek ve sborníku
Konference Proceedings of the 17th International Conference on Availability, Reliability and Security
Fakulta / Pracoviště MU

Fakulta informatiky

Citace
www https://doi.org/10.1145/3538969.3544449
Doi http://dx.doi.org/10.1145/3538969.3544449
Klíčová slova insider attack; insider detection; process mining; manufacturing
Popis Manufacturing production heavily depends on the processes that need to be followed during manufacturing. As there might be many reasons behind possible deviations from these processes, the deviations can also cover ongoing insider attacks, e.g., intended to perform sabotage or espionage on these infrastructures. Insider attacks can cause tremendous damage to a manufacturing company because an insider knows how to act inconspicuously, making insider attacks very hard to detect. In this paper, we examine the potential of process-mining methods for insider-attack detection in the context of manufacturing, which is a new and promising application context for process-aware methods. To this end, we present five manufacturing-related scenarios of insider threats identified in cooperation with a manufacturing company, where the process mining could be most helpful in the detection of their respective attack events. We describe these scenarios and demonstrate the utilization of process mining in this context, creating ground for further future research.
Související projekty:

Používáte starou verzi internetového prohlížeče. Doporučujeme aktualizovat Váš prohlížeč na nejnovější verzi.