Towards Smarter Security Orchestration and Automatic Response for CPS and IoT

Phu Nguyen, Rustem Dautov, Hui Song, Angel Rego, Eider Iturbe, Erkuden Rios, Diego Sagasti, Gonzalo Nicolas, Valeria Valdés, Wissam Mallouli, Ana Cavalli, Nicolas Ferry

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Current security orchestration and response (SOAR) approaches have primarily focused on specific layers of systems, such as Intrusion Detection Systems, the network layer, or the application layer. We aim to find the gaps in the existing SOAR approaches for IoT/CPS-based systems, especially critical infrastructures, and propose some directions to fill in these gaps. This paper presents a literature survey and future research directions for advancing SOAR towards increased automation and more holistic operation, especially for the cyber-physical security of critical infrastructures. We have found 14 primary SOAR studies and discussed the gaps in general. There is a significant gap when it comes to a comprehensive and systematic approach to SOAR for multi-layered systems using IoT/CPS and considering the computing continuum perspective. To address the gap, we present our on-going work on a framework of multi-layer SOAR decision-making methods and orchestration tools that leverage Reinforcement Learning (RL)-based adaptation intelligence, virtual reality, avatar-human interaction and advanced Cyber Threat Intelligence (CTI) tools.

Original languageEnglish
Title of host publicationProceedings - 2023 IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023
PublisherIEEE Computer Society
Pages298-302
Number of pages5
ISBN (Electronic)9798350339826
DOIs
Publication statusPublished - 2023
Event14th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023 - Naples, Italy
Duration: 4 Dec 20236 Dec 2023

Publication series

NameProceedings of the International Conference on Cloud Computing Technology and Science, CloudCom
ISSN (Print)2330-2194
ISSN (Electronic)2330-2186

Conference

Conference14th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023
Country/TerritoryItaly
CityNaples
Period4/12/236/12/23

Keywords

  • CPS
  • CTI
  • IoT
  • Machine Learning
  • Security Orchestration
  • VR

Fingerprint

Dive into the research topics of 'Towards Smarter Security Orchestration and Automatic Response for CPS and IoT'. Together they form a unique fingerprint.

Cite this