Towards Smarter Security Orchestration and Automatic Response for CPS and IoT

Phu Nguyen; Rustem Dautov; Hui Song; Angel Rego; Eider Iturbe; Erkuden Rios; Diego Sagasti; Gonzalo Nicolas; Valeria Valdés; Wissam Mallouli; Ana Cavalli; Nicolas Ferry

doi:10.1109/CloudCom59040.2023.00055

Towards Smarter Security Orchestration and Automatic Response for CPS and IoT

Phu Nguyen^*
, Rustem Dautov
, Hui Song
, Angel Rego
, Eider Iturbe
, Erkuden Rios
, Diego Sagasti
, Gonzalo Nicolas
, Valeria Valdés
, Wissam Mallouli
, Ana Cavalli
, Nicolas Ferry

^*Autor correspondiente de este trabajo

SINTEF
MONTIMAGE EURL
Université Côte d'Azur

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución a la conferencia › revisión exhaustiva

5 Citas (Scopus)

Resumen

Current security orchestration and response (SOAR) approaches have primarily focused on specific layers of systems, such as Intrusion Detection Systems, the network layer, or the application layer. We aim to find the gaps in the existing SOAR approaches for IoT/CPS-based systems, especially critical infrastructures, and propose some directions to fill in these gaps. This paper presents a literature survey and future research directions for advancing SOAR towards increased automation and more holistic operation, especially for the cyber-physical security of critical infrastructures. We have found 14 primary SOAR studies and discussed the gaps in general. There is a significant gap when it comes to a comprehensive and systematic approach to SOAR for multi-layered systems using IoT/CPS and considering the computing continuum perspective. To address the gap, we present our on-going work on a framework of multi-layer SOAR decision-making methods and orchestration tools that leverage Reinforcement Learning (RL)-based adaptation intelligence, virtual reality, avatar-human interaction and advanced Cyber Threat Intelligence (CTI) tools.

Idioma original	Inglés
Título de la publicación alojada	Proceedings - 2023 IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023
Editorial	IEEE Computer Society
Páginas	298-302
Número de páginas	5
ISBN (versión digital)	9798350339826
DOI	https://doi.org/10.1109/CloudCom59040.2023.00055
Estado	Publicada - 2023
Evento	14th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023 - Naples, Italia Duración: 4 dic 2023 → 6 dic 2023

Serie de la publicación

Nombre	Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom
ISSN (versión impresa)	2330-2194
ISSN (versión digital)	2330-2186

Conferencia

Conferencia	14th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023
País/Territorio	Italia
Ciudad	Naples
Período	4/12/23 → 6/12/23

Acceder al documento

10.1109/CloudCom59040.2023.00055

Otros archivos y enlaces

Enlace a la publicación en Scopus

Citar esto

Nguyen, P., Dautov, R., Song, H., Rego, A., Iturbe, E., Rios, E., Sagasti, D., Nicolas, G., Valdés, V., Mallouli, W., Cavalli, A., & Ferry, N. (2023). Towards Smarter Security Orchestration and Automatic Response for CPS and IoT. En Proceedings - 2023 IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023 (pp. 298-302). (Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom). IEEE Computer Society. https://doi.org/10.1109/CloudCom59040.2023.00055

Nguyen, Phu ; Dautov, Rustem ; Song, Hui et al. / Towards Smarter Security Orchestration and Automatic Response for CPS and IoT. Proceedings - 2023 IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023. IEEE Computer Society, 2023. pp. 298-302 (Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom).

@inproceedings{9dbc495c247c4035bc48a2ec07473d87,

title = "Towards Smarter Security Orchestration and Automatic Response for CPS and IoT",

abstract = "Current security orchestration and response (SOAR) approaches have primarily focused on specific layers of systems, such as Intrusion Detection Systems, the network layer, or the application layer. We aim to find the gaps in the existing SOAR approaches for IoT/CPS-based systems, especially critical infrastructures, and propose some directions to fill in these gaps. This paper presents a literature survey and future research directions for advancing SOAR towards increased automation and more holistic operation, especially for the cyber-physical security of critical infrastructures. We have found 14 primary SOAR studies and discussed the gaps in general. There is a significant gap when it comes to a comprehensive and systematic approach to SOAR for multi-layered systems using IoT/CPS and considering the computing continuum perspective. To address the gap, we present our on-going work on a framework of multi-layer SOAR decision-making methods and orchestration tools that leverage Reinforcement Learning (RL)-based adaptation intelligence, virtual reality, avatar-human interaction and advanced Cyber Threat Intelligence (CTI) tools.",

keywords = "CPS, CTI, IoT, Machine Learning, Security Orchestration, VR",

author = "Phu Nguyen and Rustem Dautov and Hui Song and Angel Rego and Eider Iturbe and Erkuden Rios and Diego Sagasti and Gonzalo Nicolas and Valeria Vald{\'e}s and Wissam Mallouli and Ana Cavalli and Nicolas Ferry",

note = "Publisher Copyright: {\textcopyright} 2023 IEEE.; 14th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023 ; Conference date: 04-12-2023 Through 06-12-2023",

year = "2023",

doi = "10.1109/CloudCom59040.2023.00055",

language = "English",

series = "Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom",

publisher = "IEEE Computer Society",

pages = "298--302",

booktitle = "Proceedings - 2023 IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023",

address = "United States",

}

Nguyen, P, Dautov, R, Song, H, Rego, A , Iturbe, E , Rios, E , Sagasti, D , Nicolas, G, Valdés, V, Mallouli, W, Cavalli, A & Ferry, N 2023, Towards Smarter Security Orchestration and Automatic Response for CPS and IoT. En Proceedings - 2023 IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023. Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom, IEEE Computer Society, pp. 298-302, 14th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023, Naples, Italia, 4/12/23. https://doi.org/10.1109/CloudCom59040.2023.00055

Towards Smarter Security Orchestration and Automatic Response for CPS and IoT. / Nguyen, Phu; Dautov, Rustem; Song, Hui et al.
Proceedings - 2023 IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023. IEEE Computer Society, 2023. p. 298-302 (Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom).

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución a la conferencia › revisión exhaustiva

TY - GEN

T1 - Towards Smarter Security Orchestration and Automatic Response for CPS and IoT

AU - Nguyen, Phu

AU - Dautov, Rustem

AU - Song, Hui

AU - Rego, Angel

AU - Iturbe, Eider

AU - Rios, Erkuden

AU - Sagasti, Diego

AU - Nicolas, Gonzalo

AU - Valdés, Valeria

AU - Mallouli, Wissam

AU - Cavalli, Ana

AU - Ferry, Nicolas

PY - 2023

Y1 - 2023

N2 - Current security orchestration and response (SOAR) approaches have primarily focused on specific layers of systems, such as Intrusion Detection Systems, the network layer, or the application layer. We aim to find the gaps in the existing SOAR approaches for IoT/CPS-based systems, especially critical infrastructures, and propose some directions to fill in these gaps. This paper presents a literature survey and future research directions for advancing SOAR towards increased automation and more holistic operation, especially for the cyber-physical security of critical infrastructures. We have found 14 primary SOAR studies and discussed the gaps in general. There is a significant gap when it comes to a comprehensive and systematic approach to SOAR for multi-layered systems using IoT/CPS and considering the computing continuum perspective. To address the gap, we present our on-going work on a framework of multi-layer SOAR decision-making methods and orchestration tools that leverage Reinforcement Learning (RL)-based adaptation intelligence, virtual reality, avatar-human interaction and advanced Cyber Threat Intelligence (CTI) tools.

AB - Current security orchestration and response (SOAR) approaches have primarily focused on specific layers of systems, such as Intrusion Detection Systems, the network layer, or the application layer. We aim to find the gaps in the existing SOAR approaches for IoT/CPS-based systems, especially critical infrastructures, and propose some directions to fill in these gaps. This paper presents a literature survey and future research directions for advancing SOAR towards increased automation and more holistic operation, especially for the cyber-physical security of critical infrastructures. We have found 14 primary SOAR studies and discussed the gaps in general. There is a significant gap when it comes to a comprehensive and systematic approach to SOAR for multi-layered systems using IoT/CPS and considering the computing continuum perspective. To address the gap, we present our on-going work on a framework of multi-layer SOAR decision-making methods and orchestration tools that leverage Reinforcement Learning (RL)-based adaptation intelligence, virtual reality, avatar-human interaction and advanced Cyber Threat Intelligence (CTI) tools.

KW - CPS

KW - CTI

KW - IoT

KW - Machine Learning

KW - Security Orchestration

KW - VR

UR - https://www.scopus.com/pages/publications/85189630699

U2 - 10.1109/CloudCom59040.2023.00055

DO - 10.1109/CloudCom59040.2023.00055

M3 - Conference contribution

AN - SCOPUS:85189630699

T3 - Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom

SP - 298

EP - 302

BT - Proceedings - 2023 IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023

PB - IEEE Computer Society

T2 - 14th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023

Y2 - 4 December 2023 through 6 December 2023

ER -

Nguyen P, Dautov R, Song H, Rego A , Iturbe E , Rios E et al. Towards Smarter Security Orchestration and Automatic Response for CPS and IoT. En Proceedings - 2023 IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2023. IEEE Computer Society. 2023. p. 298-302. (Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom). doi: 10.1109/CloudCom59040.2023.00055

Towards Smarter Security Orchestration and Automatic Response for CPS and IoT

Resumen

Serie de la publicación

Conferencia

Acceder al documento

Otros archivos y enlaces

Huella

Citar esto