MACÁK, Martin, Radek VÁCLAVEK, Daša KUŠNIRÁKOVÁ, Matulevičius RAIMUNDAS and Barbora BÜHNOVÁ. Scenarios for Process-Aware Insider Attack Detection in Manufacturing. Online. In Proceedings of the 17th International Conference on Availability, Reliability and Security. New York, NY, USA: Association for Computing Machinery, 2022, p. 860-869. ISBN 978-1-4503-9670-7. Available from: https://dx.doi.org/10.1145/3538969.3544449.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name Scenarios for Process-Aware Insider Attack Detection in Manufacturing
Authors MACÁK, Martin (703 Slovakia, guarantor, belonging to the institution), Radek VÁCLAVEK (203 Czech Republic, belonging to the institution), Daša KUŠNIRÁKOVÁ (703 Slovakia, belonging to the institution), Matulevičius RAIMUNDAS (440 Lithuania) and Barbora BÜHNOVÁ (203 Czech Republic, belonging to the institution).
Edition New York, NY, USA, Proceedings of the 17th International Conference on Availability, Reliability and Security, p. 860-869, 10 pp. 2022.
Publisher Association for Computing Machinery
Other information
Original language English
Type of outcome Proceedings paper
Field of Study 10201 Computer sciences, information science, bioinformatics
Confidentiality degree is not subject to a state or trade secret
Publication form electronic version available online
WWW URL
RIV identification code RIV/00216224:14330/22:00126445
Organization unit Faculty of Informatics
ISBN 978-1-4503-9670-7
Doi http://dx.doi.org/10.1145/3538969.3544449
UT WoS 001122620500089
Keywords in English insider attack; insider detection; process mining; manufacturing
Tags International impact, Reviewed
Changed by Changed by: RNDr. Pavel Šmerk, Ph.D., učo 3880. Changed: 13/5/2024 16:40.
Abstract
Manufacturing production heavily depends on the processes that need to be followed during manufacturing. As there might be many reasons behind possible deviations from these processes, the deviations can also cover ongoing insider attacks, e.g., intended to perform sabotage or espionage on these infrastructures. Insider attacks can cause tremendous damage to a manufacturing company because an insider knows how to act inconspicuously, making insider attacks very hard to detect. In this paper, we examine the potential of process-mining methods for insider-attack detection in the context of manufacturing, which is a new and promising application context for process-aware methods. To this end, we present five manufacturing-related scenarios of insider threats identified in cooperation with a manufacturing company, where the process mining could be most helpful in the detection of their respective attack events. We describe these scenarios and demonstrate the utilization of process mining in this context, creating ground for further future research.
Links
CZ.02.1.01/0.0/0.0/16_019/0000822, interní kód MU
(CEP code: EF16_019/0000822)		Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur (Acronym: C4e)
Investor: Ministry of Education, Youth and Sports of the CR, CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence, Priority axis 1: Strengthening capacities for high-quality research
EF16_019/0000822, research and development projectName: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur
PrintDisplayed: 26/8/2024 02:35