TY - GEN
T1 - Mobile agent based security monitoring and analysis for the electric power infrastructure
AU - David, Michael W.
AU - Sakurai, Kouichi
PY - 2003
Y1 - 2003
N2 - This paper proposes a concept designed to support the US Computer Emergency Response Team (US-CERT) and the National Infrastructure Protection Center's (NIPC) Indications, Analysis & Warning (IAW) program. It recommends methodologies and an infrastructure to enhance the reporting of cyber incidents affecting critical network infrastructure (CM) like electric power. It is not designed to deal with the physical power generation and transmission infrastructure, but the security and integrity of the information/data networks, which helps control, monitor and manage it. Our approach is to use distributed mobile agents to integrate security policy, intrusion prevention, intrusion detection and attack/failure analysis activities into a mutually supporting infrastructure. We tentatively call this a Critical Network Infrastructure Analysis Center (CNIAC), and suggest one for the Information Sharing and Analysis Center (ISAC) for the electric power grid, the North American Reliability Council (NERC) and its interface with the regional Independent Systems Operators (ISO) and Regional Transmission Organizations (RTO). We propose an electric power mobile agent system (EPMAS) be designed to support secure communications interface, update security policy, collect and audit IDS related data and provide status reports.
AB - This paper proposes a concept designed to support the US Computer Emergency Response Team (US-CERT) and the National Infrastructure Protection Center's (NIPC) Indications, Analysis & Warning (IAW) program. It recommends methodologies and an infrastructure to enhance the reporting of cyber incidents affecting critical network infrastructure (CM) like electric power. It is not designed to deal with the physical power generation and transmission infrastructure, but the security and integrity of the information/data networks, which helps control, monitor and manage it. Our approach is to use distributed mobile agents to integrate security policy, intrusion prevention, intrusion detection and attack/failure analysis activities into a mutually supporting infrastructure. We tentatively call this a Critical Network Infrastructure Analysis Center (CNIAC), and suggest one for the Information Sharing and Analysis Center (ISAC) for the electric power grid, the North American Reliability Council (NERC) and its interface with the regional Independent Systems Operators (ISO) and Regional Transmission Organizations (RTO). We propose an electric power mobile agent system (EPMAS) be designed to support secure communications interface, update security policy, collect and audit IDS related data and provide status reports.
UR - http://www.scopus.com/inward/record.url?scp=2642525256&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=2642525256&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:2642525256
SN - 0889864020
SN - 9780889864023
T3 - Proceedings of the IASTED International Conference on Communication, Network, and Information Security
SP - 159
EP - 164
BT - Proceedings of the IASTED International Conference on Communication, Network, and Information Security
A2 - Hamza, M.H.
T2 - Proceedings of the IASTED International Conference on Communication, Network, an d Information Security
Y2 - 10 December 2003 through 12 December 2003
ER -