Use this URL to cite or link to this record in EThOS: http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.690621
Title: Distribution of security information for industrial networks
Author: Scully, Peter M. D.
ISNI:       0000 0004 5914 8560
Awarding Body: Aberystwyth University
Current Institution: Aberystwyth University
Date of Award: 2016
Availability of Full Text:
Access from EThOS:
Access from Institution:
Abstract:
This thesis has made advances in Distributed Self-Healing Security Systems (DSHSS) -- a tool for the future to defend against the problems faced by industrial automation computer networks, such as critical national infrastructure (CNI), Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA), caused by computer malware and cyber attacks (Ch.2). Based on principles of an holistic view of the biological immune system (Ch.3) and recent Artificial Immune System (AIS) research (Ch.4), CARDINAL-Vanilla -- a self-healing and collaborative host-based security architecture has been designed (Ch.5) for application into real-world ICS and SCADA networks. Using a novel evaluation framework for DSHSS (Ch.6) the architecture has been assessed by 'immunisation rate' scores, to measure self-healing performance and resource feasibility, under rigorous virtual and real-world enterprise networks experiment conditions. These empirical studies (Ch.7 and Ch.8) identified that the CARDINAL-Vanilla module dispatch algorithm scores significantly worse than a near-optimal engineered dispatch algorithm; however the performance score difference is not important for a real-life application. In addition, the engineered dispatch algorithm is impossible to apply directly to real-world systems. The dispatch heuristics of CARDINAL-Vanilla are interesting to apply if the mult-agent system architecture's memory overhead can be reduced to and modelled as mathematical approximate equations. A comprehensive theoretical DSHSS architecture (Ch.9) to address the cyber attack problems identified (Ch.2) using a reinforcement classification pipeline, role switching and additional hardware to integrate into industrial networks is proposed as the future theme for DSHSS.
Supervisor: Neal, Mark ; Price, David Ernest Sponsor: EPSRC ; EADS Innovation Works
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.690621  DOI: Not available
Share: