Operational Support for Critical Infrastructure Security

With the level of cyber-attacks increasing in volume and sophistication, the need for improved counter measures is growing. The repercussions of a successful attack on a critical infrastructure would result in a paralysing impact on the economy and the general population as a whole. For that reason, the framework proposed in our previous work details the use of a system for supporting security. Our aim is to provide support through collecting data from multiple sources of information. In doing so, our objective is to develop a more detailed overview of the operations inside critical infrastructures. Using this approach, we identify attacks taking place by uncovering changes in patterns of expected behaviour. The work is being done as part of the research being carried out at LJMU PROTECT Centre. This paper presents an overview of our system design and details how it would provide additional support through greater defence in depth. Related research into how critical infrastructures are currently protected, and our development and progress are also discussed.