A Passive Network Cyber Threat Intelligence Framework for Legacy Critical Control Systems using Machine Learning
- Savannah River Site (SRS), Aiken, SC (United States). Savannah River National Lab. (SRNL)
The importance of Internet and communication networks in our daily life and in any organization’s daily operations is well known and cannot be overstressed. A nation’s economy is fully reliant on its critical infrastructure. Energy sector is one of the 16 Critical Infrastructure Sectors identified by the Department of Homeland Security. Securing these critical infrastructure sectors is challenging but is also of utmost priority in this day of constant and persistent cyber threats. Threat is any circumstance or event that has the potential to adversely impact an agency's assets and operations. Cyber Threat Intelligence (CTI) is the process of collection, analysis, and identification of potential cyber threats to the organization. This goal of current research performed at the Savannah River National Laboratory (SRNL), Aiken, SC, is to develop a Cyber Threat Intelligence framework for gathering Threat Intelligence passively from the network traffic from and to a real or simulated Critical Control Systems.
- Research Organization:
- Savannah River Site (SRS), Aiken, SC (United States). Savannah River National Lab. (SRNL)
- Sponsoring Organization:
- USDOE Office of Environmental Management (EM)
- DOE Contract Number:
- AC09-08SR22470
- OSTI ID:
- 1547280
- Report Number(s):
- SRNL-STI-2019-00455; TRN: US2100443
- Country of Publication:
- United States
- Language:
- English
Similar Records
DOE/DHS Industrial Control System Cyber Security Programs: A Model for Use in Nuclear Facility Safeguards and Security
Evolution and Trends of Industrial Control System Cyber Incidents since 2017