Downloaded: 872 times
© 2020 H. Abie | S. Boudko | O. Soceanu | L. Greenberg | A. Shribman | B. Gallego-Nicasio | E. Cambiaso | I. Vaccari | M. Aiello
This chapter presents the FINSEC adaptive and intelligent data collection and analytics system for securing critical financial infrastructure. It enhances the intelligent, resilient, automated, efficient, secure and timely manner security-related data is collected and analysed for securing cyber-physical financial infrastructure and services. Making security data collection and analysis intelligent and capable of quickly spotting, learning from, and addressing zero-day threats is essential to economizing of resources and accessing the right information at the right time. This is achieved through the configuration of configurable collection probes and the adaptation of different collection strategies. The chapter further addresses how, inter alia, (i) the nature and quality of collected data affects the efficiency and accuracy of methods of attack detection and defence, (ii) the detection capability can be improved by correlating wide-ranging data sources and predictive analytics, (iii) the rate of the data collection at the various monitoring probes is tuned by managing the appropriate levels and types of intelligence and adaptability of security monitoring, (iv) the optimization of bandwidth and storage of security information can be achieved by rendering adaptiveness and intelligence and by integrating smart security probes and a set of adaptive strategies and rules, and (v) the increased automation is achieved through a feedback loop of collection, detection and prevention that allows the early detection and prevention of security compromises and consistently makes security analysis more effective.