Giacomo Longo , Francesco Lupia , Alessio Merlo , Francesco Pagano , Enrico Russo
{"title":"A data anonymization methodology for security operations centers: Balancing data protection and security in industrial systems","authors":"Giacomo Longo , Francesco Lupia , Alessio Merlo , Francesco Pagano , Enrico Russo","doi":"10.1016/j.ins.2024.121534","DOIUrl":null,"url":null,"abstract":"<div><div>In an era where industrial Security Operations Centers (SOCs) are paramount to enabling cybersecurity, they can unintentionally become enablers of intellectual property theft through the data they analyze and retain. The above issue requires finding solutions to strike a balance between data protection and security. This paper proposes a real-time data anonymization framework designed to operate directly within network devices. Using an extensive case study, our approach demonstrates how valuable intellectual property associated with industrial processes can be protected without compromising the effectiveness of behavioral anomaly detection systems. The methodology is designed to be nonintrusive, reversible, and seamlessly portable on existing security solutions. We evaluated these properties through comprehensive experimental testing, which showed both the method's effectiveness in securing intellectual property and its suitability for continuous real-time operation.</div></div>","PeriodicalId":51063,"journal":{"name":"Information Sciences","volume":"690 ","pages":"Article 121534"},"PeriodicalIF":8.1000,"publicationDate":"2024-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Sciences","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0020025524014488","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"0","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
In an era where industrial Security Operations Centers (SOCs) are paramount to enabling cybersecurity, they can unintentionally become enablers of intellectual property theft through the data they analyze and retain. The above issue requires finding solutions to strike a balance between data protection and security. This paper proposes a real-time data anonymization framework designed to operate directly within network devices. Using an extensive case study, our approach demonstrates how valuable intellectual property associated with industrial processes can be protected without compromising the effectiveness of behavioral anomaly detection systems. The methodology is designed to be nonintrusive, reversible, and seamlessly portable on existing security solutions. We evaluated these properties through comprehensive experimental testing, which showed both the method's effectiveness in securing intellectual property and its suitability for continuous real-time operation.
期刊介绍:
Informatics and Computer Science Intelligent Systems Applications is an esteemed international journal that focuses on publishing original and creative research findings in the field of information sciences. We also feature a limited number of timely tutorial and surveying contributions.
Our journal aims to cater to a diverse audience, including researchers, developers, managers, strategic planners, graduate students, and anyone interested in staying up-to-date with cutting-edge research in information science, knowledge engineering, and intelligent systems. While readers are expected to share a common interest in information science, they come from varying backgrounds such as engineering, mathematics, statistics, physics, computer science, cell biology, molecular biology, management science, cognitive science, neurobiology, behavioral sciences, and biochemistry.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
