Information systems, i.e., the set of hardware and software tools that organizations use to collect and process data, are critical elements in any developed economy. Due to the intrinsic value of the information stored, government agencies and corporations alike are constantly on alert to heighten their infrastructure and data security due to threats from hackers and cyberterrorists. Information security (InfoSec) then aims at keeping information confidential, available, and at assuring its integrity, usually by detecting and preventing intrusions by external entities. However, protecting large-scale information systems is an increasingly difficult challenge; not only do attackers tend to be technically more sophisticated but they also show a higher degree of collaboration amongst themselves. Both factors concur in producing attacks, which are often of a previously unknown nature. Ensuring resilience against unpredictable, potentially high impact events forces organizations into allocating huge amounts of resources. Here, we propose that, in analogy with studies of functionally non-local complex systems, representing information systems as functional networks may help detecting and classifying patterns associated with different families of attacks, and constructing proactive defense systems capable of detecting intrusion of previously unknown characteristics. As a prototypical example, we compare InfoSec with the study of functional brain networks, a field that has received increasing attention in the last decade, and that presents similar challenges (i.e., the identification of “normal” and “pathological” conditions).

Studying attacks to information systems using functional networks

Papo D.
2015

Abstract

Information systems, i.e., the set of hardware and software tools that organizations use to collect and process data, are critical elements in any developed economy. Due to the intrinsic value of the information stored, government agencies and corporations alike are constantly on alert to heighten their infrastructure and data security due to threats from hackers and cyberterrorists. Information security (InfoSec) then aims at keeping information confidential, available, and at assuring its integrity, usually by detecting and preventing intrusions by external entities. However, protecting large-scale information systems is an increasingly difficult challenge; not only do attackers tend to be technically more sophisticated but they also show a higher degree of collaboration amongst themselves. Both factors concur in producing attacks, which are often of a previously unknown nature. Ensuring resilience against unpredictable, potentially high impact events forces organizations into allocating huge amounts of resources. Here, we propose that, in analogy with studies of functionally non-local complex systems, representing information systems as functional networks may help detecting and classifying patterns associated with different families of attacks, and constructing proactive defense systems capable of detecting intrusion of previously unknown characteristics. As a prototypical example, we compare InfoSec with the study of functional brain networks, a field that has received increasing attention in the last decade, and that presents similar challenges (i.e., the identification of “normal” and “pathological” conditions).
2015
Zanin, M.; Papo, D.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in SFERA sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11392/2483622
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? ND
social impact